The Australian Cyber Security Industry Report: A Deep Dive into Challenges and Recommendations
The cyber security industry in Australia is facing significant challenges, as highlighted in a recent report by StickmanCyber. The report paints a grim picture of the industry, describing it as “too small, too male, and propped up by overseas nationals.” This assessment sheds light on the pressing issues that need to be addressed in order to strengthen the country’s cyber security landscape.
Skills Crisis in the Cyber Security Industry
Chief Information Officers (CISOs) are well aware of the ongoing skills crisis in Australia’s cyber security industry. However, the latest analysis from StickmanCyber suggests that the reality may be even more dire than previously thought. The report, titled “Australia’s Cybersecurity and Technical Skills Gap,” combines research based on the latest Australian census with labor force data collected over a span of several years.
One of the key findings of the report is that the cyber security industry in Australia is actually much smaller than initially estimated. The current surge in data breaches is directly linked to a lack of skilled workers in the field. According to the last census, the total number of individuals in roles such as penetration tester, cyber security engineer, cyber security analyst, and cyber governance risk and compliance specialist is just 11,387. This amounts to only 3% of the ICT workforce, translating to one cyber security specialist for every 240 Australian organizations.
Ajay Unni, the founder and CEO of StickmanCyber, expressed deep concerns about the shortage of technical cyber security skills in Australia. He emphasized that recent high-profile breaches are a direct result of the country’s cyber security and technical skills gap. Unni pointed out that too much of the cyber security burden falls on IT teams and professionals with a broad knowledge of IT, rather than specialized cyber security expertise. This lack of expertise leaves businesses vulnerable to cyber threats and attacks.
Diversity and Inclusivity in the Cyber Security Workforce
In addition to the skills shortage, the composition of the cyber security workforce in Australia presents another challenge. The report reveals that 51% of specialists in the country were born overseas, indicating a heavy reliance on skilled migration. Furthermore, only 16% of the cyber security workforce are women, with an even lower representation in penetration testing roles, where women make up just 5% of the workforce.
Addressing the Gender Disparity in Cyber Security
Ajay Unni stressed the importance of addressing the gender gap in the cyber security industry. He highlighted the need to incentivize young people, especially women, to pursue careers in cyber security. Unni emphasized that companies must improve working conditions and reduce burnout to retain talent in the field. In the short term, businesses that lack the necessary skills internally should consider partnering with third-party security service providers to bolster their cyber security capabilities.
Recommendations for Strengthening Australia’s Cyber Security Industry
Unni underscored the need for a concerted effort to address the challenges facing Australia’s cyber security industry. He emphasized the importance of investing in education and training programs to cultivate a skilled workforce. Encouraging young people, particularly women, to pursue careers in cyber security is crucial for bridging the skills gap.
Furthermore, companies must create a supportive and inclusive work environment to attract and retain diverse talent in the field. Reducing burnout and providing opportunities for professional development are essential components of a sustainable cyber security workforce. Businesses that lack internal cyber security expertise should leverage the services of trusted third-party providers to enhance their security posture.
Looking Ahead: Building a Resilient Cyber Security Ecosystem
As Australia grapples with the challenges facing its cyber security industry, it is imperative to take proactive measures to strengthen the sector. By investing in education, promoting diversity and inclusivity, and fostering a culture of continuous learning and development, the country can build a resilient cyber security ecosystem that is equipped to tackle emerging threats and safeguard critical assets.
In conclusion, the Australian cyber security industry is at a critical juncture, facing significant challenges that require urgent attention and action. By addressing the skills gap, promoting diversity, and fostering a supportive work environment, Australia can position itself as a leader in cyber security and ensure the protection of its digital infrastructure for years to come.