Gulf women in cyber lead work to address GCC’s cybersecurity skills gap

In collaboration with Ipsos and Protection Group International (PGI), the 2020-2021 cohort of the UK-Gulf Women in Cybersecurity Fellowship Programme has released a report from the first phase of research into cyber skills in the Gulf region, Addressing Cybersecurity Skill Shortages in the GCC Region.

The UK-Gulf Women in Cybersecurity Fellowship Programme is a UK FCDO funded programme for women from the six GCC countries in senior cyber security positions.

The report details the findings of foundational research into how cyber security skill shortages can be addressed at organisational, national, and regional levels.

The research was conceived, commissioned and executed by the Fellowship Skills Syndicate Group with the support of Ipsos and PGI. It was based on a range of interviews with senior female professionals working in cyber security roles across the region.

Dr Haya Almagwashi, Cybersecurity Consultant and Fellowship Skills Syndicate Lead believes that this report will help senior leaders prioritise the actions required to make the industry and wider business resilient to digital threats.

“The globe is fronting fluctuating complex cybersecurity threats and challenges at various levels which requires collaborative efforts to address these shared challenges. A capable highly skilled cybersecurity workforce is a key enabler to any efforts towards achieving this goal. Therefore, it was intriguing to lead the research work into cyber skills with an elite team of female cybersecurity professionals from the region,” Dr Almagwashi said.

Mrs Nahla al Balushi, Head of Information Security at the Central Bank of Oman, who also worked on the report, added: “Identifying the critical skills in cyber security specifically required in the Gulf Region will help in addressing the gaps in the market and streamlining the cyber security curriculum taught at schools and universities.”

The key findings from the report include:

The top three critical cyber security skills in the Gulf

For interviewees, Cyber Threat Intelligence Management, Incident Response and Governance were the most in-demand skillsets in the GCC region. Interviewees also highlighted the importance of cybersecurity-specific leadership and training skills across their organisations.

The challenges in building sustainable cyber security workforces

The limited integration of cybersecurity into the wider business processes of organisations was cited as a central challenge impacting cybersecurity professionals at all levels. Problems include siloed working practices and a lack of support from management and inter-departmental peers. In many GCC countries, the lack of cybersecurity career frameworks are causing training and development challenges for employees and managers at organisational and even national levels although the report highlighted the recent Saudi Cybersecurity Workforce Framework (SCyWF) as a possible solution.

The future of building a successful cyber security workforce

Knowledge sharing and practical training, together with leadership and soft skills were identified as vital for building a successful cybersecurity workforce. The overwhelming majority of interviewees stressed the importance of knowledge sharing and exposing new talent to real-life scenarios to bridge gaps in cyber security experience and overcome the largely theoretical cyber security education and training that is currently available. One of the central themes of the report is the requirement for leadership and soft skills to be developed in parallel as interviewees felt that technical skills in isolation are not enough to equip practitioners to deal with the demands of cybersecurity roles.

The keys to cyber security retention

Recognition and development were identified as key to cybersecurity staff retention in the Gulf. Interviewees noted that the jobs within the cybersecurity profession were developing a reputation for overworking or even burning out their staff. This contributes to a lack of skilled and diverse individuals being identified, developed and maintained. Additionally, there is a strong requirement across the industry for a level of financial and cultural commitment from management to invest in development, technology, welfare and support.

The importance of multi-skilled cyber security professionals

The research also highlighted a need for a greater number of an organisation’s cybersecurity workforce to be more multi-resource professionals—versus specific penetration testers or incident responders, which are expensive resources if not being utilised for those specific skills most of the time. The specific markets for these jobs need to saturate along with salaries to make recruitment more viable and sustainable.

Read the full report

Members of the Fellowship’s 2021-2022 cohort are now working with Ipsos and PGI on phase two of this research which aims to further substantiate the report’s findings via a quantitative assessment of grassroots opinion. The results of this phase will be announced in the second quarter of 2022.

Wafa’ Nimri, PGI’s General Manager for the Levant, who heads the UK Gulf WIC Fellowship Secretariat says that PGI is very proud to continue its involvement with this important programme.

“The Fellowship plays a significant role in addressing the acknowledged gender diversity challenge faced by the cybersecurity sector globally, by featuring the research and roles of prominent women in cybersecurity. And the strong data and innovative thinking about skills growth in the GCC region for the sector generated by the work of the two cohorts will provide invaluable foundations for future cyber security capability building initiatives by governments and regional organisations,” Miss Nimri said.

ENDS

About the UK-Gulf Women in Cybersecurity Fellowship Programme

The UK-Gulf Women in Cyber Security Fellowship is a UK Foreign, Commonwealth and Development Office-funded and run programme. It has been running since November 2019 to identify, empower, mentor and support current and future female leaders within the cyber security sector across the Gulf region. In 2020-2021, the first cohort of twenty Fellows worked together and with external experts in workshops, online discussion, syndicate groups, and bilateral sessions to share knowledge and information; and drive forward projects of mutual interest; improving awareness of cyber security in the Gulf region and Arabic-speaking world; creating knowledge and resources that will benefit cyber professionals in the region; raising awareness of, and encouraging, the work of other female cyber professionals; and encouraging and supporting women entering the cyber security profession.

About Protection Group International (PGI)

PGI is a UK-based digital risk management consultancy specialising in cyber security skills development and capacity building. PGI works with both public and private sector entities to help them understand and manage their digital risks.

About Ipsos

Ipsos is the third largest market research company in the world, present in 90 markets and employing more than 18,000 people.

Our passionately curious research professionals, analysts and scientists have built unique multi-specialist capabilities that provide true understanding and powerful insights into the actions, opinions and motivations of citizens, consumers, patients, customers and even employees. We serve more than 5000 clients across the world with 75 business solutions.

Founded in France in 1975, Ipsos is listed on the Euronext Paris and has been since July 1st, 1999. The company is part of the SBF 120 and the Mid-60 index and is eligible for the Deferred Settlement Service (SRD).

ISIN code FR0000073298, Reuters ISOS.PA, Bloomberg IPS:FP www.ipsos.com

Read the full report