Strong Growth in Cyber Security Workforce Projected

Australian Cyber Network’s recently released State of the Industry 2024 report contains some interesting reading about the composition and qualifications of Australia’s cyber security workforce.

Continued Growth, Changing Composition

According to ACN, the nation’s cyber security workforce has continued its rapid expansion, reflecting both increased demand for cyber security professionals and the evolving nature of cyber threats. In 2024, it reached 137,453 professionals, up 9% over the previous year.

However, within the overall growth, there’s been a shift in how cyber security roles are structured, and the priorities being placed by organisations on different skill sets. For example, 41% of the total roles are dedicated cyber security positions which explicitly require security expertise, and the remaining 59% are related roles, where cyber security is a significant but not exclusive aspect of the jobholder’s responsibilities.

Within the dedicated category, 36% require deep technical expertise. These include Cyber Security Engineers, Penetration Testers and Security Architects. This indicates that, while cyber security expertise is becoming more specialised, a growing number of professionals across all sectors are required to integrate security skills.

Functionally, the cyber security workforce remains heavily concentrated in Database Administrators and ICT Security Specialist roles (54%), followed by Software and Applications Programming (24%) and ICT Management (22%). Among the roles requiring deep technical expertise, Cyber Security Engineers, Penetration Testers and Developer Programmers dominate, with 81% within the Software and Applications Programmers category.

These figures suggest that cyber security remains deeply embedded within the software development and data security domains, reinforcing the importance of integrating security considerations into the early stages of software engineering and IT infrastructure development.

Gender Diversity

From a gender diversity perspective, Australia’s cyber security workforce remains heavily male-dominated, with only 25% women. However, that’s an 8% increase since 2021, so progress is being made.  ACN attribute the improvement to sustained efforts by industry groups, government initiatives and corporate programs, as well as the work of organisations dedicated to fostering a stronger, more connected community for women in cyber security.

Workforce Projections

ACN projects the cyber security workforce to grow significantly through to 2029, albeit at a reduced rate. 

By 2029, they expect the total workforce to grow to 193,000 roles, with slightly higher growth in dedicated roles.  They believe that, while demand will remain strong, the acceleration seen in previous years may stabilise.

Overall, the data reveals that cyber security analysts and engineers are driving the bulk of workforce expansion, highlighting industry demand for both frontline detection and incident response capability as well as technical implementation expertise.

Skills Still In High Demand

State-by-state forecasts reveal that, while Australia’s cyber security workforce appears sizeable on paper, with many states showing a healthy current supply of workers including jobseekers, supply is not keeping pace with projected demand.

Across most jurisdictions, the number of workers per vacant job is steadily declining, signalling increased pressure on talent pipelines. States like Victoria, New South Wales

and Western Australia, despite having the largest supply pools, will still show significant tightening in their job markets by 2029. South Australia and Queensland, with some of the highest worker-to-job ratios today, are projected to see those gaps narrow.

ACN says this trend underscores the urgent need to build new entry pathways, accelerate training and retain talent, or risk a widening disconnect between workforce availability and industry needs across the country.