Efforts to fill Australia’s chronic cyber security skills gap seem to finally be paying off, with Australia’s cyber security workforce growing by more than 23 per cent in the last year as flexible work arrangements make cyber staff happier than ever.

There are now 134,690 cyber security workers in Australia, according to the Cybersecurity Workforce Study 2021 from industry group the International Information System Security Certification Consortium, or (ISC)2 – up from 108,950 workers in 2020 and 107,000 in 2019.

That’s almost 26,000 more workers this year compared to last year.

Growth in the Asia-Pacific region had reduced the skills gap by 500,000 people overall, the report found – making it the only region where the gap did not increase.

“The continued decline is substantial enough to offset the demand in the rest of the world and effectively pull the global gap lower than our 2020 measurement,” the report says while warning that “APAC’s declining workforce gap does not suggest a problem solved.”

“With a remaining gap of more than 1.42m, APAC employers are struggling to find qualified, skilled professionals.”

Surging employment numbers reflected continuing growth in the global cyber security workforce – which added around 710,000 new workers (20 per cent) in the last year to number 4.19 million – yet demand was continuing to outpace supply in many countries.

“It is easy to draw the conclusion that the industry is making sustained progress toward closing the skills gap,” the report notes. “However, a deeper dive into global trends behind the gap assessment suggests applying the brakes to that cautious optimism.”

Australia, for example, still needs 25,000 more cyber security workers to close its cyber security gap, (ISC)2 said, warning that staff shortages were continuing to pose operational challenges for companies worldwide.

Respondents said staff shortages had caused a range of problems – including misconfigured systems, insufficient time for proper risk assessment and management, slow patching of critical systems, rushed deployments, oversights in process and procedures, and an inability to remain aware of all active threats.

“The need for more professionals in the field has never been greater,” the report notes, “continuing to outpace demand and underscoring that career opportunities will only continue to grow.”

Home working proved viable

Although even the breakneck growth of the past year isn’t enough to close the cyber security skills gap overall, there were signs that continuing working from home (WFH) arrangements could be particularly helpful for employers struggling to source enough talent.

Fully 84 per cent of cyber security workers said they were working fully remotely or going into the office sporadically.

And while this figure was down slightly from last year, it coincided with record job-satisfaction rates of 77 per cent overall – up from 66 per cent in 2019.

That change suggests that many cyber security workers had seen the pandemic’s skew towards WFH arrangements as a welcome chance to redefine their working hours, reduce the mental health impact of stressful jobs, and engage with employers in a different way.

Indeed, just 15 per cent of cyber security workers said they wanted to fully return to an office – far fewer than the 24 per cent of all companies that plan to return to a conventional office environment.

Little wonder: cyber security roles seem to have proven themselves particularly well-suited to remote-working arrangements, with 43 per cent of cyber security workers able to fully carry out their job responsibilities while working remotely and one-third noting that their roles mostly don’t require being onsite.

“While much work needs to be done to recruit and retain more cyber security staff, the findings provide several reasons to feel good about the state of the industry,” the report notes.

Much of that optimism is tied to increasing acceptance of WFH arrangements, with managers more willing to allow cyber security workers to work remotely.

Fully 41 per cent of respondents said that their managers had gained confidence in the performance of remote workers during the pandemic – with a third noting that WFH arrangements actually made it easier to recruit and retain employees.

In this light, WFH may prove to be an invaluable recruitment tool for an industry that has already tried closing the cyber skills gap through targeted recruitment, gender outreach, skills development, school-age outreach, neurodiversity engagement, career switches, and similar programs.

“Where the sudden shift to working from home was a temporary necessity in 2020, in 2021 the benefits of a remote workforce have become solidified in many organisations,” the report notes.

“While [cyber] professionals may have been viewed as essential on-site personnel in the past, the last year has proven they can be successful working remotely.”