The Department of Human Services (DHS) has more than tripled its cybersecurity staff in the past 12 months, a report from Microsoft has revealed.
Faced with a cybersecurity specialist shortfall of around 500 people per year in Australia, Microsoft's Navigating the new cybersecurity threat landscape report says DHS shaped its hiring plans in the face of the reality that "there wasn't enough trained security experts in Canberra to meet its requirements".
"We knew it was going to be impossible to find enough skilled people, so we made a conscious decision to hire straight from school and train them internally," Microsoft quoted DHS CISO Narelle Devine as saying.
"We've supplemented this strategy by hiring some more experienced people who are contracted to split time evenly between doing their job and mentoring three juniors."
According to the report, DHS expects it will take two years before it knows if its strategy will work.
"We know people will leave because these roles are in high demand, but we did the maths and we'll be ahead if we can keep one in three of those going through training," Devine told the tech giant.
Microsoft also said DHS has made a bunch of hires with a background in Defence, with many hailing from the Australian Defence Force.
"These people are strategic thinkers, they have built-in loyalty, and they bring a host of other skills that are hard to measure in aptitude tests," Devine told Microsoft. "They've already been through a lot of that to get into Defence in the first place."
DHS' cybersecurity team also includes psychologists, lawyers, and politics graduates, the report says.
"Sure you need some people to do the technical stuff but there has to be that blend. I'd say we have a fairly even split between technical and non-technical people," Devine added.
As reported, DHS has also started to rotate security professionals through development teams to reduce the likelihood that security flaws are missed when designing new applications.
Devine also revealed to Microsoft that DHS outsources some of its "cyber work".
DHS announced almost a year ago it was on the hunt for 125 university graduates who have completed a degree in science, technology, engineering, or mathematics (STEM)-related fields to join the department.
Devine at the time said her department was looking to fill six-month positions across Canberra, Adelaide, and Brisbane in areas such as IT architecture, business analysis, design, system engineering, development, testing, and data analysis, with some participants to be offered permanent employment at the end of their half-year stint.
Human Services is a few years into its billion-dollar project to overhaul Australia's 30-year-old payment system, which processes over AU$100 billion in Centrelink payments each year.
Labelled the biggest digital transformation the government has embarked on to date by former Minister for Human Services Alan Tudge, the Welfare Payment Infrastructure Transformation (WPIT) program is expected to take seven years to complete.
PREVIOUS AND RELATED COVERAGE
The Australian government department is recruiting 125 IT graduates to work on the systems that deliver payments across Centrelink, Medicare, and Child Support.
The Australian Taxation Office told Senate Estimates it coughed up a 'peak' of AU$333 million during 2016-17 on labour hire, outsourcing, and specialist contractors, with many charged with rectifying the work backlog caused by IT outages.
A report from Australia's Audit Office said the Electoral Commission ditched government IT security frameworks ahead of the election, but the AEC boss told Senate Estimates last night he was 'satisfied' with the risks that were accepted.
The DTA's CEO Gavin Slater has told Senate Estimates he 'absolutely' wants the capability back in-house, after a machinery of government change removed the cybersecurity team from his agency last year.
How to attract the next generation of cybersecurity talent (TechRepublic)
CISOs should focus their security budgets on risk reduction and hire cybersecurity talent to protect sensitive data, says ProtectWise vice president of product management Dave Gold.
Sydney-based Tom Moore returned to the daily grind from serving in Afghanistan, and after a poor transition process, founded a company that aims to change the way the veteran workforce is perceived by industry and upskill ex-military personnel for a career in technology.