Skills shortage poses risk to government’s cyber strategy

Skills shortage poses risk to government’s cyber strategy

According to a report by digital learning group Skillsoft, which is listed in New York, IT professionals in the Asia Pacific region had the biggest increase in pay – 10 per cent – in 2021, compared with any other region in the world.

It also found cyber security and risk management jobs were the highest paid within organisations after the executive suite.

The Department of Home Affairs said: “Sworn police investigators will be required for more than 60 of these new positions.”

They will be a mix of police investigators, intelligence analysts, technical specialists, liaison officers and support staff.

“Positions have been filled over the past 12 months through a mix of internal and external recruitment, with additional recruitment to continue into next year,” the department said.

The department also said Australia’s Cyber Security Strategy 2020 is underpinning by $70.3 million invested in a Cyber Skills Partnerships Innovations Fund, aimed at encouraging “businesses and academia to partner together to find innovative new ways to improve cyber security skills”.

Brett Winterford, senior cyber security strategist at Okta, said while there has been industry consultation, there are concerns at the volume of cyber security-related legislation being put forward by the government.

“A lot of organisations are struggling to keep on top of it, particularly as Australia is only one territory among many. Australia’s definitely moving in a lot of directions at the same time at the moment,” he said.

However, he noted industry consultation on the ransomware action plan was incredibly important because it hit everyday organisations.

The plan includes potential legislation which would require businesses to report to the ACSC – confidentially – if they’ve been hit by ransomware, as well as criminal offences for those targeting critical infrastructure.

“If the intent of the bill is purely to provide law enforcement and the intelligence services with the visibility they need to go out and disrupt these actors, then I’m all for it,” Mr Winterford said.

“If it’s step one in a broader plan that kind of limits the choices available to an entity that’s under attack, then I’m less enthusiastic because I guess there are some really complex equities involved when you’re handling a ransomware incident.”

Mark Goudie, APJ Services Director at CrowdStrike, said the industry needed more detail from government on the proposed legislation, but that it is good the issue of ransomware is being considered.

“The thing that is very common with the views of ransomware is it is just so damn complicated with the trade-offs of pay or not pay, the trade-offs of reporting particular levels. The cut and dried answers are very difficult and very hard to come by,” he said.

“In this world, I think the only thing that we can say is that there are techniques, there are tools there are capabilities to prevent ransomware and whilst legislation if it can promote the visibility of the threat, I think the other thing we would really like to see is that there’s also the promotion of the capabilities to stop ransoms from coming in the first place.”

Read More

How useful was this post?

Click on a star to rate it!

Average rating 0 / 5. Vote count: 0

No votes so far! Be the first to rate this post.

We are sorry that this post was not useful for you!

Let us improve this post!

Tell us how we can improve this post?

About the Author

Leave a Reply

Your email address will not be published. Required fields are marked *

You may also like these posts