Globally, ISACA’s survey shows that more than three-quarters of respondents support US President Barack Obama’s proposed 30 Day Breach Notification Law as discussed in the State of the Union Address.
Finding and retaining skilled cybersecurity employees is a key challenge, with only 43 per cent of ANZ IT professionals stating they feel the organisation would be prepared to fend off a sophisticated attack.
When asked about hiring entry-level cybersecurity candidates, 53 per cent said it is difficult to identify who has an adequate level of skills and knowledge.
“As the world grapples simultaneously with escalating cyberattacks and a growing skills shortage, ISACA believes that it is absolutely essential to develop and train a robust cybersecurity workforce," Barnes adds.
"That is why we launched the Cybersecurity Nexus (CSX) in 2014. We take very seriously our role in addressing the skills gap through skills-based credentials, training, guidance and mentoring programs."
When recruiting skilled staff, Barnes says companies must have a realistic understanding of what they can do well and what they cannot in cybersecurity.
As a result, he suggests that CIOs, CISOs and security leaders must revisit the organisational structure and skills of their security teams and IT staffs that have any responsibility for securing information assets.
This analysis involves a deep review of what currently are or can be core competencies for the organisation, and where they might need help from outsiders.
Barnes adds that the cybersecurity plan also needs to be taken off the shelf and reassessed and updated for an organisation and its professionals to be adequately prepared.
"Security practitioners need to understand the relationship between their organisation, its people, its IT assets and the kinds of adversaries and threats they are facing," he explains.
"It is only through this analysis can the right cybersecurity program be designed and implemented where budget, skills, intensity and performance all are balanced at the appropriate levels."