Story image

Australia's cybersecurity is 'undermined' by skills shortage

04 Oct 17

Cybersecurity is being undermined by the ongoing skills shortage and Australia will need at least 11,000 new security employees to keep pace with emerging threats.

However, employees are worried that their jobs may be on the line of a data breach occurs, according to research from identity services provider Centrify.

The company conducted a study that found 62% of Australian IT practitioners fear they would lose their jobs if a data breach occurs.

68% of respondents also believe their organisation does not have the proper ‘prevent, detect and resolve’ approach to data breaches.

Centrify says that organisations have traditionally relied on a well-defined boundary to protect assets, but these boundaries now have changing perimeters, or no perimeters at all.

“In order to avoid financial and reputational ruin, organizations must now rethink their approach to security. Moving beyond a static perimeter-based approach to one that protects the millions of scattered connections in what is now a boundaryless hybrid enterprise world,” the company says.

Tellingly, 40% of respondents say they have experienced a data breach involving sensitive information in the last two years.

According to Verizon, 80% of data breaches are the result of compromised credentials, which means organisations must address specific vulnerabilities to address the problem.

Forrester research shows that organisations with high cybersecurity maturity are 50% less likely to suffer a breach, which can translate to a $5 million reduction in breach costs and a 40% saving in security costs than their less mature counterparts.

According to Centrify’s senior director of APAC sales, Niall King, organisations need to bring more employees on board who know how to deal with cyber threat prevention.

 “With a shortage of candidates, cybersecurity technology must take up the slack. Organisations must take a smarter approach to their security needs, implementing tools that are more efficient, consolidating vendors and platforms, and empowering their IT departments. Now more than ever, cybersecurity requires C-suite involvement to ensure its IT department has the right tools to succeed rather than being left in the hot seat to take the fall,” he explains.

According to advocacy group ISACA, there will be a global shortage of more than two million cybersecurity professionals by 2019.

Additional research from Vanson Bourne found that 82% of IT decision makers report a lack of cybersecurity skills in their organisation, and a third believe that skills shortage contributes to their vulnerabilities as prime hacking targets.

What MSPs can learn from Datto’s Channel Ransomware Report
While there have been less high profile attacks making the headlines, the frequency of attacks is, in fact, increasing.
Cisco expands security capabilities of SD­-WAN portfolio
Until now, SD-­WAN solutions have forced IT to choose between application experience or security.
AlgoSec delivers native security management for Azure Firewall
AlgoSec’s new solution will allow a central management capability for Azure Firewall, Microsoft's new cloud-native firewall-as-a-service.
How to configure your firewall for maximum effectiveness
ManageEngine offers some firewall best practices that can help security admins handle the conundrum of speed vs security.
Exclusive: Why Australian enterprises are prime targets for malware attacks
"Only 14% of Australian organisations are continuously training employees to spot cyber attacks."
Exclusive: Why botnets will swarm IoT devices
“What if these nodes were able to make autonomous decisions with minimal supervision, use their collective intelligence to solve problems?”
Bitdefender announces security integration with Kaseya
The new partnership will allow VSA by Kaseya’s cloud and on-premises users to deploy and manage security with Bitdefender Cloud Security for MSPs.
Why you should leverage a next-gen firewall platform
Through full lifecycle-based threat detection and prevention, organisations are able to manage the entire threat lifecycle without adding additional solutions.