Key Takeaways

• Australia currently has a shortage of 2,000 cyber security professionals and the country's cyber security skills shortage is projected to reach around 18,000 by 2026.

• RMIT’s cybersecurity master degree course emerged with the broadest range of soft skills among the cybersecurity courses offered in the Australian market.

• Asia Pacific (APAC) has the highest cybersecurity skills gap, with a need for more than 2 million cybersecurity professionals compared to North America (376,000) and Europe (168,000).

Introduction

Demand for Cybersecurity Training/Courses in Australia

(i) Skills Shortage

• Australia currently has a shortage of 2,000 cyber security professionals.
• According to the Australian Cyber Security Growth Network, the country's cyber security skills shortage is projected to reach around 18,000 by 2026.
• This skills shortage has driven the wage expectations in the industry, causing the average salary to shift from a $75k starting salary to $120k. 
• Research conducted by ZDNet in the APAC region shows that "Australia had the highest proportion of employees using digital skills today, at 64%, followed by Singapore at 63% and South Korea at 62%. Japan weighed in at 58%, compared to Indonesia's 19% and India at 12%."
• To build on the 2020 Job-ready Graduates Packages in the country, the Australian Government this year committed "$43.8 million for the Expansion of Cyber Security Skills Partnership Innovation Fund to fund additional innovative projects to quickly improve the quality and quantity of cyber security professionals in Australia." In 2020, the government provided $26.5 million for the same program.
• A DDLS survey conducted on the Australian digital skills market found that despite the government's efforts in the expansion of the cybersecurity market, organizations are not committing their resources towards this space. The training priorities in Australian organizations showed the most in-demand training areas for organizations as "IT infrastructure and networks (21%), cloud computing and virtualisation (17%), and ITIL and dev-ops (16%)." 
• Some industry reports analyzing the Australian cybersecurity space can be found here and here.

(ii) Existing Courses

• According to an analysis of Australia’s eight cybersecurity master degrees, which was presented at the country's IEEE EduCon conference, RMIT’s course emerged with the broadest range of soft skills. 
• The table below provides a visual summary of the results of the analysis

 

Source

 

• The analysis pointed out one outstanding benefit of RMIT's offering, which is the design of the course, covering 10 out of the 11 soft skills required by employers.
• According to RMIT School of Science cybersecurity expert Joanne Hall, "Failure to emphasize the right skills in cybersecurity courses could pose a risk to national security. Those who don’t listen risk producing the next generation of cybersecurity experts with weak non-technical skills, as well as a low opinion of the importance of non-technical skills, when in fact they are critical in doing this job well."

Demand for Cybersecurity Training/Courses in the Pacific region

(i) Skills Gap

• Research conducted by the International Information System Security Certification Consortium (ISC)² indicates that Asia Pacific (APAC) has the highest cybersecurity skills gap, with a need for more than 2 million cybersecurity professionals compared to North America (376,000) and Europe (168,000).
• This is despite the gap reducing by 500,000 in 2021 for the APAC region alone out of an increase in the number of cybersecurity professionals worldwide of 700,000. According to the study, there are 4.19 million cybersecurity professionals in the world currently.
• The image below shows the 2020 global gap in the cybersecurity workforce per region. APAC has the biggest cybersecurity professionals gap, accounting for 66% of the total shortage.

 

Source

 

(ii) Skills Training

• The results of the 2020 (ISC)² Cybersecurity Workforce Study based on data collected data from 3,790 security professionals across North America, Europe, Latin America (LATAM), and the Asia-Pacific region (APAC) show that cybersecurity professionals are paid an average salary of $56,000 in APAC compared to $112,000 in North America with those holding security certifications earning more.
• A full 49% of the surveyed respondents indicate that their employers require vendor-specific cybersecurity certifications such as Cisco and Microsoft, while 47% stated that they require vendor-neutral cybersecurity certifications, such as CISSP and CISM.
• Only 40% of respondents from APAC reported a high level of organizational support, with their exams fully paid for by their employers, along with 39% of related courses, compared to 50% in Europe.
• According to research conducted by Amazon Web Services (AWS), which surveyed 3,196 digital workers across six Asia-Pacific markets including South Korea, Australia, India, Indonesia, and Japan, 666 million — 819 million workers in APAC will use digital skills by 2025, an increase from the current 149 million.
• This translates to a requirement of "5.7 billion digital skill trainings over the next five years to ensure the average worker acquired capabilities needed to keep pace with technological advancements."
• Digital security and cyber forensics tools, software, and techniques is among the top 10 digital skills with the fastest growing demand by 2025 in APAC, with a projected compound annual growth rate of 30.7% in number of workers requiring the skill between 2020-2025.

• The graph below provides a visual summary of the digital skills required.

 

Source

 

(iii) The Skills Challenge

• Examples of companies working to bridge the skills gap in the APAC market include Cisco Networking Academy and Sophos. 
• According to research conducted by Sophos: The Future of Cybersecurity in Asia Pacific and Japan, 67% of companies in Asia Pacific and Japan are struggling with staying up to date with their cybersecurity environment, with in-house skills being an important consideration in helping them tackle this issue.
• A full 59% of companies agreed that their company’s "lack of cybersecurity skills is challenging for their organization", a marginal 3% decrease from 2019 where 62% agreed.
• The figure below provides a visual representation of this finding.

 

Source

 

• According to the research company, "Many organizations are looking to third parties to help plug the gaps in skills shortages. Unlike 2019 where the majority of organizations kept most capabilities in-house across all facets of cybersecurity strategy and management, our research data showed a consistent trend of companies moving away from this to either a fully outsourced or blended (i.e. a mixture of in-house and third party) model. This trend shows clearly from 2019 to 2021 as well as in our respondents’ 2023 plans."

Research Strategy