Data Breaches Spark Hiring Demand
Posted on October 15, 2017
A spate of high-profile data breaches in Australia and overseas is fuelling strong demand for cyber security experts, with hiring specialists predicting record growth ahead.
Local businesses are increasingly security-conscious in the wake of major incidents, such as the leaking of personal data of 550,000 blood donors from the Red Cross Blood Service and the Census website outage.
Earlier this year, the WannaCry and Petya ransomware attacks had the most impact in Europe and the Ukraine.
Australia’s forthcoming mandatory data breach notification regime, which will take effect from early 2018, is also driving demand.
Vulnerability for business is at an all time high
According to the 2017 Harvey Nash/KPMG CIO Survey, the world’s largest survey of IT leadership, cyber security vulnerability is at an all-time high. Surprisingly, 31 per cent of Australian IT leaders reported that their organisation has been subject to a major cyberattack in the past 24 months—a 107 per cent increase from 2014.
A further 23 per cent say they are “very well’’ prepared to respond to these attacks, down from 29 per cent in 2016. The biggest jump in threats comes from insider attacks, increasing from 30 per cent to 54 per cent over the last year.
Amee Karat, cyber security senior consultant at recruitment specialist Davidson Technology, says a lack of true cyber security experts is proving a challenge for the market.
“A lot of clients are finding that they are having to balance between vendors, so they will outsource a lot of the security, but they will also have subject matter experts who can hold the vendors accountable internally,” says Karat.
Karat says there is increasing demand in governance, risk, and compliance (GRC), as well as payment card industry data security standards (PCI DSS).
“There is continuing strong demand in the technical security analyst space so identity access management (IAM) and CyberArk, as well as securing specific sections of the cloud.’’
Top dollar paid for cyber security experts
Karat says cyber security experts such as architects can command close to $1500 a day as a contractor. IAM experts can also secure permanent salaries starting in the range of $150,000.
“Contracting can start anywhere from $800 to $850 a day,’’ says Karat. “If you are looking for a penetration tester to do a serious piece of work you are going to be paying over $1500 at least a day. Most of the work is being done in Sydney and Melbourne.’’
Karat says many of the exceptional candidates are motivated by job satisfaction over money.
“There is a certain breed of candidate,’’ he says. “They get satisfaction out of the cool projects that they work on.
“It is an increasing trend in cyber security that you can’t win candidates with money alone because they are generally well paid.’’
Automating lower level security issues to focus on advanced attacks
A shift to using security artificial intelligence (AI) to monitor and address lower level security problems is allowing cyber security experts to work on higher level threats.
“We are finding a strong demand in the architecture of combining development with security,’’ says Karat. “Security measures/responses are becoming increasingly automated and there is a growing demand for creative talent capable of addressing advanced threats.’’
It is important that businesses move towards solutions that can minimise and address risk for high volume, lower level security issues such as DDOS and malware so that they can focus on what limited resource is available to deal with more sophisticated threat issues.
“This means keeping cyber security teams manual work to a minimum and running efficiently so that they are free to look at more sophisticated attacks that involve research and human judgement,’’ he says.
More demand for talent on the horizon
Karat says it is a balancing act of the right projects and financial incentives when it comes to attracting cyber security talent.
The growing demand for cyber security talent was unlikely to stop at any point in the next year.
“I think, if anything, it is going to continue to grow and we are going to see year-on-year records in security especially,’’ says Karat.
Distributed Denial of Service (DDoS) Protection services are considered the best defence against malicious cyberattacks. As the threat of DDoS attacks increases, Vocus Communications has ongoing investments in detection and protection to ensure your network is always up and running.