Navigating cyber risks and building resilience

AI is rapidly transforming cybersecurity, offering advanced capabilities like predictive analytics and automated threat detection. However, the rise of AI-driven attacks, such as deepfake phishing and adversarial AI, underscores the need for organisations to adopt these technologies more strategically. To remain resilient and competitive, businesses must prioritise key areas that address both emerging risks and opportunities. Investments in defensive measures against malicious AI use will be as critical as leveraging AI for operational advantages.

Regulatory changes are also reshaping the cyber agenda. In Australia, this includes recent updates to the Privacy Act and the SOCI Act, as well as the introduction of mandatory ransomware reporting requirements. Robust governance and compliance strategies are essential to meet these obligations while maintaining stakeholder trust.

Critical infrastructure will remain a top target for cyberattacks, particularly ransomware and nation-state threats. Supply chain vulnerabilities will demand immediate attention as third-party breaches increasingly threaten broader ecosystems. Strengthened vendor risk management, continuous monitoring, and targeted security improvements in procurement processes will be necessary to safeguard interconnected networks and ensure operational resilience.

Ransomware continues to evolve, with attackers employing multi-extortion tactics to maximise disruption and ensure payment. Our annual ransomware survey revealed that 84 percent of Australian businesses that have suffered an attack in the past five years paid a ransom. Further, 83 percent of businesses, including those yet to experience an attack, said they would be willing to pay a cyber ransom.

To counter these threats, organisations must implement comprehensive incident response plans, maintain robust data backup strategies, and prepare for prolonged recovery efforts.

Cybersecurity is no longer a discretionary cost; it is fundamental to building trust, ensuring business continuity, and creating competitive advantage. Organisations that adopt proactive strategies and leverage emerging technologies will be well-positioned to navigate escalating cyber threats and greater regulatory scrutiny.