CFOtech Australia - Technology news for CFOs & financial decision-makers
Australia
Guides
#
artificial intelligence
#
data analytics
#
digital transformation
#
fintech
#
healthtech
Search
Story image
#
Cybersecurity
#
IT Industry
#
Telco

Australia leads in high-impact cyber incidents, study finds

Today
Author image
By Melania Watson, Interview Editor

A recent study conducted by Semperis has found that 76% of Australian organisations suffered at least one high-impact cyber incident that halted essential business operations in the past year, making Australia one of the most affected countries surveyed.

The survey, titled The State of Enterprise Cyber Crisis Readiness, was conducted across 1,000 organisations in Australia, New Zealand, the US, the UK, Germany, France, Italy, Spain, and Singapore. It explored how prepared organisations are for cyber crises and how their readiness aligns with their actual experiences of cyber events.

Within Australia and New Zealand, the study highlighted an apparent gap between self-assessed preparedness and real-world response capacity. According to the report, while 97% of Australian and 98% of New Zealand organisations stated they have a cyber crisis response plan in place, 76% of Australian and 81% of New Zealand organisations experienced a cyber event severe enough to halt crucial business activity – the highest figures among countries surveyed.

The study also found that 38% of Australian organisations and 45% of their New Zealand counterparts faced multiple high-impact cyber events within the past year, percentages that exceeded the global average.

Additional findings revealed that 90% of organisations in both countries activated their crisis response plan at least once in the past year, aligning with the global average. Furthermore, 93% of Australian and 94% of New Zealand organisations conduct monthly or quarterly tabletop exercises or audits, which are the highest rates among the surveyed nations. However, only 43% of Australian and 55% of New Zealand organisations include key business stakeholders such as legal, HR, and finance teams in these exercises, indicating a gap in response coordination and visibility.

Marty Momdjian, Executive Vice President of Ready1 at Semperis, commented on the need for robust preparedness, saying, "Cyberattacks don't check your calendar — they hit when you're at your weakest. In moments of crisis, it's not about rising to the occasion, but falling back on the strength of your preparation."

The research identified several barriers to effective cyber crisis response. The five most significant obstacles globally were cross-team communication gaps, out-of-date response plans, unclear roles and responsibilities, relying on too many different tools, and, lastly, staffing shortages. In Australia, as in the UK, Singapore, and Spain, communication shortcomings between teams emerged as the most substantial impediment. IT and telecommunications saw the highest incidence of high-impact events, followed by sectors including energy, travel, education, and healthcare.

Chris Inglis, the first US National Cyber Director and now Semperis Strategic Advisor, addressed the issue of organisational resilience, stating, "In today's cyber threat landscape, the ability to respond swiftly and decisively is just as critical as prevention. Companies need a command centre for crisis management, ensuring organisations have the playbook, the training, and the coordination needed to turn chaos into control."

In response to the findings, Semperis has introduced Ready1, an enterprise resilience platform designed to improve organisational readiness and streamline cyber crisis management for enterprises in Australia and New Zealand. The platform aims to unify stakeholders, coordinators, and technical teams under one secure system, supporting seamless and coordinated responses to cyber incidents.

Ready1 includes features such as a secure command centre with live dashboards and playbook automation, tools for real-time coordination across teams and external partners, integrated communication and documentation functionalities, and ongoing readiness through exercises and after-action reviews. The platform intends to address tool sprawl, with many organisations currently relying on more than 20 disconnected tools during an incident.

Jim Bowie, Chief Information Security Officer at Tampa General Hospital, commented on the importance of resilience in critical sectors: "In the healthcare industry, downtime isn't just an inconvenience, it's a matter of patient safety. Ready1 is a game-changing all-in-one solution that enables teams to rapidly respond, assess, contain, and remediate threats, even when traditional infrastructure fails, because in a crisis, minutes cost millions."

The study suggests that, despite the high frequency of plan activation and preparedness exercises, a lack of inclusive planning and coordinated communication has left many organisations insufficiently equipped to handle sophisticated cyber threats without disruption to core services.

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X
Related stories
Waratek names Rimini Street exclusive Pinnacle Partner globally
Finder & NobleOak secure media-for-equity backing in Australia
Superloop Partner Program aims to boost IT channel engagement
AI’s impact on cybersecurity for the Australian federal election
Rimini Street appoints Joe Locandro as executive Vice President
Top stories
Melbourne university selects Rimini Street for Salesforce support
Logitech enhances ACCIONA collaboration with new video tools
Australian investors lose AUD $945 million to cyber scams
Australian leaders embrace AI agents to boost workplace output
WA tops economic rankings as Victoria overtakes rivals