A recent survey conducted by ISACA shed light on the increasing stress levels faced by cybersecurity professionals in Australia. The report revealed that 64% of respondents believe their roles have become more stressful over the past five years, slightly higher than the global average.
The survey, which gathered insights from over 1,800 cybersecurity experts worldwide, identified various factors contributing to this heightened stress. A significant 85% of Australian professionals cited the increasingly complex threat environment as the primary stressor. Additionally, 48% pointed to inadequate budgets, while 50% identified issues related to hiring and retention as significant contributors to their stress levels. Notably, 35% of Australian respondents mentioned a lack of focus on prioritizing cybersecurity risks, slightly higher than the global average of 34%.
Concerns regarding training and skills gap were also highlighted in the report. Globally, 45% of cybersecurity professionals reported issues with insufficiently trained staff. However, in Australia, this figure was somewhat lower at 37%. Despite this relatively better statistic, the skills gap remains a pressing concern for the industry.
Cyberattacks continue to pose a threat to organizations, with 29% of Australian organizations reporting an uptick in attacks, slightly less than the global average of 38%. Social engineering and third-party breaches were the most frequently cited types of attacks, each noted by 19% of respondents. Other significant concerns included security misconfigurations and the exposure of sensitive data.
Interestingly, 53% of Australian professionals expect to encounter a cyberattack in the next year, surpassing the global average of 47%. However, confidence in their organizations’ ability to detect and respond to such threats is low, with only 32% expressing a high degree of assurance. Additionally, 57% of respondents were unaware of their organization’s cyber insurance status.
Jo Stewart-Rattray, ISACA’s Oceania Ambassador, highlighted the need for continued vigilance in the face of increasing cyber threats. She emphasized the importance of staying alert despite a decrease in reported cybersecurity incidents in Australia.
Budget and staffing issues were also prominent in the survey findings. Approximately 47% of respondents reported that their cybersecurity budgets are underfunded, with only a third expecting an increase in the coming year. In terms of personnel, 51% of organizations indicated that their teams are understaffed.
Employers are increasingly prioritizing candidates with hands-on experience and relevant credentials to address the skills gap. However, high-stress levels, insufficient financial incentives, and competitive recruitment from other companies were identified as primary factors hindering the retention of qualified candidates.
Jon Brandt from ISACA suggested that employers need to focus on managing the occupational stress experienced by their cybersecurity professionals to retain talent effectively. Mike Mellor from Adobe stressed the importance of securing authentication methods to fortify organizational defenses against social engineering attacks.
In conclusion, the survey highlights the significant challenges faced by cybersecurity professionals in Australia and underscores the need for organizations to address stress, budget, staffing, and skills gap issues to enhance cybersecurity resilience in the face of evolving threats.