Australia’s cyber security industry is “too small, too male, and propped up by overseas nationals,” according to new research by MSSP StickmanCyber. The research also claims this represents a massive opportunity for the channel.
The report is drawn from an analysis of the Australian census and labor force data from 1997-2024. It found:
- There are only 11,387 cybersecurity workers in the entire country in vital roles such as penetration tester, cyber security engineer, cyber security analyst, and cyber governance risk and compliance specialist.
- Only 3% of all Australian ICT professionals are currently in specialized cyber security positions. There is just one cyber security professional for every 240 Australian businesses.
- 51% of cyber security professionals were born outside of Australia.
- Only 16% of Australian cyber security professionals are women and just one in 20 pen testers or cyber security architects are women (5%).
This shortage means that Australia is constantly playing “catch-up,” and this is making a strategic response that will address the issues difficult, according to StickmanCyber CEO Ajay Unni.
“There are too many agencies at the federal and state level, including a new national coordinator,” he said. “This is positive in some ways, but I am not sure if there is a coordinated effort by government agencies to encourage cyber skills development at grassroots levels. There is also the extra challenge of growing these skills in rural and other remote areas.”
Over the long-term future, Australia will need to build stronger pathways to cyber security careers and especially focus on finding a way to better engage women. However, in the shorter term, Unni said that this deepening security crisis is a larger opportunity for the channel than many had realized.
“Cybersecurity is a multi-disciplinary function with skills needed in governance, risk, compliance, awareness and training, phishing simulations, penetration testing, strategy… and the list can go on,” Unni said. “How can mid-market companies have all these skills built and managed to be effective and competitive? They need to partner with a good provider who can scale up and down based on their business goals while they focus on their business.”
StickmanCyber’s reports and claims that the channel is benefitting from a lack of cyber security skills are echoed by the movements across much of the market, with many MSPs pivoting to focus on cyber security skills, and in the absence of being able to recruit organically, making acquisitions to bolster capabilities in the space.
Read more about how the channel is experiencing growth through M&A in the APAC region.