Australia's Cyber Security Skills Challenge
Australia is facing a significant cyber security skills gap, which is contributing to an increase in data breaches and poses a heightened risk for future incidents. This issue is highlighted by a study that analyzed the latest census and labor force data, revealing that there are only 11,387 cyber security professionals in roles such as penetration testers, cyber security engineers, and cyber governance specialists. This number represents merely 3% of the Information and Communications Technology (ICT) workforce in the country.
To put this in perspective, Australia has approximately 50,000 ICT project managers and 7,000 chief information officers, with more than double the number of software engineers in New South Wales alone compared to the entire nation's cyber security workforce.
Imbalance in ICT vs. Cyber Security Workforce
The disparity is stark: while there is roughly one ICT worker for every seven companies, there exists only one cyber security professional for every 240 businesses in Australia. This imbalance has led Australia to rely heavily on skilled migrants, with 51% of the cyber security workforce born outside the country.
Gender Disparity in Cyber Security
The industry also faces a gender imbalance, where only 16% of cyber security professionals are women. Moreover, just one in 20 roles like penetration testers or cyber architects is filled by women. Ajay Unni, CEO of StickmanCyber, emphasizes that recent high-profile breaches are a direct result of this skills gap, as much of the burden falls on IT teams who often lack specialized cyber security expertise.
Strategies for Addressing the Skills Gap
To combat this issue, there are calls for incentivizing young Australians, particularly women, to pursue careers in cyber security. Companies are also encouraged to improve work conditions to prevent burnout and retain their talent. In the short term, businesses struggling to find skilled professionals are advised to collaborate with trusted third-party security providers.
Future Cyber Security Workforce Plans
Under Australia's cyber security strategy for 2026 to 2028, efforts are being made to bolster the country's cyber maturity. These plans include creating a more diverse cyber workforce, aligning migration policies with specific cyber skill requirements, and guiding employers to attract and retain diverse talent, thereby supporting the professionalisation of the cyber workforce.
This comprehensive approach aims not only to fill the current gap but also to ensure a resilient and capable workforce ready to tackle future cyber security challenges.
