Methodology

The data analysis and aggregation powering AUCyberExplorer is a collaboration between Lightcast (formerly Emsi Burning Glass), Accenture, and CompTIA. Lightcast uses artificial intelligence technology to analyse hundreds of millions of job postings and has researched real-life career transitions to provide insights into labour market patterns. The methodology considers the skills, tools, occupations, job titles, and certifications found in job postings to define the broader cyber security landscape in Australia. Thanks goes to Computing Technology Industry Association (CompTIA), Global Information Assurance Certification (GIAC), and ISACA for sharing the supply of certification holders for AUCyberExplorer.

Cyber Security Definition

Lightcast has developed a customised definition of cyber security jobs by utilising a combination of job titles, skills and certifications. This definition is comprehensive and enables us to capture the broad cyber security landscape, which has infiltrated many aspects of organisations and is no longer siloed into roles with just “cyber security” in the title. This definition aims to encompass the vast majority of roles which require cyber security skills and expertise.

The definition of cyber security is categorised into “dedicated” and “related” cyber security jobs. The dedicated cyber security jobs are those whose job falls into one of the following ANZSCO Unit Group classifications: Database and Systems Administrators, and ICT Security Specialists, ICT Managers, or Software and Applications Programmers. Lightcast classifies ANZSCO Unit Groups based on the job title. Related jobs are all other jobs which require cyber security skills and expertise, regardless of what their job title might be.

All current supply and demand data is for the 12-month period from 1st February 2022 to 31st January 2023. 

Job openings: 

Lightcast applies the cyber security definition across its proprietary database of job postings to identify the total number of cyber security job postings within a given geography, occupation, and industry over the specified time period.

Workers: 

Lightcast uses both Australian Bureau of Statistics (ABS) employment data and its proprietary job posting data to compute employment statistics. To derive employment estimates across geographic regions within Australia, the totals across each sex from Table RQ2, “Employed persons by Labour market region (ASGS), Occupation major group (ANZSCO) and Sex, Annual averages of the preceding four quarters, Year to August 1999 onwards ” are weighted by the percentage of historical cyber security job postings within each geographic region and ANZSCO Occupation major group. This methodology is used to produce more granular employment estimates than what is available in the public ABS dataset.

Worker gender: 

To provide estimates of the gender breakdown within each geography, occupation and industry, Lightcast utilise the employment values calculated via the methodology that is described above and then apply gender weights from ABS Table EQ08, “Employed persons by Occupation unit group of main job (ANZSCO), Sex, State and Territory, August 1986 onwards”. Weights from this table are specific to an ANZSCO Occupation unit group and geography (national and state level). Weights are consistent across industries, and SA4-level weights are derived from the state-level data. The weights used for the aggregate cyber security ANZSCO classification (All other cyber roles) are derived from the averages across the broader ICT industry.

In order to ensure that the gender breakdowns sum up appropriately across ANZSCO occupations and geographic regions, Lightcast performed slight redistributions of the worker gender estimates produced using the ABS weights. Consequently, the final weights vary slightly from what is produced by ABS in Table EQ08.

Note that ABS does not endorse transformations of their data.

All other cyber roles ANZSCO classification: 

This classification includes roles which require cyber security skills, certifications, or expertise, but are not classified under the cyber related ANZSCO Unit Group codes. These roles are commonly classified under other ICT related ANZSCO Unit Group codes, such as “2631 Computer Network Professionals”.

City: 

City data on the website reflects all of the SA4 regions within Australia with the exception of the following locations: Central Queensland, Australian Capital Territory (this data is provided at the state level), Other Territories, Migratory - Offshore - Shipping locations, and No usual address locations. Consequently city-level data is not meant to sum up to state or national-level totals.

Regional & Urban: 

Roles advertised without a location, i.e. online roles, have been redistributed between regional & urban.

NICE Work Roles: 

To calculate the NICE work role category distribution, Lightcast reviewed the tasks and KSAs associated with each work role and mapped them to our closest corresponding skills, job titles, and certifications, customising one or more matching NICE work roles for each job posting.

Geographic Concentration: 

The geographic concentration is calculated by comparing the concentration of cyber security job postings to other job postings—and comparing that to the national average.

Certification Holders: 

Certification holder data is aggregated directly from data provided by the certifying organisation. Values of less than 10 are suppressed to protect the privacy of these individual certification holders.

Certifications requested: 

To classify the frequency with which certifications are demanded, Lightcast looks for exact matches of the certification name within the job posting. Inferring certifications based on acronyms is limited due to the fact that there can be one acronym that refers to multiple different certifications.

Methodology Image
VIEW DATA