The Commonwealth Bank and UNSW hope to solve a “critical shortage” of cybersecurity professionals in Australia by creating open courses and curricula under a five-year, $1.6 million deal.

The bank and university will jointly create a new “security engineering stream” in UNSW’s computer science program.

They will then open the courseware via creative commons licensing and massive open online courses (MOOCs) – meaning that potentially anyone can take advantage of it and upskill on cybersecurity.

“There is a huge pool of people who potentially could be fantastic cybersecurity professionals and only a few hundred of them get to take our course,” UNSW Associate Professor in computer security and cybercrime Richard Buckland said.

“But with a MOOC, 10,000 of them can take our real university-level course, it’s free and they can do it in their own time at their own pace.

“From my point of view, that’s really what a university is about. We should be lifting the whole population, lifting knowledge and improving the lives of people through education.”

Numbers released this week by Seek show security roles are the hardest to fill of any jobs in the ICT sector.

Advertisements are up 60 percent in just two years, and even the fact they pay well – on average, the third-highest of any ICT role – isn’t enough to see them filled.

“At the moment, we don’t have enough graduates that are coming out of the education facilities to fill the jobs,” CBA’s chief information security and trust officer Ben Heyes said.

“There is a really strong demand that’s being unmet for a quantity and a quality of highly skilled graduates.”

Buckland agreed there was a “thirst” for graduates with cybersecurity skills. “There is this incredible unmet demand.”

In addition to creating new courseware, the CBA-UNSW tie-up will see the creation of a security engineering lab at UNSW’s Kensington campus south of Sydney.

The lab is to be used “for hands-on teaching and security research” for UNSW’s own security engineering courses – a place for “playful experimentation” and to gain applied domain knowledge and expertise.

“There is no way I could train students just by listening to me to be any good at anything,” Buckland said.

“They have to go and do things themselves and work things out themselves.”

He continued: “We’re not interested in people who just solve things by random approaches. We’re really hoping to train the students to have an appreciation of the weaknesses of things, of the nature of weaknesses of things, of the types of attacks that can be brought about on things, so that in turn they can then learn defence.”

Some of the $1.6 million will also go into “the recruitment of world-class lecturers” at UNSW, as well as fellowships “for graduates who wish to teach subjects at UNSW”.

And the bank also plans to sponsor PhD research projects that attack “critical internet security problems”, though it did not reveal which areas of security it most sought research assistance.

Heyes said he hoped the investment would prepare security professionals for a “broad spectrum of roles”, including cyber threat intelligence, incident response, forensics and pen testing.

He also hoped the project would result in two “conveyor belts” of talent.

“I think of this in terms of two conveyor belts; the conveyor belt of talent that is graduating through this program and others should the course content and syllabus be also taught in other facilities,” Heyes said.

“They will have applied strong skills that are ready to go into the workforce to make an impactful difference at our company or at others.

“The second conveyor belt or second ingredient of that success would actually be a very similar thing - but for the teachers - and that is a set of teachers that have got the experience both teaching an applied curriculum, but potentially through the fellowship components of this that they've also undertaken research.

“That combination of teachers that have both been published and that have experience in teaching makes them a very sought after commodity in the education sector.

“So success to me is the conveyor belts are up and running and providing a workforce that is ready to go and face the exciting problems that we need their help on and a set of teachers that are also able to replicate this across the country.”

The free MOOC on applied cyber security can be accessed here.