SecurityBrief Australia - Technology news for CISOs & cybersecurity decision-makers
Story image
Increasing talent shortage in ANZ cybersecurity market
Thu, 4th Jul 2019
FYI, this story is more than a year old

It's no secret that cybersecurity is becoming an increasingly necessary and prominent component of any business. Furthermore, according to new research from Hays, technical expertise is simply not enough when hiring cybersecurity personnel and businesses should be looking to upskill employees.

In fact, according to the Cyber Security Talent Report from Hays, two of the top five cybersecurity challenges organisations face trace back to the acute cybersecurity talent gap, meaning businesses are experiencing a lack of in-house expertise and difficulty finding the right talent.

The survey also found that 61% of respondents said it is ‘difficult' or ‘very difficult' to recruit cybersecurity talent, while only one-half believe they are ‘capable' or ‘extremely capable' of developing and retaining cybersecurity talent.

Hays Information Technology managing director Adam Shapley says, “The need for cybersecurity professionals is far outpacing the number of qualified candidates and this will only continue to escalate with the increasing sophistication of threats to Australian and New Zealand businesses.

“In a highly competitive market, organisations must also implement strategies to retain and develop their cybersecurity talent if they are to effectively overcome the cybersecurity skills shortage,” Shapley says.

However, this talent shortage can be considered an opportunity, according to Shapley. The difficulty in finding good people for cybersecurity jobs increases the job opportunities for those interested in pursuing a career in the industry, and job seekers do not necessarily need to possess highly technical skills to be successful, Hays states.

When it comes to the employer perspective, Shapley says businesses should be open to finding the right candidate and being willing to upskill them in a particular field.

He says, “Employers realise they need to keep an open mind when writing their selection criteria and reviewing candidates. People with strong soft skills and a background in IT can be upskilled into cybersecurity.

According to the research, 56% of organisations access cybersecurity talent by upskilling existing IT staff.

NEC Australia national manager - security and compliance, Peter Frochtenicht, says in the report that when recruiting talent, he often upskills internal staff.

Frochtenicht says, “I look for someone who is easy to manage, a self-starter that can do the job regardless of any industry certifications. If a person has a ‘can-do' attitude, I know I can work with them and train them up very quickly.

Ministry of Health New Zealand chief security advisor Nick Baty emphasises the point that businesses can look at upskilling people and employees need not look at their lack of technical experience as a barrier.

He says, “A lot of people think you need to have a technical background or an IT degree to work in the cybersecurity field.

“I didn't come from a technical background with formal training, but I gained the skills and knowledge from the intelligent people around me.

In addition to the above, the research made findings around in-house versus outsourcing talent, retention of staff, collaboration between organisations and the importance of management support:

  • 48% said that their organisation's cybersecurity team is insourced, while 40% utilise both insourced and outsourced talent
  • One-half (52% and 54% respectively) of organisations surveyed believe they are ‘capable' or ‘extremely capable' of developing and retaining cybersecurity talent
  • Only 22% of organisations are collaborating with other organisations in industry training or development programmes to assist in overcoming the cybersecurity talent gap
  • 58% believe that support of management to deliver on cybersecurity initiatives is the most important factor when attracting cybersecurity professionals. This is followed by the offering of competitive or industry leading salary and benefits (43%) and the organisation being innovative and using the latest technologies (42%)

In order to conduct this research, Hays surveyed 200 cybersecurity professionals and business leaders who shared their insights. The research is titled ‘the Cyber Security Talent Report'.