Andrew Johnson is the Chief Executive of ACS, the professional association for IT in Australia. He delivered the second part of the Oceania CACS opening plenary session, where he discussed cyber security skills crisis and the burning platform for change.
"We have some challenges as we digitise and we really need to beef up our security aspects", says Johnson.
The Australian digital economy will grow from $79B to $139B by the end of this decade with exponential growth in connectivity with 200B devices connected to the IoT by 2020 according to research from Intel. Just 1% of those IoT devices are already installed. People are being inundated with data, not keeping up and the uptake of new technology makes it hard to train staff and engage them in the use of new technology.
In Australia, says Johnson, there are some specific challenges. The pace of change is a challenge, the availability of skills, our relatively high pay rates and our position as a net importer of technology mean we need to think about how we solve security challenges.
"We really need to have an eye on the future," he says. "We can't do this with the rear-view mirror".
With the Australian economy driven by small businesses, there little uniformity in how things are done. "Over 80% of businesses have 20 or fewer staff and that means we all do things differently. We all create value in different forms," says Johnson.
And the rapid changes in technology such as the rapid uptake of smartphones, wireless communications and other technology mean the way things are done is further fragmenting.
"The big thing about digital disruption is that it's about adding value," says Johnson. "It's not a case of needing to take the next technology or next big thing".
The data Johnson used to highlight some of the challenges we face in Australia when it comes to skills. He notes we are very competitive when it comes to attracting talent but less competitive when to comes to retention and innovation. Women are underrepresented in the workforce and our spend on technology-based research and development is far lower than our international peers.
The expected increase in our economy over the next few years will be driven by technology, says Johnson. And while these aren't directly IT jobs, all businesses will become increasingly digital and, therefore, will require technical skills although they might be employed in non-traditional IT roles, particularly where automation is involved.
"Skill shortages are here, they're real and they're the new normal," says Johnson. "They're not going away".
According to data from Cisco, Johnson says we face around 18,000 security events per hour. And while the cost per incident is just $0.58, the volume of events makes this a significant financial burden. Breaches of around 100,000 records cost in excess of $50,000.
When looking at the skills needed by ICT security professionals, the ACS' research finds there are about 25 different specific skills companies are looking at rehanging from technical, risk management and compliance.
Johnson says this has lead to the "T shaped professionals". These have very strong disciplines in one area with supporting skills in other areas. It's these multi-skilled professionals, who understand the intersection between business skills and the use of technology to adapt to a changing world.
- Fighting the Growing Threat of DDoS Attacks Down Under
- A Call to Arms: Audit’s Role in the (Ongoing?) Cyber War
- Terminating hackers on the Department of Chickens
- Cybercrime: Understanding the Threat - Delivering a Response
- Application security testing growing in Australia but skills gap limits its scope