In Latin America, companies are faced with the pressing need to broaden their search for cybersecurity professionals and leverage the considerable underutilized talent within the region, particularly as the threat landscape evolves at an alarming rate.
This insight is presented in a jobs report issued by Ekoparty, a well-established annual cybersecurity conference held in Buenos Aires and, more recently, Miami. The report was exclusively shared with Dark Reading and is based on a comprehensive survey of 605 cybersecurity professionals from Latin America, aimed at uncovering pertinent challenges and potential solutions within the sector.
Latin America experiences 40% more cyberattacks than the global average, placing local defenders in a precarious position. The underlying reasons for this situation are multifaceted; although many organizations in the region grapple with cyber maturity, specific issues persist. For instance, Brazil's implementation of standardized mobile payment processing through Pix in 2020 has transformed it into a prime target for banking trojans and phishing attacks. The situation is worsened by the accessibility of hacking kits that require minimal technical skill for deployment, further underscoring the necessity for a more extensive talent pool to address these vulnerabilities.
The report underscores the vibrant cybersecurity community in Latin America but emphasizes that organizations must evolve their hiring practices to align with the realities of how cybersecurity professionals train, operate, and exist within the industry.
A Community Built on Self-Learned & Freelancing Professionals
While there may be a prevailing belief that cybersecurity, as a specialized field, necessitates a formal university education, 70% of survey respondents reported that they developed their skills through informal learning methods such as online courses and hands-on experience. In contrast, only 44% of participants held a university degree, and approximately half (53%) possessed at least one industry certification.
Moreover, 79% of respondents are employed in full-time positions, yet 44% also engage in secondary related activities, such as research, teaching, or taking part in bug-bounty programs. This trend highlights the unique operational dynamics within the security community, which may differ from typical organizational expectations.
The report brings to light the significant opportunities available for leadership to engage with larger segments of the security community, particularly for entry-level cybersecurity positions. Notably, one-third (35%) of surveyed individuals had fewer than three years of experience, which is noteworthy given that many job postings in the sector often demand extensive experience. Additionally, the survey reveals that women tend to enter the cybersecurity field between seven to ten years later than their male counterparts on average, emphasizing the urgency of addressing systemic barriers to entry, thus broadening the available talent pool.
The Bigger Picture: Fostering New Talent
Although security budgets are constrained, it’s not solely salary that renders a company attractive to potential candidates. Factors such as prioritizing employee wellbeing, offering flexible work arrangements (including remote or hybrid options), acknowledging expertise, and ensuring job stability were essential elements influencing candidates' decisions, as highlighted in the survey. By adopting these strategies, organizations can enhance their ability to attract talent while remaining mindful of budgetary limitations.
Share this story