The skills shortage in the cyber security sector is more severe than initially estimated in Australia and costing the nation’s economy according to AustCyber’s Australia’s Cyber Security Sector Competitiveness Plan 2019 update.
The report found that Australia could need up to 17,000 additional cyber security professionals by 2026. “The workforce shortfall has significant economic consequences. In 2017, the domestic cyber security sector is estimated to have forfeited up to $405 million in revenue, which companies could have generated if they had been able to find enough cyber security workers to fill existing vacancies,” the report found.
On the positive side is investment from educational providers, with approximately half of all universities in Australia offering cyber security as a specific degree or as a major in IT or computer science degrees. There has also been an increased emphasis from the vocational and training sectors in cyber security.
“Together, these new cyber-specific degrees, certificates and diploma level courses will have a strong positive impact on Australia’s future cyber security workforce. It is expected that the number of cyber graduates could quadruple from around 500 per year in 2017 to about 2,000 a year in 2026, based on the current course offerings by cyber security education providers,” said the report.
However, this still leaves a significant shortfall of workers in the medium-term.
Australia could be world-leading in cyber security if sought to match the performance of global leaders such as the US and Israel, which would result in the cyber workforce expanding to almost 60,000 with industry revenue of $11 billion in 2026.
“The performance of leading countries globally in cyber security sector development shows that, if aspiring to global leadership in cyber, Australia could target a much larger sector and workforce by 2026,” said the report.
Other important points in the report include the finding that many local companies are not harnessing their full export potential and that Australia can compete most effectively in software (in areas of distinctive research capability) and services (in the protection stack and underlying processes).
There is a lot of opportunity internally given $3.9 billion was spent in external cyber security in 2018.
Some of the challenges to achieve the world-leading status include a lack of coordinated focus in research and commercialization. According to the AustCyber report, Australia’s public spending on cyber security R&D and efforts to foster research collaborations between universities and businesses lack focus and lag other leading cyber nations such as the US and Israel.
“There are also signs that Australian cyber security startups face greater difficulty to commercialise innovative ideas than their global peers, due to a lack of early-stage venture capital,” it found.
Along with AustCyber’s Australia’s Cyber Security Sector Competitiveness Plan 2019 update the Australian Cyber Security Industry Roadmap to enable growth opportunities for the country. The roadmap brings together the expertise and networks of CSIRO Futures and AustCyber to identify a common vision and map out the road to success in the cyber security sector.
A second document also accompanies the plan and roadmap, CISO Lens Benchmark 2019, aiming to facilitate evidence-based decision making around strategy and resource allocation and is founded on benchmarking completed by CISO Lens founder, James Turner, who worked with cyber security executives to assess how their organisations respond to cyber risks.