Only one professional per 240 Australian businesses
There are only about 11,000 cybersecurity workers in Australia in vital roles, according to a new report, which warned that the country is "woefully short" of cybersecurity talent.
The report from StickmanCyber, citing latest census figures, found that there are only 11,387 cybersecurity workers in Australia in vital roles such as penetration tester, cybersecurity engineer, cybersecurity analyst, cyber governance risk, and compliance specialist.
"Our estimate of 10,000 technical cybersecurity pros is woefully short of what's needed to combat modern cybersecurity threats," said Ajay Unni, StickmanCyber CEO and founder, in the report.
The findings noted that Australia is rich in information and communication technology talent, with 376,000 professionals in the field. However, only three per cent of ICT professionals are currently in specialised cybersecurity positions.
"Based on there being 2.6m businesses in Australia, there is roughly one ICT worker for every seven companies," the report read. "In comparison, there is only one cyber security professional per 240 Australian businesses."
According to Unni, many of the recent high-profile breaches across the country are a "natural consequence" of Australia's cybersecurity and technical skills gap.
"Too much of the cybersecurity burden is falling to IT teams and professionals with a broad knowledge of IT, who lack specialised cybersecurity expertise," he said. "Companies cannot realistically expect their IT guy, who handles email complainants and forgotten passwords most of the day, to protect them from sophisticated ransomware groups."
Addressing skills gap in cybersecurity
Australia is currently addressing the shortage of talent by hiring migrant workers, according to the report.
It found that 51% of cybersecurity professionals there were born outside of the country, with India contributing the greatest proportion of non-Australian born ICT and cybersecurity workers.
Unni said there "are no quick fixes" to Australia's skills shortage.
"Australia needs to incentivise young people and students to pursue a career in cyber. Companies also need to improve working conditions and reduce burnout to ensure that people stay in the field," he said.
"In the short term, businesses that cannot find the skills they need in house must look to trusted third party security service providers who have the skills they lack."
