A recent survey conducted by Tech Research Asia (TRA) reveals that Australian businesses may not fully grasp the seriousness of cybersecurity threats. The Datacom State of Cybersecurity Index for 2025 shows a significant gap between the perceptions of security leaders and the actual level of cybersecurity preparedness among employees, pointing to a potential issue in the country’s ability to combat the increasing cybersecurity challenges, particularly with the rise of AI-driven cyberattacks.
The survey, which involved 400 IT security leaders and employees in Australia, brought to light a concerning finding – while 79% of security leaders believe that employees are well-versed in cybersecurity threats, only half (50%) of the employees share this confidence. This disparity in perception raises red flags for Australian businesses, suggesting that a significant portion of the workforce might not be adequately equipped to defend against cyber threats.
One of the key takeaways from the Datacom State of Cybersecurity Index is the growing concern among security professionals regarding AI-based cyber-attacks. While AI technology has the potential to bolster cybersecurity measures, it is increasingly being exploited by hackers and cybercriminals to launch sophisticated attacks. As a result, AI-driven threats have become a top priority for security experts.
Collin Penman, Chief Information Security Officer at Datacom, highlighted the alarming trend of AI-based cyber-attacks, noting that cybercriminals are leveraging AI to automate and scale up their malicious activities, posing challenges for traditional defense mechanisms. Despite the recognition of AI’s role in cybersecurity threats, the survey revealed that employee awareness and readiness to address AI-related risks are alarmingly low. Only 29% of employees consider cybersecurity a top priority, and there is a noticeable lack of understanding regarding AI risks and organizational policies surrounding AI tools, which increases the vulnerability of companies to cyber breaches.
Another concerning finding from the survey is the disconnect between security leaders and employees when it comes to cybersecurity responsibilities. Many employees still view cybersecurity as solely the IT team’s responsibility, leading to cyber burnout among security teams and a lack of personal accountability for cybersecurity among employees. Furthermore, while 95% of security leaders believe their cybersecurity practices align with business outcomes, many organizations lack a robust business continuity or resiliency plan in the event of a cyberattack, leaving them vulnerable to prolonged disruptions.
The adoption of AI in Australian businesses presents additional challenges to cybersecurity. Despite 67% of senior tech leaders viewing AI as a transformative trend for business, only 17% prioritize cybersecurity at the same level. This disparity raises concerns about potential vulnerabilities within organizations, exacerbated by the lack of proper governance frameworks to secure AI technology.
Laura Malcolm, Managing Director of Datacom Australia, emphasized the importance of implementing solid AI security policies and business continuity plans to mitigate risks and protect operations in the face of evolving cyber threats. The research underscores the need for a more integrated, organization-wide approach to cybersecurity, where every employee is actively involved in identifying and addressing risks.
In conclusion, the survey highlights the critical importance of enhancing cybersecurity awareness and preparedness across all levels of an organization to effectively combat the evolving landscape of cybersecurity threats, particularly in the face of AI-driven attacks. Australian businesses must prioritize cybersecurity measures and promote a culture of vigilance to safeguard against potential risks and disruptions.