"Need to Hire 90,000 More Cybersecurity Professionals"... New 'Blue Ocean' for IT Job Seekers and Experienced Workers

72% of ICT Companies "Lack Responsible Personnel"

File photo. Not directly related to the article.

[Asia Economy Reporter Kim Bong-su] With the spread of information and communication technology (ICT), the Fourth Industrial Revolution, and the COVID-19 pandemic, the demand for ICT professionals is increasing, and among them, the field of information security is emerging as a new 'blue ocean.'

According to a survey by the Korea Information Security Industry Association, last year, the proportion of businesses without information security personnel was as high as 72.2%. The highest proportion of businesses, 20.1%, had less than 1% of their IT workforce dedicated to information security. Accordingly, a 2019 study indicated that the global cybersecurity workforce needs to increase by an average of 145%, and specifically, South Korea's security workforce, currently at about 201,000, is short by 90,000. The introduction of the 52-hour workweek has further exacerbated the shortage of security personnel, and small and medium-sized enterprises, security monitoring companies, and public institutions relocated to provincial areas are facing increasing difficulties in securing security personnel.

The mandatory Chief Information Security Officer (CISO) system introduced last year is also increasing the demand for security experts. Due to amendments to the Information and Communications Network Act, all telecommunications businesses except those subject to ISMS obligations, medium-sized or larger information and communication service providers, and value-added telecommunications businesses with capital under 100 million won must appoint a CISO. Among these, CISOs of information and communication service providers with total assets of 5 trillion won or more and ISMS-certified companies with total assets of 500 billion won or more are prohibited from holding other positions concurrently.

Consequently, the number of job seekers or career changers aiming to obtain related certifications or complete educational programs is increasing. Mr. A, who majored in public administration but works at a game company, recently completed the '2021 Information Security Certification Course (ISO27001 Auditor Certification)' conducted by the Korea Center for Women in Science, Engineering and Technology (WISET) and successfully obtained the certification.

Mr. A said, "As a non-major, I tried to build foundational knowledge related to information security work, but it was not easy, so I applied for this course," adding, "Through this course, I was able to strengthen my basic information security capabilities, develop my work experience, and obtain the auditor certification?all three at once."

WISET stated, "The field of information security has recently been highlighted as a prerequisite for the proper advancement of the Fourth Industrial Revolution, but the workforce is still insufficient," and added, "It is necessary to establish and operate optimized security strategies for companies in line with rapidly changing digital technologies, while proactively acquiring and educating the necessary skills to respond to ever-changing information security threats."