Australia's shortage of cybersecurity skills is worth considering if you’re an IT professional looking to further your career.
One trillion dollars has been spent on strengthening cybersecurity in the past seven years, but Chief Security Officers in organisations worldwide do not feel safer for it.
A recent Frost & Sullivan survey found cybersecurity experts (who took part in the survey) believed they were going to be breached by phishing attacks in the next year. And 46 per cent of respondents said that they could not prevent hackers from breaking into internal networks.
Why the problem isn’t going away
That lack of confidence isn’t surprising, considering that advances in cybersecurity technology aren’t enough to prevent all cybersecurity breaches.
One reason for this is that people avoid using systems if they are locked down too tightly. It has been found that Data Loss Prevention (DLP) technology has the potential to affect the way people interact with technology, preventing agile workflows.
Hackers are well aware of this, and they may send emails impersonating executives, instructing finance departments to transfer money.
It’s also simple for a careless worker or an aggrieved employee to move important data to where it shouldn’t be.
This has led to organisations operating on a zero trust basis. For example, they may ring-fence network resources so that workers only have access to the files they might need.
But that’s not a fool-proof strategy. Because sophisticated criminals still know precisely who to target to get important log-in credentials, the effectiveness of the zero trust approach is waning.
Hackers aren’t having it all their own way. Organisations can use machine learning and artificial intelligence to raise flags when a worker exhibits unusual behaviour – such as when they copy large amounts of data into new folders or log in with the correct credentials from a computer that’s based somewhere they’re known not to be.
Yet, concerns remain about the vulnerability of many industries to a cyber attack. For example, Victoria’s auditor-general raised concern this year that Victoria’s public health system was “highly vulnerable” to a cyber attack.
The auditor-general also directed the state’s water utilities to address security concerns, stating that control systems were “increasingly the target of cyber-attacks worldwide”.
Private companies have not been immune from concerns about cybersecurity either. For example, an Australian property valuation firm reported a cybersecurity incident that resulted in some data being disclosed. And a survey of organisations by Telstra found that four-fifths of Australian respondents had been affected by ransomware.
Considering these challenges, it’s not surprising that the cybersecurity industry can weather most economic storms – only a fool cuts the security budget.
And that’s worth considering if you’re an IT professional looking to further your career. In fact, AustCyber estimates there is a shortage of 2,300 cybersecurity professionals in Australia. And one in three Australian businesses wants to hire people with security skills, according to industry body CompTIA.
Educators have responded to this demand, with courses aimed at mid-career IT professionals wanting to gain cybersecurity credentials. For example, Edith Cowan University offers an online Master of Cyber Security course.