Skill shortage alert: Banks in Singapore struggle to source cyber security staff
Cyber-security experts are urgently needed at banks in Singapore, but recruiters in the city state say there’s not enough talent to meet demand.
The buoyant job market in cyber security is being partly fuelled by pronouncements from Singapore’s government and financial regulator.
The Monetary Authority of Singapore issued new Technology Risk Management Guidelines in June, advising financial institutions to “deepen their technology risk management capabilities and be ready to handle IT security incidents and system failures”. And last year the government released a long-term policy agenda, the National Cyber Security Masterplan 2018.
Banks in the country have fallen victim to several recent high-profile cyber attacks, including loss of client data at Standard Chartered. Lum Yin Fong, managing director of global transaction services at DBS, told us last month that cyber security was one of the main challenges facing Singapore’s banking sector. Cyber crimes are costing Singapore an estimated S$1.25 billion annually, according to a June report from Center for Strategic and International Studies.
“Cyber security experts are among the most sought-after professionals in Asia as their skills are in demand across all banks. This is driven by the need to combat rising cyber-threat levels and satisfy the increasing demands of regulators,” says Chris Mead, regional director of recruitment agency Hays in Singapore.
A high 93% of financial services institutions in Singapore plan to hire more staff to manage their company’s online security, according to a survey released last month by recruiters Robert Half. As part of a growing trend for banks to use contractors for support roles in Singapore, 54% of the firms surveyed are recruiting interim cyber-security professionals, while only 39% are taking on more permanent staff.
The major international investment banks are adding to their already large cyber teams in Singapore, says Mead from Hays. “And the skill level needed at these firms has increased as they have started taking on work previously managed out of the US and Europe. Cyber security is important to local banks, too. DBS, OCBC and UOB have the bulk of their technology staff based in Singapore, containing significant cyber teams.”
Across industries, however, the number of cyber-security professionals in Singapore fell to 1,200 last year from 1,500 in 2012, according to the country's Ministry of Manpower. “Demand for staff increased during that period, so banks are faced with a very difficult hiring environment,” says Mead.
While banks are trying to source cyber-security experts from other sectors, the reverse is also happening. “IT-security talent is hard to find as companies – such as travel, logistics, insurance and card-payment firms – are also looking for the same people,” says Stella Tang, managing director of Robert Half in Singapore. “Rather than waiting for the perfect candidate, some financial institutions are instead training their current employees, who are short on IT-security skills but have more experience in the organisation."
Mead says banks are relocating cyber professionals from offices in India and Europe, but Singapore’s Fair Consideration Framework – new rules which from August will encourage employers to hire more locals – will make international transfers more difficult, especially for junior jobs.
Salaries for the country’s current crop of cyber-security experts have risen by 10% on average since last year, says Tang from Robert Half. Career-development and training opportunities are also on the up, with KPMG and cyber-security firm FireEye announcing plans earlier this year to build a Cyber Security Centre and an Asia Pacific Centre of Excellence respectively in Singapore.