- Статьи
- Society
- Shadow of knowledge: the industry is faced with a shortage of cybersecurity specialists
Shadow of knowledge: the industry is faced with a shortage of cybersecurity specialists
There is an acute shortage of cybersecurity specialists in the Russian industry. In mechanical engineering, the demand for such specialists increased by 40% in January – August 2025, by 64% in the energy sector, and by 75% in trade compared to the same period last year. The reason is that hackers are increasingly attacking factory lines, equipment management systems, and corporate networks, which makes protection critical, and, consequently, the need for such specialists is growing. This year, about 20,000 new vacancies for cyber defense experts have appeared in the country.
Why has the demand for cybersecurity specialists increased significantly?
The Russian industry has become more acutely aware of the shortage of cybersecurity specialists in 2025, Izvestia found out. Against the background of increased attacks on corporate IT networks and equipment management systems, the protection of digital infrastructure is becoming a critical task for companies. According to the data hh.ru During the period from January to August 2025, the demand for experts in this field increased significantly in various industries: by 40% in mechanical engineering, by 64% in energy, by 75% in trade and by 85% in the production of non—food products.
— In 2024, the industrial sector was in third place among the attacked areas. In the first three quarters of 2025, the share of attacks increased to 15%, and industry became the second most attacked industry," said Anna Vyatkina, an analyst at the research group of the information security analytics department at Positive Technologies.
According to her, the share of attacks on industry is growing due to active digitalization, today enterprises are increasingly combining information and production systems, which makes them more vulnerable and increases the number of points through which attackers can operate. At the same time, the level of cybersecurity maturity in the industry remains low. Many production systems are still running on outdated hardware without the support of modern security features.
"This makes industrial organizations an attractive target for intruders, as a successful attack can lead to unacceptable events such as production shutdowns, significant financial losses, or accidents," added Anna Vyatkina.
Against this background, companies are increasingly looking for qualified specialists who can provide sustainable protection of business infrastructure, said the head of cybersecurity. hh.ru Mikhail Shcherbakov. In general, the number of information security specialist vacancies in Russia is growing, with about 20,000 new vacancies created in 2025.
How to solve the shortage of personnel
Against the background of an increasing number of cyber attacks, companies from manufacturing, mining and other fields are increasingly deciding to strengthen their own information security services, Andrey Ivanov, Director of development at Swordfish Security, told Izvestia. Among the companies requesting the construction of competence centers, in 2025, one in four belongs to the fuel and energy sector, one in six belongs to the energy sector and one in eight belongs to metallurgy.
— The number of cyber attacks continues to grow, especially in relation to critical information infrastructure facilities in various industries. In such circumstances, companies are forced to react quickly. One of the key steps is to create our own competence centers, especially in the field of secure software development," the expert said.
At the same time, according to him, it is important to understand that the training of internal specialists takes time, so many organizations turn to external experts for help, both for outsourcing and for training their employees.
According to Kaspersky Cyber Threat Intelligence, of the 14 cyber groups that have been most actively attacking Russian organizations in recent years, 12 are targeting industry. This is one of their main goals along with the public sector. These groups include hackers, many of whom have emerged in recent years and publicly called themselves pro-Ukrainian. They steal enterprise data, seeking to damage the infrastructure and economy of the country as a whole. For example, to disrupt technological processes or completely destroy their data, they noted. Their technical level and their activity continue to grow consistently.
Employers are increasingly looking for information security experts, but there are not enough qualified specialists - the market is not keeping pace with business needs, said Anton Nemkin, a member of the State Duma Committee on Information Policy, Information Technology and Communications, federal coordinator of the Digital Russia party project.
— The appearance of 20,000 new cybersecurity vacancies is an impressive figure, but there are no ready personnel to close them. Universities produce a limited number of specialists, and practical competencies are often formed only in the process of real work. As a result, companies compete for the same experts, offering high salaries and additional bonuses, which only fuels staff hunger," the deputy stressed.
According to him, the solution to the problem is possible only through systemic measures.: This includes the expansion of information security educational programs, and more active business participation in personnel training, including internships and internships at real enterprises. Government support is also needed: grants for students, tax incentives for companies investing in education, as well as the development of competence centers in the regions, Anton Nemkin believes. Without this, the gap between supply and demand will only widen.
Переведено сервисом «Яндекс Переводчик»
