Australian businesses may be underestimating the severity of cybersecurity risks, a new survey reveals. According to the Datacom State of Cybersecurity Index for 2025, conducted by Tech Research Asia (TRA), a shocking disconnect exists between the perceptions of security leaders and the actual cybersecurity readiness felt by employees.
This gap, identified in a survey of 400 IT security leaders and employees across Australia, raises concerns about the country’s preparedness to face the growing cybersecurity challenges, especially as artificial intelligence (AI)-driven cyberattacks continue to rise.
The survey highlights that while 79% of security leaders feel confident that their employees are well-informed about cybersecurity threats, only half (50%) of employees agree with this assessment. This stark disparity in perception presents a serious issue for Australian businesses, as it suggests that a large portion of the workforce may not be adequately prepared to defend against cyber threats.
Datacom State of Cybersecurity Index: AI-Driven Cyber Threats
One of the key findings of the Datacom State of Cybersecurity Index is the escalating concern among security leaders regarding AI-based cyber-attacks. While AI’s potential to enhance cybersecurity measures is widely acknowledged, it is also becoming a tool exploited by hackers and cybercriminals. In fact, AI-driven threats are now at the forefront of concerns for security professionals.
“AI-based cyber-attacks are one of the primary concerns for security leaders today,” said Collin Penman, Chief Information Security Officer at Datacom. “The increasing use of AI by cybercriminals allows them to automate and scale up their attacks, making it much harder for traditional defenses to keep up.”
However, despite the growing awareness of AI’s role in cybersecurity threats, employee knowledge and readiness to handle AI-based risks remain alarmingly low. Only 29% of employees view cybersecurity as a top priority, and there is a distinct lack of understanding when it comes to AI risks and organizational policies surrounding the use of AI tools. This knowledge gap not only leaves companies vulnerable to cyberattacks but also heightens the risk of human error in the event of a cyber breach.
The Disconnect Between Security Leaders and Employees
A critical insight from the survey is that many employees still perceive cybersecurity as the sole responsibility of the IT team. Despite the growing acknowledgment that cybersecurity is an organization-wide responsibility, 58% of security leaders reported that their teams were experiencing cyber burnout due to the increasing pressure to protect against advanced threats. This “IT-is-the-solution” mindset only exacerbates the problem, as employees may not feel personally accountable for cybersecurity, leading to a lack of vigilance and proactive behavior in the workplace.
The Datacom State of Cybersecurity Index also points out that while 95% of security leaders believe their cybersecurity practices are well-aligned with business outcomes, the reality is that many organizations lack a business continuity or resiliency plan in the event of a cyberattack. The absence of such plans means that many businesses may not be fully prepared to recover quickly or effectively after a breach, leaving them exposed to prolonged disruptions and damage.
AI in Business and Its Impact on Cybersecurity
The adoption of AI in Australian businesses is another factor that complicates the cybersecurity landscape. According to the survey, 67% of senior tech leaders consider AI to be the trend shaping the future of business, yet only 17% prioritize cybersecurity at the same level. This imbalance between the enthusiasm for AI and the attention given to securing AI-driven systems raises questions about potential vulnerabilities within organizations.
Despite AI’s promise to enhance productivity, the survey indicates that proper governance frameworks to secure AI technology are lacking. Only 25% of employees have read their organization’s AI security policies, despite the widespread use of AI tools. The increasing reliance on AI technologies to optimize business processes without equally prioritizing AI security is creating a perfect storm for potential cyber threats.
“AI is transforming businesses by boosting efficiency and productivity, but as we see with the Datacom State of Cybersecurity Index, this transformation must be matched by equally robust cybersecurity measures,” said Laura Malcolm, Managing Director of Datacom Australia. “Organizations need to implement solid AI security policies and business continuity plans to mitigate risks and protect their operations.”
The research conducted by Tech Research Asia highlights the critical need for a more integrated, organization-wide approach to cybersecurity, where every employee plays a role in identifying and mitigating risks.
