Advertisement

‘Woefully short’: Dearth of cyber security specialists leaves Australians vulnerable

The hacks of Optus and Medibank exposed millions of Australian's private information.

The hacks of Optus and Medibank exposed millions of Australian's private information. Photo: Getty

Australians risk having their private data hacked from companies amid a shortage of cyber security workers, a report has warned.

Figures published by security firm StickmanCyber reveal Australia has just 11,300 cyber security workers spread across hundreds of thousands of businesses.

That’s just one specialist for every seven companies nationwide.

There is a much larger pool of 127,000 people working in IT roles, but less than 10 per cent are security specialists, which the report warns are what’s needed to prevent hackers from getting in.

The roles in severe shortage include cyber security architects, analysts, co-ordinators, engineers and penetration testers.

‘Worrying shortage’

“There is a worrying shortage of technical cyber security skills and very few Australians are in dedicated cyber security roles,” StickmanCyber chief executive Ajay Unni said.

“Our estimate of 10,000 technical cyber security pros is woefully short of what’s needed to combat modern cyber security threats.”

The warning comes as Australia experiences a sharp uptick in corporate hacks that have left millions of Australians more vulnerable to scams and other financial fraud in recent years.

That’s because hackers often sell personal data to scammers to help them make schemes more convincing to unsuspecting Australians.

Almost 500 data breaches hit companies last year, according to official data, a rise of almost 20 per cent.

That includes the high-profile theft of millions’ personal information – including sensitive medical and passport data – from large firms like Optus and Medibank.

Lacking specialist knowledge

Unni said companies aren’t well equipped to deal with the threats.

“Too much of the cyber security burden is falling to IT teams and professionals with a broad knowledge of IT, who lack specialised cyber security expertise,” he said.

“Companies cannot realistically expect their IT guy, who handles email complaints and forgotten passwords most of the day, to protect them from sophisticated ransomware groups.”

The Albanese government has recognised workforce issues are a key part of Australia’s cyber security vulnerabilities in the past year too.

Training begins

Clare O’Neil, who until recently was serving as Home Affairs and Cyber Security Minister, has overseen public investment in training workers under a 2030 strategy mapped out by the government.

“Our cyber security workforce has never been more important,” O’Neil said in July.

“In fact, cyber security is one of our fastest-growing industries, providing so many new and exciting opportunities for young talent.

“But we need to encourage more people to consider a career in cyber security.”

The StickmanCyber report also found that very few cyber security workers in Australia are female (just 16 per cent), while the majority are also migrant workers.

Unni said that highlights the role workers from India, England, New Zealand and China play in helping companies stay protected.

“Migrants with technical skills are filling a lot of technical roles, but Australia needs to incentivise young people and students to pursue a career in cyber,” he said.

“Companies also need to improve working conditions and reduce burnout to ensure that people stay in the field.

“This is how it fills the gap long term.”

Advertisement
Stay informed, daily
A FREE subscription to The New Daily arrives every morning and evening.
The New Daily is a trusted source of national news and information and is provided free for all Australians. Read our editorial charter.
Copyright © 2024 The New Daily.
All rights reserved.