A shortage of IT security professionals could exacerbate the cybersecurity threats currently facing Australian companies, according to a report by specialist recruiter Robert Half.
The report, Cyber-security – Defending your future, reveals that cyberattacks on Australian enterprises are growing, with 64 per cent of Australian CIOs stating the number of detected security threats has increased compared with 12 months ago.
Australian CIOs are also predicting that the top three cybersecurity risks facing organisations in the next five years are spying/ransomware (cited by 49 per cent), data abuse/data integrity (49 per cent) and cybercrime (46 per cent).
The heightened prioritisation of security is resulting in demand for IT security professionals, with 22 per cent of Australian CIOs indicating they will be adding new permanent IT security professionals to their team in the next 12 months. Over one in 10 (16 per cent) state that they are planning to hire IT professionals for newly added contract positions within their team.
“The most sought after candidates are familiar with new security software and hardware, have an understanding of emerging protection systems and are able to confidently use devices and related applications,” said David Jones, senior managing director, Robert Half Asia Pacific.
However, while the demand is certainly building for IT security professionals, the supply is not.
“As demand for new cyber-specialists entering the IT market outstrips supply, companies are being forced to reconsider their training and retention programs. They are also recruiting from overseas, partnering with educational organisations, and developing flexible hiring strategies that include both permanent and contract specialists, including external risk agencies,” said Jones.
Demand is also emerging for several specialised areas within cybersecurity. While CIOs identify cloud security (54 per cent), hacking and penetration testing (38 per cent), and big data and data analytics (32 per cent) as the most sought-after technical skills, they are also the most challenging security skills to find.
“Having a robust talent management program is essential to efficiently manage the IT security skills shortage. If companies want to stay abreast of industry developments and successfully tackle IT security issues, they need to assess what areas of expertise are missing in-house and either invest in training programs for existing IT professionals or hire additional IT security experts,” Jones said.
And though security might be a technically demanding area, ‘soft skills’ such as analytical ability, communication skills and business acumen are also must-haves, according to Jones.
“There is no doubt that highly specialised technical skills are vital, but the ability to clearly articulate cyber-security issues in a language that senior management and non-IT employees understand not only increases security awareness, it also enhances the reputation of the IT department as business partners who add value across the business.”