Cybersecurity skills shortage leaves South Africa exposed
· Citizen
South Africa’s growing list of cybercrime victims includes banks, telecommunications providers, government departments and one of the country’s largest credit bureaus, Experian.
Visit saltysenoritaaz.org for more information.
The attacks have exposed personal information, disrupted services and cost organisations millions, while highlighting a problem that receives far less attention: a shortage of people qualified to defend digital systems.
Growing demand for cybersecurity skills
Research cited by MiDO Academy found that 56% of South African organisations struggle to recruit cybersecurity professionals, creating a gap in a sector where demand continues to grow as cyber threats become more sophisticated.
Dale Simons, CEO of the academy, said employers are often searching for experienced specialists while overlooking candidates who could be trained for the profession.
“The traditional recruitment model isn’t working. Organisations are hunting for five-year experts while cyber threats continue to increase,” said Simons.
“By focusing on grit and potential rather than elite credentials, we can help address a very real skills shortage while creating opportunities for young people.”
The academy was established in 2023 and offers an NQF level 5 cybersecurity analyst qualification.
Creating pathways into the industry
According to the organisation, 51 students have completed the programme, 43 have secured internships, learnerships or project placements and 16 have moved into permanent employment.
Those figures stand in contrast to South Africa’s broader youth employment picture.
Statistics South Africa’s latest figures show youth labour underutilisation among people aged 15 to 24 remains above 60%, despite years of interventions aimed at improving employment prospects.
He said the academy recruits candidates from underserved communities and places less emphasis on formal credentials than traditional hiring processes.
Simons said the academy looks for evidence of commitment, initiative and a willingness to learn.
“The key factor is determining what a person does within a resource-constrained environment,” he said.
Balancing opportunity with responsibility
A significant hurdle facing the cybersecurity sector is convincing employers to entrust inexperienced recruits with responsibilities that can involve protecting sensitive information and critical infrastructure.
Simons said the academy works closely with host organisations and prospective employers before placements take place.
“The business is looking for top talent and the student is looking for opportunities to learn and showcase their talent within a defined context,” he said.
“We vet our placement partners for compliance and good practice and work closely with them throughout the process.”
Cybersecurity skills are increasingly viewed as a strategic necessity rather than a specialised technical function.
Simons said developing local expertise should form part of a broader effort to strengthen digital resilience.
“As a country we have to enable young people to become digital integration agents,” he said.
“Enabling young people in this way will support cyber awareness in communities, schools, NGOs and SMEs while creating opportunities for them to gain experience and build careers.”