New cybersecurity policy should address skills gap: AIIA

The Australian Information Industry Association (AIIA) has urged the government to make addressing the IT security skills shortage a top priority of its revised national cybersecurity strategy.

In a response to the Abbott government’s Cyber Security Strategy Review, the AIIA recommended that the government focus on six key priority areas.

These include the need to respond to the pace of technology change as well as the increasing sophistication of cybercrime, as well as the need to clarify roles and responsibilities within and outside of government.

The AIIA also recommended that the government address the skills deficit in cybersecurity, noting that demand for professionals with the skills to identify, manage and prevent cyber attacks is increasing faster than they can be educated and recruited.

Another suggestion is to focus on developing approaches to allow information regarding cyber threats to be shared, while balancing openness with concerns over reputational and financial damages.

In the submission, AIIA member and KPMG adviser Georgia King-Siem stressed that government and the private sector need to work together to prevent cyber attacks. She noted that a framework is needed to facilitate the reporting of cyber attacks by industry.

Cogito Managing Director Richard Brown recommended that businesses should be allowed to report incidents anonymously, and called for greater IT education among the Australian business community.

Oracle Account Executive for National Security Ben Strong likewise called for IT education for government employees on topics including social engineering.

The government launched the Cyber Security Strategy Review in November, announcing plans to deliver a revised security policy within six months.

Image courtesy of Luca Masters under CC