AI boosts Australian cyber defences against rising threats

Australian organisations are turning to Artificial Intelligence (AI) to address increasing cyber threats, with AI playing a significant role in automating security operations.

Recent findings from the Australian Signals Directorate's Annual Cyber Threat Report 2023–24 indicate that over 1,100 cyber incidents were reported, with 11% affecting critical infrastructure. The cost of cybercrime has soared, with small businesses bearing an average loss of over AUD $46,000 per incident and medium-sized enterprises facing approximately AUD $97,000. This urgency necessitates quick and precise security responses.

AI is facilitating a shift from reactive to proactive measures within Security Operations Centres (SOCs). It allows for automated triage, investigation, and resolution of incidents, which helps in managing the numerous false alerts that analysts typically face. According to IBM, organisations that adopt AI-enhanced SOCs have reduced the average time taken to detect and contain breaches by 74 days, equating to estimated savings of AUD $1.76 million per breach.

Key benefits of integrating AI in SOC Operations include Automated Tier-1 Analysis, with AI processing up to 90% of low-level alerts, thereby enabling analysts to tackle more complex investigations. Real-time threat detection is improved, with machine learning identifying behavioural abnormalities and zero-day threats more precisely. AI platforms, such as Microsoft Security Copilot and Torq, have been shown to reduce the Mean Time to Resolution (MTTR) by 30–40%. Additionally, integrated threat intelligence through continuous data correlation helps in making faster and more informed decisions.

In Australia, the need for such enhancements is critical due to a projected cybersecurity workforce gap expected to surpass 16,000 unfilled positions by 2026. A report from AustCyber states that 77% of Australian businesses are facing challenges in hiring skilled security personnel. AI aims not to replace these professionals but to augment their capabilities, enabling more efficient security management.

AI is also empowering human analysts by automating routine tasks like log correlation and threat classification. This collaboration allows security personnel to focus on advanced threat detection, strategic planning, and reducing analyst burnout. AI's role in handling routine tasks lets analysts concentrate on interpreting sophisticated threats and ensuring organisational compliance and resilience.

Several large Australian companies, including Powerlink Queensland, TAL Insurance, and AustralianSuper, are utilising AI co-pilot technologies to improve detection accuracy and assist with compliance and monitoring. According to a 2024 ThreatQuotient survey, 58% of Australian companies have integrated AI-driven automation, with another 20% planning to do so within the next year.

Melbourne-based consultancy Borderless CS is aiding organisations in establishing the necessary groundwork for AI integration into cybersecurity infrastructure. They focus on governance, risk, compliance, identity and access management, incident response, and SIEM implementation to prepare structures for effective AI adoption. "The goal is to ensure security operations are robust and well-aligned before introducing AI, so new tools enhance what's already working, rather than compensating for structural gaps," stated the CEO of Borderless CS.

As cyber attackers increasingly use AI to scale their operations, the integration of AI into security processes becomes essential. Investing in intelligent SOC automation emerges not merely as a technological advancement but as a strategic evolution vital for protecting digital assets effectively.