Cyber industry culture needs urgent change

Matt O'Kane witnessed a troubling workplace interaction that highlighted a growing problem in Australia's cybersecurity sector.

The chief executive of Notion Digital Forensics argues the industry's "fortress mentality" is creating internal divisions that weaken the nation's cyber defences.

"Cyber can feel like a fortress," O'Kane wrote to industry colleagues.

"Sometimes the people guarding the gate of our industry make us doubt ourselves."

"We are too new, too different, we are 'not enough'."

The observation comes as Australia faces an acute cybersecurity skills shortage while cyber threats escalate rapidly.

O'Kane, who also teaches at UNSW's School of Business, suggests the industry's own culture may be its biggest barrier to growth.

Drawing from two decades in information technology and extensive experience investigating workplace disputes, O'Kane identifies several factors contributing to toxic workplace dynamics.

Teams trained to be naturally suspicious and guard secrets may struggle to switch off that defensive posture with colleagues.

The industry prioritises technical skills over social capabilities, creating communication challenges.

Overloaded professionals respond more curtly than necessary due to workload pressures.

Some established professionals treat newcomers as outsiders rather than future teammates.

"The real contest is us vs criminals, not us vs each other," O'Kane emphasises.

Three behaviours for cultural change

O'Kane proposes three concrete actions for industry leaders to model.

First, welcome newcomers into cybersecurity rather than treating them with suspicion.

"Be generous: Assume good intent first, since suspicion is already in surplus," he advises.

Third, lower your power frame by speaking, sharing credit generously, and listening more than speaking.

These behaviours build inclusive teams rather than hierarchical barriers, according to O'Kane.

Stakes could not be higher

O'Kane's warning carries particular weight given his frontline experience in cyber incident response.

Through Notion Digital Forensics, he regularly witnesses the devastating impact of successful cyberattacks on organisations across various industries.

"We protect people who do not know what we know."

"We serve them, not the other way around."

His warning is stark about the consequences of internal division.

"United we stand, but divided we hand victory to the bad guys."

O'Kane's dual role as practising chief executive and academic educator provides unique insight into both industry dynamics and the next generation of cyber professionals.

At UNSW, he teaches cybersecurity, digital forensics, and cyber resilience courses.

As a keynote speaker, O'Kane addresses cybersecurity challenges, including his journey overcoming blindness to lead a cybersecurity business.

For an industry built on defence, O'Kane argues the most important battle may be internal.

Creating a culture that attracts and retains diverse talent is essential to face an evolving threat landscape.

"Stay kind and help make the Australian cyber industry even stronger," O'Kane concludes.