Salaries for cybersecurity experts set to rise above the current average of $120,000 as online hacking scandals wake companies up to the need for stronger defenses
- Australia faces a shortage of 3,000 cybersecurity workers by 2026, plan shows
- The average pay of a cybersecurity expert is $120,000 a year and will likely grow
- Massive hacks of Optus and Medibank have exposed online vulnerability
- Aussies already face 745 cyberattacks a day, every two minutes
The Optus and Medibank hacks have exposed the online vulnerability of Australian companies, and industry figures say much of the problem is a shortage of people with cybersecurity expertise.
The federal government’s competitiveness plan for the cybersecurity sector estimates that the country will face a shortage of 3,000 cybersecurity workers by 2026, and the demand for the scarce workers means the average sector salary of $120,000 per year will only increase.
While the sensational theft of the personal data of millions of Optus and Medibank customers has made headlines, the blizzard of smaller cyberattacks targeting Australians every day is perhaps even more terrifying.
Australia faces severe shortage of cybersecurity experts, according to government report
An Australian with an online presence will be the target of 745 cyber attacks every day, meaning every one to two minutes, according to a 2021 report.
Even more troubling, the frequency of cyber attacks is expected to double in the next five years, the report said.
The government plan, which has been updated four times, was released ahead of a national cybersecurity event in Melbourne on Monday.
The estimate of the average income of cybersecurity workers is derived from positions advertised on the employment website Seek.
Cyber Security Minister Clare O’Neil said on Sunday that Australians should ‘wake up from their cyber slumber’ regarding the threat of online crime.
The Medibank hack has exposed the vulnerability of major Australian companies to online criminals
She told the ABC that the Albanian government is preparing laws prohibiting Australian companies from paying ransom to hackers.
Ms. O’Neil has also vowed to track down the “scumbags” behind the Medibank hack, in which hackers demanded the health insurer pay $15 million to stop the release of personal information about its customers — a demand the company declined.
The hacker released another 500 customer records on Monday, detailing those seeking cover for mental health treatment.
A previous leak of data to the so-called “dark web” revealed case histories of Medibank customers who had undergone abortions or drug and alcohol treatments.
Medibank chief executive David Koczkar on Monday apologized “without reservation” for what happened, calling the people behind the hack “deplorable.”
“We will continue to support all people affected by this crime through our Cyber Response Support Program,” Seven News said.
Cybersecurity Minister Clare O’Neil says Australians need to wake up from their ‘c.’
This includes support for mental health and wellbeing, identity protection and measures against financial hardship.
“If customers have concerns, they should contact our Cybercrime Hotline, Mental Health Support Line, Beyond Blue, Lifeline or their primary care physician.”
Medibank could be forced to pay millions in damages while class action law firm Maurice Blackburn considers a lawsuit.
On Sunday, Ms. O’Neil also flagged a new elite unit to fight cybercrime.
The agency will bring together experts from the AFP and the Ministry of Defense’s Australian Signals Directorate to ‘hack’ the hackers.
However, Neil said she couldn’t promise hackers would be jailed in Australia because they were often foreigners.
Australians are targeted by 745 online attacks every day, which equates to one every one to two minutes
“We have people who are essentially housed by foreign governments,” she said.
The hacker who stole the personal data of some 10 million current and former Optus customers in September has not yet been identified.
This was despite the government’s promises that the police would be after them and make announcements about the case, which did not happen.