Talent shortage starts to bite

Posted on

The roles include IT professionals who have skills in being able to forensically assess and understand whether or not a set of systems have been compromised in the first place. There are also incident responders — people who after a breach or a compromise can go in and actually then fix it, and then try to ensure that same kind of attack can’t happen again to the organisation.

There is also an extreme shortage of people who have cryptographic skill sets, who are able to pick apart and rebuild the way in which a malicious actor has been able to go in and execute complex attacks.

Foreign workers have in the past been a significant source of cyber security professionals. Pre-COVID about half of the gaps in the cyber security workforce were filled by visa holders and the government’s global talent program.

But with borders shut for an extended period, this source of talent is about two years behind where it would have been, Price says. And while borders are reopening, it’s unlikely to be a silver bullet, because there is a global shortage of cyber security workers. One estimate puts the shortage at 1.5 million people, growing at about 250,000 a year.

Price says the main challenge for Australia is having an adequate pipeline of cyber professionals.

“Pipeline takes time. The country has only had formalised education on cyber security at a national level for the past five years so, of course, it takes time to see those graduates come through. Part of how we’ve been able to close the gap, and we’ll get closer to closing the gap, is around, in particular, the movement that’s been made in the vet system,” she says.

AustCyber has partnered with the TAFE system to produce the TAFEcyber courses, a consortium of TAFEs around the country which provides cyber security level all the way up to advanced diploma level.

Schools are also teaching IT skills and cyber security, and producing students who are ready to go into the workforce and learn new skills.

“What they would be able to do, though, is go in at an entry level within a cyber security company and get upfield very quickly as opposed to coming into a cyber security company and starting completely green and needing to go off to TAFE or needing to go off to university for that employer to be able to upskill them quickly.”

It is also working with the university system, but that is slower to respond because changing and accrediting courses can take a few years,” Price says.

The COVID-19 pandemic caused many more companies accelerate their digital transformation plans and many more staff are working from home, which has increased organisations’ vulnerability to cyberattacks, which has exacerbated the shortages.

The number of cyber security roles in the economy has increased by 49 per cent in 2021 compared with the year before, according to Mercer’s 2021 Total Remuneration Survey. For roles such as cyber security incident response analysts, starting salary rates for experienced professionals increased by 11 per cent year-on-year.

“Similar to what we experienced in 2020, organisations are having to rely heavily on their digital user experience, and by default their own technological infrastructure,” says Chi Tran, head of market insights and data at Mercer’s workforce consulting practice.

“It’s for this reason that we’re seeing the demand for skilled and experienced cyber security professionals far outweigh supply, particularly with ongoing border restrictions continuing to impact the flow of skilled talent into Australia.”

Helen Souness, chief executive of RMIT Online, says that staying on top of cyber security involves continuous learning.

“Cyber moves every few months. The challenges grow in shape and change, so it’s a very dynamic area. No one who was educated two years ago knows the latest techniques,” she says.

Souness says there is growing interested in RMIT Online’s cyber security courses, but that alone won’t alleviate demand for cyber security professionals.

“There is a massive shortage now and it’s looking likely to only get worse. So I’m not putting through thousands — I’m putting through tens and hundreds myself. And the whole sector only graduates about less than 4000 ICT graduates a year. It’s not going to touch it, and they’re not even cyber specialists,” she says.

“There is a tech talent war on in every aspect of tech and we’re all just stealing tech people from each other at the moment. The only way to resolve this is to really invest in growing the number of people into this space, not just upgrading skills but also new people into tech is the thing to do.”

Souness notes that the number of women in ICT has actually declined since the 1980s and addressing this will also help alleviate the shortage.

“We’ve got some brilliant data scientists and developers that are female, but for some reason girls get put off this profession. We need the talent pool to be as big as possible, so that’s a real problem,” she says.

Souness says that in previous digital roles at companies including Seek and Envato, she has hired 18 year-olds straight out of school, who have been teaching themselves to code since they were young teenagers.

“No one needs a degree if you can pass a great coding test. But there’s not nearly enough of them either,” she says.

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *