Why it’s so hard to land a cybersecurity job | Information Age
Why it’s so hard to land a cybersecurity job | Information Age
https://ia.acs.org.au/article/2026/why-it-s-so-hard-to-land-a-cybersecurity-job.html
Publish Date: 2026-06-10 10:55:00
Source Domain: ia.acs.org.au
Using an unordered list, summarize the following article with between 4 and 8 key points.
As AI-driven threats reshape the cybersecurity landscape, employers are struggling to find a type of cyber professional the labour market is simply not producing in sufficient numbers.
According to a new report by consultants Accenture, bosses want cyber professionals who can combine deep technical expertise with business strategy, leadership and communication skills.
However, only 40 per cent of the current workforce held roles that fit such a profile.
The industry’s cybersecurity talent shortage is no longer simply a matter of headcount.
After analysing more than 550,000 cybersecurity job postings and professional profiles, Accenture found 46 per cent of global roles remain unfilled to date.
Roughly three fifths of these vacant positions required not only technical problem-solving capabilities, but a blend of communication skills, technical depth, business acumen and strategic leadership.
The Reinventing the cyber workforce reveals a “structural mismatch” between industry demand and labour supply.
“This highlights a capability imbalance that hiring alone will not correct,” states the report.
It found employers increasingly want cybersecurity professionals who can bridge multiple disciplines rather than operate within technical silos.
The workforce profile, however, failed to mirror this demand pattern: 42 per cent of engineers’ skills related to “specialised technology knowledge”, and only 29 per cent related to leadership, strategic, or ‘soft’ skills.
Most universities disproportionately focus on technical theory and code, and employers have continued to train staff based on “legacy job descriptions”.
The result is a “structural mismatch between the skills produced and the skills required”.
Industry talent model ‘no longer works’
Accenture argues the cybersecurity sector has outgrown its traditional talent model.
While organisations have historically responded to cybersecurity threats and incidents by adopting new tools, controls, and in-house specialists, the report suggests this approach fails to supply a crucial skills gap.
After an incident, companies invest most of their resources in new tools while ignoring talent realignment. Source: Accenture
Rather than treating cybersecurity as a standalone function, organisations should develop career pathways spanning areas such as cloud computing, identity strategy, architecture, regulatory interpretation, AI and data governance, the report suggests.
Cybersecurity leaders, meanwhile, increasingly need skills that extend well beyond technical expertise.
Modern roles require professionals who can communicate risk to executives, influence business decisions, quantify financial impacts and collaborate across departments.
“Without redesigning roles, skills and operating models, post-incident responses optimise technology instead of people, leaving tomorrow’s talent gaps to keep widening.”
AI-skills demand has doubled
The report found demand for AI-related cybersecurity skills has increased 150 per cent since 2020, with the sharpest growth occurring in the last two years.
Meanwhile, 87 per cent of leaders cited AI-related vulnerabilities as the fastest-growing cyber-risk, and some 94 per cent expected AI to be the industry’s biggest driver of change in 2026.
And while ongoing breakthroughs in AI such as Anthropic’s unreleased bug-hunting Mythos model have threatened to shake up industry norms, workforce capability is not keeping pace.
“The gap is particularly pronounced in areas such as AI governance, model security and AI-enabled threat detection,” reads the report.
With cybercriminals increasingly adopting AI to automate pre-attack reconnaissance, personalise phishing scams, and generate convincing deepfakes, defenders must respond with “equivalent acceleration”.
Among other recommendations, the company suggested AI be used to absorb repetitive tasks so workers can re-allocate their efforts to other areas, such as handling strategic risk decisions or responding to complex incidents.
The report found some 68 per cent of employees say AI does save time on routine tasks, while some 58 per cent felt it improved work quality.
Notably, however, the company warns that if automation absorbs foundational work too early, it can result in analysts who “cannot reason without a tool”.
Australia must develop cyber talent
Kelli Dienhoff, director of people and talent at technology recruitment firm Hoff Talent Solutions, said the reported skills gap marked a “significant opportunity” for organisations to “rethink what cybersecurity means for their business”.
“Cybersecurity is no longer purely a defensive function sitting within IT,” she said.
“It is a business risk that requires active leadership, accountability and investment from the top down, including more focus and understanding at an active board level.”
For Australia, Dienhoff said there isn’t a shortage of capable people, but there is a shortage of organisations willing to develop talent.
“If we don’t create pathways for growth, our best and emerging talent will take their skills where they are valued, invested in, and challenged,” she said.
“Many have already left.”
Accenture similarly identified that one in five cybersecurity professionals are considering leaving the field and likewise called for companies to build workplace cultures that support individual workers.
“The organisations that will be most successful are those that invest in their people and align cybersecurity capability with their broader business objectives,” said Dienhoff.
