With economic headwinds and a looming recession, more layoffs are imminent — if not expected.
However, one sector appears to be relatively safe — for now. In fact, experts say cybersecurity jobs could even increase during the economic turmoil.
Cybersecurity professionals are vital in reducing risks of cyberattacks, especially so in times of financial instability, experts told CNBC Make It.
“Some organizations may become more vulnerable during a recession as they may have fewer resources … making them an easier target,” said Daljit Sall, the general manager of technology for Randstad Singapore.
“Facing a serious cybersecurity breach could prove to be financially devastating in such a scenario — for instance, if they have to pay fines or fork [out] the costs of a ransomware attack.”
But a new survey suggests that one talent group will be least likely to get laid off, should companies decide to make reductions to headcount.
In ISC2’s research among 1,000 C-suite executives across five countries — Germany, Japan, Singapore, the U.K., and U.S. — almost half the top-level executives said they will “very likely” resort to layoffs due to an anticipated recession this year.
However, only 10% of organizations are likely to cut jobs in cybersecurity, compared to an average of 20% in other areas.
In Singapore, 68% of organizations strongly believe that layoffs will be necessary as the economy slows, said ISC2, a global nonprofit and largest association of certified cybersecurity professionals.
However, only 15% are likely to cut jobs in cybersecurity, compared to other sectors such as human resources (32%) and marketing (28%).
“The findings indicate leaders no longer view cybersecurity as a nice-to-have function when budget is available, but rather an essential, critical asset that delivers value,” it added.
LinkedIn’s latest Jobs on the Rise data also included cybersecurity engineers and cybersecurity consultants as some of the most in-demand roles in Singapore this year.
Sall agreed. He said there has been an increase in cybersecurity roles in Singapore and globally in recent years due to “digital transformation” across various industries.
“These advancements have driven the need for reliable and experienced cybersecurity professionals to build and maintain secure digital infrastructures,” he added.
The increased risk of cyberthreats is also a key contributor to higher demand for cybersecurity professionals, said Pooja Chhabria, LinkedIn’s head of editorial for Asia-Pacific.
“Demand for these roles are likely to increase as … the complexity of cyberattacks are intensifying in scale and scope,” she added.
“The need for cybersecurity professionals who can identify and prevent these attacks will become paramount.”
The number of cyberattacks has burgeoned in recent years due to pandemic-driven remote work and political issues.
For example, since the start of the Russian-Ukraine war, Russian-based phishing attacks against email addresses of European and U.S.-based businesses have increased by 8 times, according to a 2023 report.
“During economic uncertainty, some threat actors may be persuaded to exfiltrate data to increase their income. Insider threats could rise in response to the mass layoffs, especially as financially insecure employees look for new ways to earn extra cash,” said Clar Rosso, ISC2’s CEO.
This is why 42% of companies surveyed said they anticipate an increase in staffing for cybersecurity — the highest among all business functions — despite economic headwinds, ISC2 added.
However, the cybersecurity sector is not immune to headwinds. A November 2022 Citi survey of top tech officers showed they expect IT budgets to grow by only 1.8% over the next 12 months — continuing a downward trend since September 2021’s 5.6%.
Nonetheless, cybersecurity remains “the top priority by a wide margin” in IT budgets, Citi added.
Tech workers who were impacted by recent layoffs can also benefit from increasing prioritization of cybersecurity, said ISC2.
“It is possible that many of those individuals may find an opportunity in pursuing a career in cybersecurity, where they can apply related skills and expertise,” said ISC2.
LinkedIn’s Chhabria said software engineers and system engineers are the top two roles people have transitioned from to become cybersecurity engineers.
Hiring managers were also found to have recruited from “unconventional departments,” according to another ISC2 report, such as customer service, communications and human resources.
“This is largely due to … the mindset shift from solely focusing on technical skills to hiring for non-technical competencies that would make someone successful in the sector, and then training to build technical skills,” said Rosso.