Singapore must work to plug a “big” cyber security skills gap, the Chief Executive Officer of the Cyber Security Agency has said.

“There is a big shortfall of cyber security professionals”, David Koh told GovInsider. In Singapore, “there is a shortage of about 1,000 professionals today”, he said. The agency expects the demand to double to 9,700 by 2021.

CSA is currently developing a competency framework that will be applied across whole-of-government. It will outline two broad paths: a “technical path for people who want to be deep experts”, and another in management of IT. “Some will want to manage groups of experts”, so the framework will spell out how “to do more cross-cutting general management at work”, he said.

This move will make cyber security a key skill for government officials, alongside traditional leadership and governance training.

The agency is also working with private firms to gather inputs, in hopes that they “will also mirror and adopt the same competency framework”, he said.

CSA has found particular areas where there needs to be greater training and developing: penetration testing, vulnerability assessment, incident response, digital forensics and malware analysis.

Last month, the agency partnered with CREST, a technical information and security accreditation body to introduce penetration testing certifications and accreditations in Singapore. Penetration testing is done to test computer systems for vulnerabilities to attacks.

“By raising the competency standards of our cyber security professionals, like penetration testers, we will make Singapore’s cyberspace more secure for everyone”, said Koh.

Now read: Inside Singapore’s Cyber Security Agency

Image by The Preiser Project, licensed under CC BY 2.0