With the Australian job market taking a massive battering over the past few months since COVID-19 hit and the consequent recession, it will be interesting to observe whether the number of people looking to enter the cybersecurity profession will increase in months ahead.
In times of great uncertainty, there will always be a marked shift to professions people believe are more recession resistant. According to April data from Australia’s employment marketplace SEEK, as businesses pivot to virtual and online delivery of goods and services, and many employees work from home, there’s increased demand for cybersecurity specialists to support these transitions.
Almost a half of global businesses encountered at least one cybersecurity scare since shifting to a remote working model during the COVID-19 lockdown, according to our recent survey. The survey also revealed that 50 per cent of respondents would consider making workforce reductions if it meant company data protection and security could be properly funded.
The Australian government just announced this week it will invest $1.35 billion into cybersecurity over the next ten years as part of a new program – the Cyber Enhanced Situational Awareness and Response (CESAR) package – that promises to create 500 jobs. This announcement comes less than two weeks after Prime Minister Scott Morrison revealed a series of state-based cyberattacks on the Australian government, business and critical infrastructure.
Initiatives like this are a promising step forward given cybersecurity in Australia has been plagued by a major skills shortage for so long. But will the rise in awareness of cybersecurity threats and the number of people out of work be enough to lure university students, as well as existing IT professionals, to skill up on cybersecurity?
Now’s the time for organisations to determine how they can match the surge in demand for expertise with the supply of talent in both the short and long term.
Expanding the pool of potential hires
In the wake of the pandemic, where cybersecurity jobs may be physically located is likely to change as more organisations plan to have a much larger percentage of their employees working remotely.
Cybersecurity is a job that lends itself easily to remote work. This is especially true as cybersecurity management platforms increasingly shift to the cloud. There’s not much of a reason for a cybersecurity analyst to reside in the same area as the organisation that hires them.
The truth is, relying on remote workers may prove to be a boon for all concerned as it expands the available pool of cybersecurity job candidates, with many enjoying a lower cost of living in. Some businesses figured this out a long time ago. Now more organisations are preparing to follow suit.
Not every cybersecurity professional, of course, is of equal merit in terms of skills. Cybersecurity professionals that have recently completed online courses may not have as deep an understanding of cybersecurity nuances as some of their more established colleagues.
In fact, competition for experienced cybersecurity professionals is likely to become even more intense. Organisations operating in vertical industries such as the travel sector may not have the financial resources to retain cybersecurity experts, when organisations in other sectors try to woo them away.
Look from within
If acquiring the talent from the outside isn’t viable, then look to developing the skills you need in your current workforce. Employees with waning skills still have the basic skills that can be built on to meet the technical needs.
To retain and motivate your cybersecurity staff, you must have a vested interest in maintaining job satisfaction. While competitive compensation is a must, there are other incremental factors that will ultimately determine job satisfaction.
Cybersecurity professionals want to work for employers committed to continuous cybersecurity education. Provide support and financial incentives that enable them to develop their technical skills and participate in training.
A general organisational culture that promotes and supports strong cybersecurity is also important. There must be commitment from the top. In many cases it’s still treated as a technical problem, handled by technical people, despite the significant impact an attack can have on all aspects of a business.
Demand remains resilient
COVID-19 has highlighted the need for companies to better defend themselves from cyberattacks. Organisations must act now to secure top cybersecurity talent or they risk being left behind in a market that’s long faced skills shortages.
Whatever the future holds for the overall economy, it’s apparent having cybersecurity expertise continues to have its advantages.
Andrew Huntley is the regional director for ANZ and the Pacific Islands for Barracuda Networks.