Robert Half says the increase in cyber-attacks faced by Australian businesses and organisations are growing, with 64% of Australian chief information officers saying that the number of detected security threats has increased compared with 12 months ago.
According to IT leaders surveyed, the top three cyber-security risks facing their organisations in the next five years are spying/ransomware (49%), data/data integrity (49%), and cyber-crime (46%).
David Jones, senior managing director, Robert Half Asia Pacific, says “the days when IT security was perceived as simply an IT problem are over. In order to successfully confront a proliferating breed of cyber-attackers, companies need a resilient cyber-security strategy that brings together the right mix of technology and people”.
“The most sought after candidates are familiar with new security software and hardware, have an understanding of emerging protection systems and are able to confidently use devices and related applications,” Jones says.
“Cyber-security experts with specialist skills are in high demand but challenging to find. This increased cyber-threat landscape is set to intensify, as 75% of CIOs expect the number of cyber-attacks to increase in the next five years due to a shortage of skilled IT security professionals.
“New technologies raise new security concerns. This trend has resulted in an IT security skills gap since the available expertise has not kept pace with the evolving IT threats,” Jones notes.
According to Jones, as demand for new cyber-specialists entering the IT market outstrips supply, companies are being forced to reconsider their training and retention programmes.
"They are also recruiting from overseas, partnering with educational organisations, and developing flexible hiring strategies that include both permanent and contract specialists, including external risk agencies.”
Jones says that, because cyber-attacks impact the entire business and leave a trail of financial, operational and reputational damages, companies need a “robust and proactive approach to cyber-security to prevent, detect and mitigate these IT risks”.
And, according to the Robert Half research as organisations are confronted with additional security threats, including mobile, application and Big Data analytics security, several areas within cyber-security are experiencing higher demand for specialised skills.
Jones says the survey reveal that whilst CIOs identify cloud security (54%), hacking and penetration testing (38%), and Big Data and data analytics (32%) as the top three technical skills in demand, “these competencies turn out to be amongst the most challenging security skills to find, thereby highlighting the IT security skills gap”.
“Having a robust talent management programme is essential to efficiently manage the IT security skills shortage,” Jones says.
“If companies want to stay abreast of industry developments and successfully tackle IT security issues, they need to assess what areas of expertise are missing in-house and either invest in training programmes for existing IT professionals or hire additional IT security experts.”
And, Jones says that while technical skills are still “must-have” competencies for a specific position, the so-called soft skills have also become substantially more important – with analytical skills and providing insights, as well as strong business acumen and communication skills, developing into highly sought-after skills for an IT security role.
“There is no doubt that highly specialised technical skills are vital, but the ability to clearly articulate cyber-security issues in a language that senior management and non-IT employees understand not only increases security awareness, it also enhances the reputation of the IT department as business partners who add value across the business,” Jones concludes.