Australia is known for many things. Kangaroos, Vegemite, Paul Hogan’s famous ‘Shrimp on the barbie’ line, and now unfortunately for us, we’re the data breach capital of the world.
Following a series of unfortunate events in the past three months, Australia has been set on an unprecedented path where on a global scale we have the highest data breach density. If you asked any cybersecurity leader if they ever saw it coming, the answer would have been surely not. And yet, here we are. Where did it all go wrong? How did we become that guy?
What we do know is that attacks are occurring more frequently and are growing in sophistication daily. Cybersecurity is a hot topic for every industry in Australia, and in 2023 the war with hackers to protect the sensitive data of everyday Australians will rage on.
Now you may be thinking, Luke, you work for a cybersecurity specialist company, isn’t this good for business? The answer is, yes probably. Just one problem, organisations having a cybersecurity solution in play is all good and well, but without having the talent and skills to best use it, very often they’ll still fall short. The latest KMPG Global Tech Report 2022 has revealed 46% of Aussie respondents are citing lack of talent as their biggest challenge now.
In fact, recent research study from AustCyber highlighted that Australia’s IT sector needs 16,600 more cybersecurity workers by 2026. That was pre-pandemic, it’s estimated that the number is now double that. History will repeat itself in 2023, and with the talent shortage surging, we must empower job seekers, career changers and new up-and-comers to slot into the industry faster than ever, as they are the new era of critical workers.
Finding talent in the most unusual of places
I recently found myself in my local JB-HI-FI needing a replacement for my phone. I went in expecting the process to be time-consuming. Much to my surprise I was met with great service and was in and out within 15 minutes. It got me thinking. In that exchange with the retail staff, they displayed tenacity, had high energy and solved the problem I was having.
In the new year, Aussie organisations looking for talent need to look far beyond what’s on paper and consider the foundational skills Australians have learnt in retail, hospitality or other customer-service-based industry, that can set them up for a career in cybersecurity.
The ins and out of cybersecurity can be taught, what’s much harder to ingrain in talent is being forward-thinking and knowing how to pivot quickly. Right now, the group of people who know how to do that well, aren’t encouraged to enter the industry because of a misconception that they need a long list of experience and education to join the field.
Between 2020 and 2021 advertised cybersecurity roles in Australia jumped by 50% (from 14,000 to 21,000) reveals AustCyber, so it’s clear demand is high. There are opportunities that span from sales and business development to law and public policy, that are recruiting.
It’s a male-dominated field
Women account for just 27% of Australia’s cyber security workforce, which is much lower than the number of women working in the information, media and telecom sector at 38.8%. Males have historically dominated the field, and the mysterious hooded man continuously depicted as a hacker in the media continues to enforce the narrative that cyber is gendered.
As an industry, we should strive for greater inclusivity and efforts to break down the barriers discouraging women from entering. Having a proportionate representation of women in cybersecurity can go a long way to support closing the gap in the demand for skilled workers.
Cybersecurity is one of the most critical and most-profitable sectors of the digital age, and ostracism, conscious or not of approximately 50% of our workforce is not good enough. There needs to be a more creative approach to support women not only to get into the field but to support them throughout their journey to ensure their talents can be retained.
Leveraging automation to improve workflow
A recent study from Trellix titled ‘XDR: Redefining the future of cybersecurity’ surveyed over 1,000 Australian cybersecurity professionals, unveiling that Aussie businesses are facing 55+ cybersecurity incidents per day. Cybersecurity teams are feeling the pressure with 60% admitting that security threats are evolving so rapidly they’re struggling to keep up.
With less staff to share a workload, XDR can support SecOps teams to maintain an advanced level of threat detection and streamline operations with increased intelligence. Adoption of XDR enables enterprises to take their security to the next level, and benefit from a holistic view of threats. With this increased visibility comes greater insight for machine learning to automate repetitive tasks affording teams time to innovate and thus increasing productivity.
2022 isn’t even over yet, and the list of Aussie data breaches is rising, and we can’t expect any favours from hackers in 2023. In the new year, forecasts from the Trellix Advanced Research Centre noted an increase in weaponised attacks across business communications services, like Microsoft Teams and Slack. Not to mention, the anticipation of a significant rise in advanced cyber actors causing disruptions to critical infrastructure in vulnerable targets.
Ultimately, the cybersecurity industry needs to be more creative in bridging the demand for skilled cybersecurity workers to be ready in the face of a rapidly evolving threat landscape. Cybersecurity does not fit only one type of worker but rather can benefit from the expertise of people from all walks of life. Let’s attract them to an industry that badly needs them.
Luke Power is the Managing Director, ANZ at Trellix.
