How government and industry can work together to address the cyber skills shortage

Australia and New Zealand's tech industry is facing a major deficit in talent to fill available roles

How government and industry can work together to address the cyber skills shortage

It is estimated there are 10 billion devices connected to the internet across the globe and as high-profile data breaches become common across Australia and New Zealand, both countries are struggling to fill major gaps in the cyber-security talent market.

In 2021, an Information Systems Audit and Control Association (ISACA) annual State of Cybersecurity survey found that New Zealand and Australian respondents surpassed the global percentage in all questions related to the lack of cyber security skills.

  • 66% of ANZ respondents say their cybersecurity teams are understaffed (compared to 55% globally).
  • 59% have unfulfilled cybersecurity positions (versus 55% globally).
  • 52% say their cybersecurity applicants are not well qualified (versus 50% globally).

Read more: 600 border exemptions for tech workers now available

The survey also revealed that only about a third (35%) of ANZ respondents said that they felt their human resources team didn’t understand what was required when hiring for tech positions.

Ahead of the Australian Jobs and Skills Summit next month, Sarah Sloan, Head of Government Affairs and Public Policy ANZ, Palo Alto Networks said, “We welcome the Government’s focus on Jobs and Skills, particularly as they relate to the technology and cybersecurity sector. The Australian IT sector is currently facing a shortage of over 7,000 skilled cybersecurity specialists. Not only does this shortage put Australian organisations and individuals at risk, but it also has widespread repercussions for Australia’s national security - the time for action is now.”

Read more: The challenges of implementing new tech

To address the skills gap, we would encourage government and industry to work closely together and consider the following areas of action

  1. Clearly define which skills we need, and why.

While we often talk about the need for more cybersecurity specialists, there remains a lack of clarity around what this encompasses. Cybersecurity includes a range of different skills and roles - from network engineers to cyber threat analysts. It's important to clearly define the skills needed to ensure our national security and resilience in the digital age.

  1. Leverage and scale existing industry activities to engage the next generation and retrain our workforce.

Many companies are already undertaking a range of initiatives to address the cyber skills challenge - including partnering with universities and TAFEs, undertaking education initiatives aimed at school-aged children, and offering free cybersecurity training online, via websites like SkillFinder. Government and Industry should work together on how these initiatives can be better leveraged and scaled to build the talent pipeline.

  1. Work with hiring managers and industry leaders to reset qualification expectations.

Some of the best cyber threat researchers in Australia are self-taught, yet when attracting cybersecurity talent, companies still require candidates to show university/TAFE qualifications and years of industry experience. We need to incentivise hiring from a broader range of industries based on capabilities rather than qualifications.

  1. Address the gender gap.

The cybersecurity industry has an image problem that needs to be addressed in order to attract more female participation. In particular, awareness of the diversity of roles needs to be promoted. Many cybersecurity roles require problem solving capabilities, creativity, and big-picture thinking – not necessarily technical know-how. Finally, as an industry at the forefront of safe, remote-working capabilities, the sector is well placed to position itself as a truly flexible workplace, offering work-life balance.

  1. Attract talent through financial incentive.

As we have seen in the Education sector, government-funded scholarships will attract and incentivise people into the industry. Any financial incentive should include a return to service obligation, ensuring graduates undertake a number of years in key government agencies at the completion of their paid studies.