SecurityBrief Australia - Technology news for CISOs & cybersecurity decision-makers
Australia
Guides
#
cloud security
#
cybersecurity
#
endpoint protection
#
firewalls
#
ransomware
Search
Story image
#
Digital Transformation
#
Risk & Compliance
#
AI

Australian firms overestimate cyber defences, survey reveals

Yesterday
Author image
By Sean Mitchell, Publisher

Australian businesses may be overestimating their overall cybersecurity defenses, as a survey reveals a disparity in the perceptions of security leaders and employees regarding cyber readiness.

The Datacom State of Cybersecurity Index Australia 2025, conducted by Tech Research Asia (TRA), exposes a significant gap between the confidence expressed by security leaders and the actual readiness felt by employees. According to the survey findings, while 79% of security leaders believe employees are adequately informed about cybersecurity threats, just 50% of employees agree with this assessment.

AI-based cyber-attacks have emerged as the primary concern for security leaders, with employee awareness of AI risks and policies still notably low. Only 29% of employees view cybersecurity as a top priority with active involvement from all members of an organisation.

As AI is increasingly leveraged by cyber-criminals to automate and enlarge attack strategies, IT leaders report growing levels of cyber fatigue and burnout among their teams. Collin Penman, Group Chief Information Security Officer at Datacom, states that this disconnect between leaders' perception and employees' awareness constitutes a major risk.

"The findings highlight the need to get employees and leaders on the same page to adequately identify cyber threats and enable the safe and responsibly adoption of AI. And we still have work to do to harness AI as a cybersecurity tool which could take more of the load off cybersecurity teams," he explained.

Current IT infrastructure maturity rates low in terms of AI-augmented cybersecurity adoption, indicating potential vulnerabilities in the face of AI-driven threats. Penman noted that while AI offers significant advances in combatting cyber threats, the maturity of AI-augmented technologies in cyber defenses remains limited.

The issue of cyber burnout is underscored by 58% of security leaders acknowledging fatigue within their cybersecurity or IT teams. Penman warned, "There is a real risk that businesses are operating with a false sense of security. Leaders believe their teams are ready to tackle threats, but this disconnect is leaving businesses exposed. Cybersecurity is only as strong as the organisation's weakest link, and if employees don't have the right training or awareness, security strategies won't hold up when they're most needed."

AI adoption is quickly advancing among Australian businesses with 67% of senior tech leaders ranking it as the foremost trend, while cybersecurity follows at 17%. However, proper governance frameworks to pace alongside AI innovation are lacking, with only one in four employees having read their organisation's AI security policies, despite widespread use of AI tools.

Laura Malcolm, Datacom Australia Managing Director, highlighted the need for productivity enhancements through AI, while stressing the importance of solid security measures. "To address those productivity issues, Australian organisations need to be taking advantage of AI-driven efficiencies, but our cybersecurity research shows they also need to be harnessing AI to bolster their security practices, and they must establish business resilience planning, so they have a clear path to recovery after an attack."

Penman added, "AI is proving to be a transformative force for businesses. The challenge now is to ensure security and governance keep pace with its adoption. Australian businesses are already experiencing a positive impact, and as confidence continues to climb, we expect to see more companies embedding AI into their overall strategy to handle more advanced tasks like complex decision-making and enhancing employee productivity."

Notably, business continuity planning in the cybersecurity sector appears insufficient, with only 38% of security leaders possessing a resilience plan in place, despite 95% believing cybersecurity aligns with business objectives.

The research stresses the need for integrating governance into business and security frameworks amidst accelerating AI adoption. "With AI adoption accelerating and cyber threats evolving, governance must be embedded into business and security frameworks. Cybersecurity investment supports business continuity, growth, and trust - because preventing a breach is always better than responding to one," said Penman.

The survey findings are based on responses from 105 security leaders and 303 employees in Australia, conducted by TRA in November 2024.

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X
Related stories
Data backup vital says ISMS.online officer as day nears
Interactive appoints Broadbent as SA sales lead
Exclusive: Pulseway discusses drive for simplicity and efficiency in IT management
CrowdStrike boosts Falcon with new AI risk management tools
NVIDIA GTC: Realize the promise of AI agents as a workforce multiplier in cybersecurity
Top stories
UiPath unveils AI-enhanced Test Cloud to boost productivity
Netskope: leader in IDC MarketScape DLP 2025 assessment
CrowdStrike launches services partner programme for SIEM
Fastly updates bot management to reduce CAPTCHA reliance
AI & data breaches drive rise in sextortion scams