LatAm's Self-Taught Cyber Talent Overlooked Amid Cyberattack Glut

REMOTE WORKFORCE THREAT INTELLIGENCE CYBERSECURITY CAREERS CYBER RISK NEWS Breaking cybersecurity news, news analysis, commentary, and other content from around the world, with an initial focus on the Middle East & Africa and the Asia Pacific LatAm's Self-Taught Cyber Talent Overlooked Amid Cyberattack Glut A newly released study exclusively shared with Dark Reading details the unique circumstances that make up Latin America's labor pool, and why organizations may want to expand their talent search. Alexander Culafi,Senior News Writer,Dark Reading April 1, 2026 4 Min Read SOURCE: THOMAS KYHN VIA ALAMY STOCK PHOTO To hire cybersecurity professionals, companies in Latin America are under a mandate to expand their search and foster the wide range of underutilized talent that exists in the region, especially as the threat landscape surges ahead of the global pace.  That's according to Ekoparty, a long-running annual cybersecurity conference that takes place in Buenos Aires and, more recently, Miami. The organization released a jobs report today, exclusively shared with Dark Reading, analyzing the cybersecurity talent market in Latin America. The report is based on a survey conducted with 605 Latin American cybersecurity professionals in an effort to identify relevant challenges as well as potential solutions.  Latin America faces 40% more cyberattacks than the global average, and its vibrant threat landscape unfortunately continues to put defenders on the back foot. The reasons for this are complex and multifold; while LatAm organizations do broadly struggle with cyber maturity, the real problems are more specific. Brazil is a leader in establishing standardized mobile payment processing nationwide with its deployment of Pix in 2020, for example. But that has made the nation a hotbed for banking Trojans and phishing attacks alike, a problem only exacerbated by the proliferation of hacking kits that require little technical knowledge to deploy. It's just one example of what nations in the region are uniquely facing, and the reality is that the talent pool as-is will not be sufficient to get ahead of the risk. Related:Zscaler-SquareX Deal Boosts Zero Trust, Secure Browsing Capabilities The primary conclusion the report reaches is that Latin America has a thriving cybersecurity community, but organizations must adapt to the realities of how these professionals train, work, and live in order to access that talent, and expand their hiring searches. A Community Built on Self-Learned & Freelancing Professionals While many companies may believe that a specialized job area like cybersecurity requires a university degree, 70% of respondents said they acquired their skills through informal learning pathways such as online courses and on-the-job experience; only 44% held a university degree, and only about half (53%) held at least one certification.  Additionally, while 79% work in full-time roles, 44% maintain a second related occupation such as research, teaching, or participating in bug-bounty programs. While some organizations may expect that their applicants exclusively work for the company applied to, that doesn't necessarily reflect how the security community at large operates.  Related:Torq Moves SOCs Beyond SOAR With AI-Powered Hyper Automation These points speak to a larger thesis of the report, that there are underutilized opportunities for leaders to access large portions of the security community.  This opportunity especially appears to be true for entry-level cyber professionals. About a third (35%) of respondents had fewer than three years of experience, an important consideration to make when so many security job listings can require a decade of experience in the field. Plus, women enter the field between seven and 10 years later than men on average, highlighting the need to address structural barriers to entry as well as an opportunity to further expand the talent pool. The Bigger Picture: Fostering New Talent And while security budgets perpetually remain tight, compensation was not the only factor that makes a prospective company seem appealing to candidates. Valuing employee well-being, offering flexibility in work arrangements (such as remote or hybrid opportunities), recognizing expertise, and providing job stability were also considered key factors that make up an ideal organization to work for, according to the survey. These factors offer just a few of the ways companies can make themselves appealing to applicants while remaining conscious of budgetary constraints, according to Ekoparty.  Related:'Stanley' Toolkit Turns Chrome Into Undetectable Phishing Vector "Ultimately, while cybersecurity demands a high level of expertise and commitment, professionals in Latin America are equally driven by the desire to build meaningful, balanced, and sustainable careers within a rapidly evolving industry," the report read.  That said, Federico Kirschbaum, a co-founder of Ekoparty, tells Dark Reading that there's also a negative chicken-and-egg problem with security hiring: whether a company tries to make its first cybersecurity hire or even its 10th, the requirements tend to be for 10-plus years of experience, but with compensation levels that are not commensurate with that demand. That wards away candidates, and big holes in staff can remain if organizations can't afford to offer higher pay.  Companies in that position can meet professionals where they are, and instead foster skilled yet developing talent, he notes. "Our pitch is, Hey, I think there are many people in this industry that come from an informal background in terms of learning," he says. "They are proficient. They are not here only for the money, but also because they really love what they do. But to an extent, we need to make companies aware that if you want to grab this talent, you also need to retune your hiring so you are part of the learning experience. I think talent is being formed not only from the academia but also from the industry." Read more about: DR Global Latin America About the Author Alexander Culafi Senior News Writer, Dark Reading Alex is an award-winning writer, journalist, and podcast host based in Boston. After cutting his teeth writing for independent gaming publications as a teenager, he graduated from Emerson College in 2016 with a Bachelor of Science in journalism. He has previously been published on VentureFizz, Search Security, Nintendo World Report, and elsewhere. In his spare time, Alex hosts the weekly Nintendo podcast Talk Nintendo Podcast and works on personal writing projects, including two previously self-published science fiction novels. Want more Dark Reading stories in your Google search results? ADD US NOW More Insights Industry Reports Frost Radar™: Non-human Identity Solutions 2026 CISO AI Risk Report Cybersecurity Forecast 2026 The ROI of AI in Security ThreatLabz 2025 Ransomware Report Access More Research Webinars Building a Robust SOC in a Post-AI World Retail Security: Protecting Customer Data and Payment Systems Rethinking SSE: When Unified SASE Delivers the Flexibility Enterprises Need Securing Remote and Hybrid Work Forecast: Beyond the VPN AI-Powered Threat Detection: Beyond Traditional Security Models More Webinars You May Also Like REMOTE WORKFORCE Microsoft Rushes Emergency Fix for Exploited SharePoint Bug by Elizabeth Montalbano, Contributing Writer JUL 21, 2025 REMOTE WORKFORCE US Critical Infrastructure Still Struggles With OT Security by Becky Bracken APR 29, 2025 REMOTE WORKFORCE Phishing Kit Darcula Gets Lethal AI Upgrade by Becky Bracken APR 25, 2025 CYBERATTACKS & DATA BREACHES DeepSeek Breach Opens Floodgates to Dark Web by Emma Zaballos APR 22, 2025 Editor's Choice CYBERSECURITY OPERATIONS Why Stryker's Outage Is a Disaster Recovery Wake-Up Call byJai Vijayan MAR 12, 2026 5 MIN READ CYBER RISK What Orgs Can Learn From Olympics, World Cup IR Plans byTara Seals MAR 12, 2026 THREAT INTELLIGENCE Commercial Spyware Opponents Fear US Policy Shifting byRob Wright MAR 12, 2026 9 MIN READ Want more Dark Reading stories in your Google search results? 2026 Security Trends & Outlooks THREAT INTELLIGENCE Cybersecurity Predictions for 2026: Navigating the Future of Digital Threats JAN 2, 2026 CYBER RISK Navigating Privacy and Cybersecurity Laws in 2026 Will Prove Difficult JAN 12, 2026 ENDPOINT SECURITY CISOs Face a Tighter Insurance Market in 2026 JAN 5, 2026 THREAT INTELLIGENCE 2026: The Year Agentic AI Becomes the Attack-Surface Poster Child JAN 30, 2026 Download the Collection Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox. SUBSCRIBE Webinars Building a Robust SOC in a Post-AI World THURS, MARCH 19, 2026 AT 1PM EST Retail Security: Protecting Customer Data and Payment Systems THURS, APRIL 2, 2026 AT 1PM EST Rethinking SSE: When Unified SASE Delivers the Flexibility Enterprises Need WED, APRIL 1, 2026 AT 1PM EST Securing Remote and Hybrid Work Forecast: Beyond the VPN TUES, MARCH 10, 2026 AT 1PM EST AI-Powered Threat Detection: Beyond Traditional Security Models WED, MARCH 25, 2026 AT 1PM EST More Webinars White Papers Autonomous Pentesting at Machine Speed, Without False Positives Fixing Organizations' Identity Security Posture Best practices for incident response planning Industry Report: AI, SOC, and Modernizing Cybersecurity The Threat Prevention Buyer's Guide: Find the best AI-driven threat protection solution to stop file-based attacks. Explore More White Papers BLACK HAT ASIA | MARINA BAY SANDS, SINGAPORE Experience cutting-edge cybersecurity insights in this four-day event featuring expert Briefings on the latest research, Arsenal tool demos, a vibrant Business Hall, networking opportunities, and more. Use code DARKREADING for a Free Business Pass or $200 off a Briefings Pass. GET YOUR PASS GISEC GLOBAL 2026 GISEC GLOBAL is the most influential and the largest cybersecurity gathering in the Middle East & Africa, uniting global CISOs, government leaders, technology buyers, and ethical hackers for three power-packed days of innovation, strategy, and live cyber drills. 📌 BOOK YOUR SPACE