InfoSecBulletin Cybersecurity for mankind
A recent study by ISACA shows that almost two-thirds of cybersecurity professionals report increasing job stress. The 2024 State of Cybersecurity Survey report indicates a decline in job openings. It also reveals that 64% of cybersecurity professionals in Australia find their roles more stressful than five years ago, and 57% are unaware of their organization’s cyber insurance status.
An annual Adobe study gathered insights from over 1,800 cybersecurity professionals about the workforce and threat landscape. It found that Australian cybersecurity professionals experience slightly higher stress levels than their global counterparts due to various reasons, including:
Delay patching leaves about 50,000 Fortinet firewalls to zero-day attack
Daily Security Update Dated: 21.01.2025
126 Linux kernel Vulns Allow Attackers Exploit 78 Linux Sub-Systems
CERT-UA alerts about “security audit” requests through AnyDesk
Oracle Critical Pre-Release update addressed 320 flaw
OWASP Reveils Top 10 Smart Contract Vulnerabilities for 2025
Multiple Azure DevOps Vulns Allow To Inject CRLF Queries & Rebind DNS
Intel holds 22 employees from one Bangladeshi University
VPN Surge 1500% in USA after TikTok Shut Down
MITRE Launches D3FEND 1.0; The Milestone for Cybersecurity Ontology
An increasingly complex threat landscape (85% v. 81% globally);
Low budget (48% v. 45% globally)
Worsening hiring/retention challenges (50% v. 45% globally); and
Lack of prioritisation of cybersecurity risks (35% v. 34% globally)
However, global cybersecurity professionals are feeling the strain of insufficiently trained staff at a higher rate than in Australia, at 45% compared to 37% locally.
Status of Cybersecurity Attacks:
In Australia, 29% of organizations are facing increased cybersecurity attacks, compared to 38% globally. The most common types of attacks are social engineering (19%), third-party breaches (19%), security misconfigurations (14%), sensitive data exposure (13%), and unpatched systems (13%).
Over half of Australians (53%) anticipate a cyberattack on their organization within the next year, surpassing the global average of 47%. Additionally, only 32% feel confident in their team’s ability to detect and respond to cyber threats.
In Australia, 57% of organizations are unaware of their cyber insurance coverage.
Jo Stewart-Rattray, ISACA’s Oceania Ambassador, noted that Australia has fewer reported cybersecurity incidents than the global average, but organizations should remain vigilant.
“Despite a lower number of respondents reporting cyberattacks in Australia than in other parts of the world, we know that each attack is increasing in complexity, requiring even more effort, energy and intelligence by cyber professionals,” said Stewart-Rattray. “Staying ahead of new technologies and digital weapons is all-consuming and this certainly explains why cyber pros in Australia are feeling increased stress in their jobs.”
“The gap between the anticipated likelihood of a cyberattack in the coming year and the confidence in handling it is concerning,” she adds. “It highlights the urgent need for ongoing education and training to keep pace with evolving threats. Knowledge, preparedness and teamwork remain integral to preserving digital security.”
Resource Challenges:
The survey indicates that, despite growing cybersecurity threats, budgets and staffing are lacking. Nearly 47% believe budgets are insufficient, and only 33% anticipate an increase in funding over the next year.
Though 51% of organisations say their cybersecurity teams are understaffed, hiring has slightly slowed:
44% of organisations have no open positions;
42% of organisations have non-entry level cybersecurity positions open; and
14% have entry-level positions open
Skills and Retention Trends:
Employers seeking qualified candidates for open roles are prioritising prior hands-on experience (82%) and credentials held (36%).
Respondents indicate that the main skills gap they see in cybersecurity professionals are soft skills (47%), especially in communications, critical thinking and problem-solving, and cloud computing (38%).
In Australia, 63% of survey respondents struggle to retain qualified cyber candidates, compared to 55% globally. The main reasons for candidates leaving are high work stress (60% vs. 46% globally), inadequate financial incentives (57%), and recruitment by other companies (54%).
“Employers should hone in on the occupational stress their digital defenders are facing,” says Jon Brandt, ISACA Director of Professional Practices and Innovation. “This is an opportunity for employers to explore ways to support staff before burnout and attrition occur. Employees want to feel valued. As the leadership adage goes, take care of your people, and they’ll take care of you.”
