Cybersecurity skills in new graduates: a Philippine perspective

This study investigates the key skills and competencies needed by new cybersecurity graduates in the Philippines for entry-level positions. Using a descriptive cross-sectional research design, it combines analysis of job listings from Philippine online platforms with surveys of students, teachers, and professionals. The aim is to identify required skills and areas needing improvement, highlighting the balance between technical skills and other competencies like ethical conduct, suggesting a shift away from traditional cybersecurity skills towards a more diverse skillset. Furthermore, the results revealed common agreement on the importance of communication, critical thinking, problem-solving, and adaptability skills, albeit with slight variations in their prioritization. It recommends that aspiring cybersecurity professionals develop an inclusive skill set encompassing technical knowledge, soft skills, and personal competencies, with a focus on adaptability, continuous learning, and ethics. Skills such as business acumen are considered less vital for entry-level roles, proposing a preparation strategy that aligns with the changing demands of the cybersecurity industry.

💡 Research Summary

This paper investigates the competencies required of new cybersecurity graduates in the Philippines for entry‑level positions, combining a job‑market analysis with a cross‑sectional survey of students, teachers, and professionals. The authors extracted 36 frequently cited skills from online job postings on major Philippine platforms (JobsStreet, Indeed Philippines) covering the period September–November 2023. These skills formed the basis of a questionnaire administered to 152 respondents (90 students, 26 teachers, 36 professionals). Demographic data (age, gender, income, education, sector) were collected to contextualize the responses.

The survey asked participants to rate each skill on a 10‑point Likert scale for “usefulness” (1 = very useful, 10 = least useful) and to indicate whether further development was needed. Validity was ensured through expert review, and reliability was confirmed via inter‑rater testing.

Results show a strong consensus across all groups that soft skills—communication, critical thinking, problem‑solving, teamwork, personal values, ethical mindset, professionalism, continuous learning, risk assessment, adaptability, resilience, and personal accountability—are essential for securing an entry‑level cybersecurity role. These skills received median ratings of 1 or 1.5, indicating high perceived importance. Technical competencies such as “information technology/cybersecurity skills” were also rated highly, but business acumen and financial literacy were consistently rated lower (median = 2–3) and showed no significant variation among groups.

Statistical analysis using the Kruskal‑Wallis H test revealed that only four competencies—critical thinking (H = 7.654, p = 0.02), problem‑solving (H = 7.712, p = 0.02), attention to detail (H = 7.049, p = 0.03), and personal accountability (H = 7.295, p = 0.03)—differed significantly across respondents, suggesting divergent perceptions of their urgency. Several other skills (teamwork, flexibility, professionalism, risk assessment, personal values, ethical mindset, communication) approached significance (p ≈ 0.06–0.10), indicating that a larger sample might confirm their differential importance.

The authors interpret these findings as evidence that the Philippine cybersecurity talent pipeline is currently misaligned with industry expectations, which prioritize a blend of technical knowledge and non‑technical attributes. They argue that existing curricula, which often emphasize technical content, need to be re‑balanced to embed ethical reasoning, risk management, and communication training.

Policy recommendations include: (1) integrating dedicated modules on ethics, risk assessment, and professional communication into undergraduate programs; (2) expanding industry‑university partnerships to provide internships, capstone projects, and real‑world case studies; (3) facilitating access to internationally recognized certifications (e.g., CompTIA Security+, CISSP) through scholarships or subsidized training; (4) establishing continuous professional development pathways for early‑career practitioners, focusing on the soft skills identified as most critical; and (5) encouraging CHED and DICT to update accreditation standards to reflect these competency priorities, aligning national guidelines with frameworks such as NIST and ISO/IEC 27001.

In conclusion, the study highlights that for Philippine entry‑level cybersecurity roles, soft skills—particularly communication, critical thinking, problem‑solving, ethical mindset, and adaptability—are as vital as technical knowledge. Addressing the identified gaps through curriculum reform, industry collaboration, and supportive policy measures can improve graduate employability, mitigate the national cybersecurity talent shortage, and strengthen the country’s overall cyber‑defense posture.