CIO

Australia only has 7 percent of the cybersecurity expertise that it needs

Good times for cybersecurity consultants, but everyone else is struggling

The introduction of the notifiable data breaches (NDB) scheme and EU general data protection regulation (GDPR) more than tripled demand for cybersecurity specialists between February and June this year, according to a review of job openings that suggests Australia only has 7 percent of the cybersecurity skills it needs.

Job-ad site Indeed reviewed job postings requiring cybersecurity skills and noted that while the volume of searches for cybersecurity jobs had remained relatively stable from 2016 to 2018, the volume of searches had wavered seasonally and exploded to unprecedented levels after February 2018.

A seasonal dip in demand from December 2017 turned around as the NDB came into effect in February, with demand more than doubling – from around 22 jobs per million listings to 50 jobs per million listings in April.

Market demand for cybersecurity specialists slowed slightly in April, but has again followed hockey-stick growth since May – the month the GDPR was implemented – to more than 77 cybersecurity jobs per million listings.

A year ago, interest in cybersecurity-related job postings was meeting 17.5 percent of demand – but with the number of postings surging 173 percent in the past year, Indeed noted, the market was now supplying just 7 percent of demand.

This was great news for cybersecurity consultants in the market, with average salaries for cybersecurity professionals sitting at $117,000 but the potential to earn up to $239,000 annually.

Despite an expanding job market overall, the scarcity of suitable skills was exacerbating an already difficult security climate: “Protection against cyber threats is a key focus for many organisations,” the firm noted, “as every type of organisation needs qualified staff with the skills and experience to mitigate against risks posed by cyber criminals.”

“The problem is that cybersecurity professionals – who combine broad technical skills with specific security expertise and an understanding of business risk – are becoming much harder to find. Addressing this skills shortage will remain a matter of critical importance for the foreseeable future.”

A lack of cybersecurity skills has had a direct impact on the pace of Australia’s digital transformation, according to one recent study, and in another survey fully 70 percent of respondents reported a direct impact on their organisation from the cybersecurity skills shortage.

A range of initiatives have tried different approaches to fix the issue. Recent projects have included popular speed-networking events by AustCyber; a program called WithYouWithMe that focuses on retraining skilled military veterans; a recent $600,000 government grant uniting the University of Sydney and the banking industry to develop a Cyber Security Challenges for High School program.

“The Challenges will provide the critical skills and attitudes that students need to operate safely online,” Associate Professor James Curran, Academic Director of the Australian Computing Academy, said in a statement, “while delivering Australia’s digital technologies curriculum and highlighting the fantastic career paths that exist in cyber security.”