AISA Research Reports

AISA Conducts Research to Determine the Industry’s Views on Introducing Accreditation / Professionalisation Requirements 


  • There is no single door of entry into the cyber security profession; people follow many paths into it including tertiary education, work experience and certificates issued by private companies among others
  • Prospective employers of cyber security professionals value the following three candidate criteria well above all others: aptitude (ability to learn), work experience and attitude
  • A candidate’s industry certification, education experience and background trail behind a candidate’s work experience by 40 percentage points
  • Support for introducing an industry accreditation scheme is mixed
  • Slightly more than half of respondents wanted some accreditation of the sector to ensure a base level of qualification

Please read AISA's Accreditation Research HERE

Board and Cyber Resilience - AISA/AICD Research

Study reveals more needs to be done to improve cyber security reliance

A new study by the Australian Institute of Company Directors (AICD), in partnership with the Australian Information Security Association (AISA), reveals that while most Australian directors see cyber security as a high priority issue, there is still a lack of formal oversight at a board level.

More than 850 directors were surveyed for the Boards and Cyber Resilience study, investigating board preparedness for cyber security incidents and benchmarking current practice to guide further education initiatives for directors. The survey found that 72 per cent of respondents say cyber security is a ‘high priority’ issue for their board. Recent Director Sentiment Index surveys mirrored this finding with cyber security having moved up to the top-ranking issue keeping directors ‘awake at night’.

Other results that indicate there is still room for improvement in board oversight, include:

  • Around 39 per cent of directors say they have made cybersecurity a specific focus of a board committee
  • 36 per cent of directors say they receive regular reporting on internal training and testing; and
  • Just 21 per cent of directors receive reporting on the cyber performance of key third-party suppliers
  • Only 44 per cent of directors indicate receiving training in cyber risk, and even fewer (23 per cent) have appointed directors with cyber skills

Read the Report - Boards and Cyber Resilience HERE

State of the Digital Nation: Cyber Security In Australia 2021  

For the second year, AISA commissioned DataDriven to produce a report based on an extensive survey of ICT leaders which was conducted in March 2021 about their organisation’s Digital Transformation (DX) and ICT practices. The resulting report focused on Australian ICT decision makers, with a strong focus on cyber security.



  • Security threats increase, business and government responds
  • Security cuts across all aspects of life in this country
  • Managing risk and security is right at the top of the business agenda
  • Deployment of security solutions has ramped up
  • Ransomware has got everyone's attention
  • Security spending will be much higher through 2021/2022
  • Cyber security services are also surging
  • E-commerce businesses are more advanced with security
  • COVID-19 has mostly accelerated ICT budgets

Read the study's findings here

State of the Digital Nation: Cyber Security in Australia 2020

To add value to our members' and partners' ongoing understanding of cyber security, AISA has partnered with research company DataDriven for this survey of ICT decision makers in Australia. It is a drill-down into the area of cyber security and related technologies and services through the eyes of the people who manage, deliver and purchase these technologies – the ICT decision makers.


  • Cyber security is a business issue not just a technological one
  • Cyber security is top of mind
  • Cyber security is integral to information-processing
  • The Australian Government has made cyber security a national priority
  • Online businesses take cyber security more seriously
  • Technology investments are changing to meet rising threats
  • The rise of zero-trust architecture
  • Covid-19 Pandemic has increased security concerns

Read the study's findings here

Australian Cyber Security Skills and Jobs Study NSW 2020

IN early 2020, AISA partnered with NSW Treasury to undertake a research project that would identify potential cyber security skills gaps and look at the impact of COVID-19 on the local cyber security industry.


Read the study's findings here.


The Australian Cyber Security Skills Shortage Study 2016

The study by the Australian Information Security Association (AISA) suggests that the skills shortage is better characterised as a failure of some organisations to resource appropriately, rather than the belief that there are not enough people to fill available jobs. Conducted over four months, the study included a member survey, analysis of job ad’s and interviews with key stakeholders.

Read the study's findings here