Dearth of security pros may be boon for homegrown firms

A shortage of cybersecurity talent in India and the rest of the world could come as a boon for smaller firms based in countries like India. Enterprises in India have been facing a catch-22 situation, as cybersecurity talent is in short supply in the country, but the number of cyber attacks have been hitting new highs owing to rapid digital transformation post the pandemic. This, according to experts, could lead to increased business for smaller firms.

According to Prateek Bhajanka, senior principal research analyst at Gartner, cybersecurity talent shortage is a perennial challenge in India and worldwide. As mid-sized and small organizations don’t have dedicated cybersecurity teams and leaders, they are more likely to engage with security services or security consulting firms to strengthen their security posture.

“These organizations would also consider taking the service model as opposed to buying a security product and managing it themselves,” he said. “Capabilities like vulnerability management, detection and response, and security operations centres are commonly consumed using service models from security services firms,” he added.

According to a report on the future of cybersecurity in Asia Pacific and Japan, published on March 14, by security firm Sophos, most organizations are struggling to recruit the right talent. 60% of the survey’s respondents said that professionals with the right skills aren’t available. The report also said that 60% of mid-sized organizations in India were victims of cyberattacks in 2021.

Further, smaller organizations in India are also struggling to keep up with the spate of cyberattacks. In Sophos’ report, the company said that 19% of companies with employee strengths between 1000 and 2000, didn’t even realise they had been hit by an attack within two weeks of being compromised, and 22% took three to four weeks.

Issues like this are all the more reason for smaller firms in India to seek help from cybersecurity firms. Saket Modi, co-founder and chief executive of homegrown security firm Safe Security, said the company has been seeing increased interest from SMBs and startups, globally. He said that the last quarter was the best in the company’s history, and that the company has been growing at 300% year-on-year. The company also works with larger firms.

Further, security firms Instasafe and TAC Security have seen similar results. Instasafe, said it caters to large enterprises and SMBs in a 60:40 ratio, while TAC said it has grown over 300 percent in the last two years and servers tier II and III cities, along with state agencies, and eGov initiatives. 

“With the pandemic, secure remote access needs have accelerated and we were able to help our existing clients with their sudden surge requirement of remote access tools,” said Sandip Kumar Panda, Co-Founder, and CEO at Instasafe Technologies.

To be sure, hiring security firms and individuals isn’t necessarily the answer. Some experts believe that automation could be an answer to. Sunil Sharma, managing director, Sales, India and SAARC, at Sophos, said that enterprises could automate certain tasks by using sophisticated security tools that are driven by artificial intelligence (AI), which could help reduce the workload on in-house teams.

Ravisha Chugh, principal analyst at Garner, pointed out companies, like tech-driven startups, which have most of their infrastructure on the cloud, can reduce costs by consolidating security vendors, and procuring solutions from a single vendor that fits more than one need.