InfoSecBulletin Cybersecurity for mankind
A recent study by ISACA shows that almost two-thirds of cybersecurity professionals report increasing job stress. The 2024 State of Cybersecurity Survey report indicates a decline in job openings. It also reveals that 64% of cybersecurity professionals in Australia find their roles more stressful than five years ago, and 57% are unaware of their organization’s cyber insurance status.
An annual Adobe study gathered insights from over 1,800 cybersecurity professionals about the workforce and threat landscape. It found that Australian cybersecurity professionals experience slightly higher stress levels than their global counterparts due to various reasons, including:
Researcher found non protected database form ESHYFT containig 86000 records
CVE-2024-55591 and CVE-2025-24472
New SuperBlack ransomware exploits Fortinet flaws
CVE-2025-25291 & CVE-2025-25292
Attention! GitLab Patched Critical Authentication Bypass Flaws
CVE-2025-20138
Cisco released High Security Alert for IOS XR Software
400+ IPs Exploiting Multiple SSRF Vulnerabilities
NVIDIA has released update for NVIDIA Riva
CVE-2025-24201
Apple fixes 0-day exploited in “extremely sophisticated attack”
Microsoft’s March 2025 updates fix 7 zero-day, 57 flaws
Ballista Botnet infects 6000 Unpatched TP-Link Routers
CVE-2025-24813
Flaw in Apache Tomcat Exposes Servers to RCE
An increasingly complex threat landscape (85% v. 81% globally);
Low budget (48% v. 45% globally)
Worsening hiring/retention challenges (50% v. 45% globally); and
Lack of prioritisation of cybersecurity risks (35% v. 34% globally)
However, global cybersecurity professionals are feeling the strain of insufficiently trained staff at a higher rate than in Australia, at 45% compared to 37% locally.
Status of Cybersecurity Attacks:
In Australia, 29% of organizations are facing increased cybersecurity attacks, compared to 38% globally. The most common types of attacks are social engineering (19%), third-party breaches (19%), security misconfigurations (14%), sensitive data exposure (13%), and unpatched systems (13%).
Over half of Australians (53%) anticipate a cyberattack on their organization within the next year, surpassing the global average of 47%. Additionally, only 32% feel confident in their team’s ability to detect and respond to cyber threats.
In Australia, 57% of organizations are unaware of their cyber insurance coverage.
Jo Stewart-Rattray, ISACA’s Oceania Ambassador, noted that Australia has fewer reported cybersecurity incidents than the global average, but organizations should remain vigilant.
“Despite a lower number of respondents reporting cyberattacks in Australia than in other parts of the world, we know that each attack is increasing in complexity, requiring even more effort, energy and intelligence by cyber professionals,” said Stewart-Rattray. “Staying ahead of new technologies and digital weapons is all-consuming and this certainly explains why cyber pros in Australia are feeling increased stress in their jobs.”
“The gap between the anticipated likelihood of a cyberattack in the coming year and the confidence in handling it is concerning,” she adds. “It highlights the urgent need for ongoing education and training to keep pace with evolving threats. Knowledge, preparedness and teamwork remain integral to preserving digital security.”
Resource Challenges:
The survey indicates that, despite growing cybersecurity threats, budgets and staffing are lacking. Nearly 47% believe budgets are insufficient, and only 33% anticipate an increase in funding over the next year.
Though 51% of organisations say their cybersecurity teams are understaffed, hiring has slightly slowed:
44% of organisations have no open positions;
42% of organisations have non-entry level cybersecurity positions open; and
14% have entry-level positions open
Skills and Retention Trends:
Employers seeking qualified candidates for open roles are prioritising prior hands-on experience (82%) and credentials held (36%).
Respondents indicate that the main skills gap they see in cybersecurity professionals are soft skills (47%), especially in communications, critical thinking and problem-solving, and cloud computing (38%).
In Australia, 63% of survey respondents struggle to retain qualified cyber candidates, compared to 55% globally. The main reasons for candidates leaving are high work stress (60% vs. 46% globally), inadequate financial incentives (57%), and recruitment by other companies (54%).
“Employers should hone in on the occupational stress their digital defenders are facing,” says Jon Brandt, ISACA Director of Professional Practices and Innovation. “This is an opportunity for employers to explore ways to support staff before burnout and attrition occur. Employees want to feel valued. As the leadership adage goes, take care of your people, and they’ll take care of you.”
