According to AustCyber’s Cyber Security Sector Competitiveness Plan, Australia will need more than 27,000 cybersecurity professionals by 2026.
Addressing this gap has become markedly urgent in recent years as Australia falls victim to a growing number of serious cyberattacks.
Today, Grok Academy – a not-for profit charity advancing computer education, along with Government and Industry Partners – has announced it is rolling out a multi-million-dollar CyberSTEP (Secondary to Tertiary Education Partnerships) national program to help tackle this issue.
CyberSTEPs will provide Australian schools and tertiary students with an awareness of career opportunities in cyber security, and the chance to develop fundamental skills that prepare them for success in technical cyber security roles across multiple industries.
Coinciding with the launching of the program, Grok Academy and its partners ANZ, AWS, BT, CBA, Fifth Domain, NAB, Westpac and Representatives from the Australian Signals Directorate and the Department of Industry, Science, Energy and Resource, are holding a virtual Cyber Security Challenge, called Cyber Live, involving a simulated Mass Infrastructure Attack (MIA).
The Cyber Live challenge will see thousands of Australian students take part in solving a simulated yet realistic cyberattack on a navy vessel and the kidnapping of military personnel.
Dr. James Curran is the CEO of Grok Academy, and one of the original authors of the Australian Curriculum: Digital Technologies. He says the challenge will hopefully inspire kids to consider studying and working in the Cyber Security industry.
“In Cyber Live’s simulated environment, students will practice skills in cracking encrypted messages, sleuthing information from social media, and using it to guess passwords and compromise accounts,” Dr Curran told The Educator.
“Like all Grok activities, we encourage teachers to complete Cyber Live themselves. Teachers also have access to teacher notes, solutions, and lesson plans for each Grok activity, so they can teach cyber security confidently and effectively.”
The three distinct cyberthreats facing schools
Phil Rodrigues, Head of Security APJ Commercial, AWS, says there are three distinct cyberthreats impacting organisations’ security posture: visibility gaps, technology fragmentation and the shortage of cybersecurity talent.
“Visibility gaps and technology fragmentation have been made worse in remote work and learning environments," Rodrigues told The Educator.
"With a greater blend of consumer technologies – for example, personal laptops being used for work tasks in organisations that didn’t already have virtual desktop infrastructure – there are more devices connected outside the traditional network boundary."
As a result, says Rodrigues, organisations need to decide how to handle the access to data from a wider range of devices and locations, and ensure their staff and students know how to recognise security risks.
“The shortage of cyber security talent is another persistent, and troublesome challenge. According to independent research from AlphaBeta, commissioned by AWS, cloud computing and cybersecurity skills are among the top five most in demand skills for Australian workers," he said.
"At a global level, more than three million cybersecurity jobs remained unfilled in 2021, according to McKinsey. While areas like AI and machine learning are helping to analyse cyberthreats, those technologies are only a supplement to the essential work of security analysts and cyber security specialists."
Rodrigues said building the cybersecurity and STEM skills and awareness in school-aged children, many of whom are already digitally savvy, sets them up to become highly skilled, cloud-native participants in the future workforce.
"Principals can lean into the existing digital curriculums, encourage students to participate in programs like Cyber Live, and take the time to speak directly with students and staff about the importance of online safety," he said.
"Doing so will help spread the culture we need, where everyone is aware of and can take action on cybersecurity.”
- 92% of Australian and New Zealand CISO’s report the pandemic has increased the need for security and awareness training within their organisation [Research from advisory firm ADAPT]
- 44% reported the depth of their in-house security skills is good but could be better, with an additional 39% reporting in-house skills are ‘poor’ or ‘OK’.
- 81% of CISO’s and Security Leaders report legacy systems and processes are the biggest technical inhibitors to implementing security initiatives within their organisation – making the move to the cloud a vital component of a robust security strategy.
Dr Curran said that moving forward, greater support from principals will be essential in helping to upskill young people with the cyberskills that matter.
"They prioritise time, resources, and what is taught in their school," he said.
"If principals emphasise cyber security skills, and digital technologies more broadly, they will empower their teachers to develop these skills and dispositions in themselves and their students.”