Australian Cybersecurity Professionals Admit To Escalating Work Pressure
A considerable 64% of cybersecurity professionals in Australia affirm that their current job is more demanding than it was five years ago, as revealed by a recent survey conducted by the worldwide professional association ISACA.
The 2024 State of Cybersecurity report, which encompassed 1,800 cyber professionals globally, highlighted that 85% of local respondents attribute their stress to an increasingly intricate threat environment, in comparison to 81% of respondents worldwide.
Furthermore, the findings of the report include:
- 48% of Australians identified constrained finances as a factor, in contrast to 45% on an international scale.
- 50% acknowledged that deteriorating challenges in recruitment and retention added to their stress, while the figure stood at 45% globally.
- 35% pointed out the lack of priority given to cybersecurity risks, in comparison to 34% worldwide.
On the other hand, amongst the 63% of survey participants in Australia who expressed difficulties in holding onto proficient cyber talent, the primary reason cited was the high levels of stress at work (60%, as opposed to 46% globally).
SEE: Sophos report reveals high levels of burnout in the cybersecurity domain across APAC
Only 35% of Australian respondents identified inadequately trained staff as a significant contributor to work stress, a significantly lower percentage than the 45% seen in other global markets.
Australian cyber experts witnessing an increase in threats compared to a year ago
As many as 29% of Australian respondents reported facing more cyber attacks than the previous year, a percentage slightly better than the global tally of 38%.
The predominant types of attacks reported were:
- Social engineering (19%).
- Third-party incidents (19%).
- Security misconfiguration episodes (14%).
- Disclosures of sensitive data (13%).
- Unpatched system vulnerabilities (13%).
With the surge in threats, a substantial 53% of Australian respondents anticipate a cyberattack on their organization within the upcoming year, exceeding the global average of 47%.
In case of an attack, merely 32% display a high level of confidence in their team’s ability to detect and respond promptly.
Despite the escalating legal implications for cyber teams, there seems to be a lack of awareness regarding insurance coverage, with 57% of Australian respondents uninformed about the cyber insurance policy of their organizations.
Inadequate investment in cyber security and team strength
Gartner has forecasted a surge in IT spending by 2025, primarily driven by investments in cyber and AI. Cyber professionals seem eager for a budget enhancement, especially if it leads to additional cyber personnel.
According to ISACA, Australian cyber professionals believe that budget allocations have failed to match the escalating demands of their organizations and roles amidst worsening cyber threats.
Based on the report, in Australia:
- 47% of participants argued that their cyber departments were inadequately funded. Despite a broader market increase in spending, only 33% anticipate a rise in cyber budgets in the coming year.
- More than half (51%) hold the view that their cyber security teams are understaffed for the current requirements, yet 44% affirm that their organizations have
- Currently there are no available positions for new team members.
- 42% have vacant cybersecurity positions that are not at an entry level, whereas only 14% are offering entry-level roles.
READ MORE: Is it advisable to pay the ransom in case of a ransomware attack?
Organizations give preference to candidates with experience in cybersecurity
Despite the well-documented shortage of cybersecurity skills as reported widely, entering the industry with entry-level qualifications remains tough, as a lot of employers lean towards candidates with a background in cybersecurity or previous IT experience.
As per ISACA’s survey, among employers searching for qualified individuals for available positions, the majority (82%) prioritize previous practical experience, while 36% stress the importance of certifications. However, the preference for experience might be detrimental for the industry in the long run. Globally, the industry is aging, with the highest percentage of survey participants (34%) falling in the 45-54 age group for the first time in a decade.
The report mentioned: “These outcomes, coupled with a lack of increase in the percentage of survey participants aged 34 and below and no rise in the number of respondents managing teams with less than three years of experience, serve as a warning for industry leaders to start planning for potential sudden increases in employee turnover.”
Australian respondents have identified soft skills (47%), particularly communication, critical thinking, and problem-solving, along with cloud computing (38%), as the primary skills gaps in cybersecurity professionals.
A Concerning Lack of Confidence in Cyber Defense
Upon analyzing the results specific to the Oceania region, Jo Stewart-Rattray informed TechRepublic that it is somewhat reassuring to witness fewer reported attacks in Australia compared to the global numbers — but organizations must continue enhancing their alertness.
“Despite the lower number of reported cyber-attacks in Australia, the complexity of each attack is on the rise, demanding increased effort, energy, and intellect from cybersecurity experts,” she mentioned.
“Staying ahead of new technologies and digital threats is a full-time commitment, which certainly explains why cybersecurity professionals in Australia are experiencing heightened job stress,” she added.
Stewart-Rattray emphasized the necessity for continuous education and training to keep abreast with evolving threats.
“The disparity between the expected likelihood of a cyberattack in the upcoming year and the confidence in managing it is worrisome,” she expressed. “Knowledge, readiness, and team collaboration remain pivotal for safeguarding digital security.”
About Author
