ACS frames cybersecurity imperative as Victoria addresses ICT, security disasters

Government support great but proactive investments needed to close skills gap

The Australian Computer Society (ACS) is pushing for renewed investment in cybersecurity skills as newly announced ICT-strategy commitments by the NSW and Victoria governments put additional pressure on cybersecurity skills that are already lagging demand and are expected to further outpace overall ICT-skills growth in coming years.

The ACS Victorian Cyber Security Paper, launched this week, notes that cybersecurity jobs “are the most difficult of jobs in the technology industry to fill despite being amongst the highest paid”. In attempting to lay down a path to close this gap – and avert future problems caused by “dwindling numbers of STEM students” – the ACS has recommended a range of initiatives including the development of a dedicated program similar to the US National Initiative for Cyber security Education (NICE) public-private partnership program.

The ACS has also recommended establishment of a grants program to support cybersecurity startups and SMEs undertaking R&D; is also exploring the extension of its training accreditations to encompass cybersecurity education; and supports government-funded cybersecurity information campaigns for SMEs and the creation of a Victorian cyber security business advisory service to improve overall cybersecurity posture.

Release of the ACS cybersecurity positioning paper comes just days after the Victorian government launched its IT Strategy for the Victorian Government, 2016 to 2020 – which has been designed to lift the state's woeful IT project-management practices as well as its failure to apply IT-security protections as repeatedly identified in damning Victorian Auditor-General reports in 2013 and again in late 2015. Among its raft of initiatives, the newly announced policy lays down a commitment to develop a formal cyber security strategy (due by December) and a State Emergency Response Plan for cybersecurity – both of which will likely draw on the federal government's recently launched national Cyber Security Strategy for at least some inspiration.

The Victorian government has been working hard to position the state as Australia's epicentre of cybersecurity research and has been heavily spruiking deals such as the establishment of the Oceania Cyber Security Centre (OCSC) – a joint facility linking eight Victorian universities, the Melbourne-based Defence Science Institute and private-sector partners with Data61's national cyber security centre and the first-ever international office of Oxford University's Global Cyber Security Capacity Centre (GCSCC).

“Victoria is leading the country in data and cyber security so we are well-positioned to partner with the Commonwealth Government on their new strategy and lend our state’s expertise to growing this critical industry,” minister for small business, innovation and trade Philip Dalidakis said in a statement at the launch of the federal policy in April. “Not only will it be a safeguard for our digital economy but it will be a significant economic driver for the state.”

In a nod to the growing pressure for governments to set privacy-protection examples, Victoria's policy highlighted the importance of secure account technology, consent models and “new cyber security tactics to mitigate emerging privacy threats”. “A fast-escalating cyber threat landscape means that government must take a strategic approach to managing system security,” the report notes, highlighting persistent cybersecurity issues including minimal common network standards; lack of a consistent available standard Wi-Fi network; lack of network carriage sharing potential; increased security threats from inconsistent security-management practices; and inadequate network design to securely support untrusted BYOD devices and external partners.

Yet even as it lays down its cybersecurity agenda, Victoria's investments will drive a renewed need to bolster cybersecurity skills in government and outside of it.

As the ACS and other bodies have recognised, low numbers of university graduates in cybersecurity-related fields means the growing number of security-related positions will be increasingly difficult to fill. Last year's Australia's Digital Pulse report, jointly authored by the ACS and Deloitte Access Economics, highlighted the extent of the problem as growing demand pushed employers to need 40,000 extra ICT workers – of which cybersecurity expertise was a key specialty.

“While the presence of cyber security research and development capabilities is a sound basis to position Melbourne as a hub of cyber security expertise,” the ACS policy says, “more investment and effort is required to develop a thriving cyber security ecosystem needed to participate in the global market for new and innovative cyber security solutions.... Given the increasing cyber threat to governments, government departments should be active collaborators and sponsors in the development and trial of new products based on identified needs.”

Join the CSO newsletter!

Error: Please check your email address.

Tags ICT skillsICT strategycybersecurityNetworkingGCSCCit strategyNICE SystemsimportantacsSTEM education

More about Access EconomicsACSAustralian Computer SocietyCommonwealth GovernmentDeloitteNICEVictorian Government

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by David Braue

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts