Cyber crims are rapidly adopting artificial intelligence (AI) to scale stealthy, fast-moving attacks, leaving security teams struggling to detect and respond in time. The threat landscape is both evolving in complexity and shifting toward gaps in visibility, governance, and infrastructure.
Nearly 51 per cent of organisations in Australia said that they have encountered AI-powered cyber threats in the past year. These threats are scaling fast, with two times increase reported by 76 per cent and three times increase by 16 per cent of organisations.
This new class of AI-powered threats is harder to detect and often exploits weaknesses in human behaviour, misconfigurations, and identity systems. In Australia, the top AI-driven threats reported include AI-powered malware (e.g., self-evolving, polymorphic malware), AI-assisted credential stuffing and brute force attacks (AI optimising login attack success rates),
AI-driven deepfake impersonation in business email compromise, AI-enhanced zero-day discovery and weaponisation, and deepfake-driven social engineering attacks (e.g., voice/video impersonation for fraud).
Despite the rise in AI-driven attacks, only 32 per cent of organisations say they are very confident in their ability to defend against them. Meanwhile, 15 per cent admit that AI threats are outpacing their detection capabilities, exposing a significant preparedness gap.
Cyber Risk is now a Constant
The cybersecurity landscape is no longer defined by episodic crises; it is a state of constant exposure. Organisations in Australia are increasingly vulnerable to threats that operate in the shadows. The most reported threats include denial of service (60 per cent), software supply chain attacks (59 per cent), cloud vulnerabilities (59 per cent), ransomware (56 per cent), and insider threats (51 per cent).
The most disruptive threats are no longer the most obvious. Topping the list are unpatched (n-day) vulnerabilities and zero-day exploits, followed closely by insider threats, cloud misconfigurations, software supply chain attacks, and human error. These threats are particularly damaging because they often go undetected by traditional defences, exploiting internal weaknesses and visibility gaps.
The fastest-rising threats include ransomware (20 per cent), supply chain attacks (15 per cent), denial of service (12 per cent), and zero-day exploits and cloud vulnerabilities (10 per cent). These threats are scaling rapidly because they exploit gaps in governance, visibility, and system complexity, making them harder to detect and potentially more damaging when successful.
Teams Under Pressure: Too Few People, Too Many Problems
Security teams in Australia continue to face significant resource constraints. On average, just seven per cent of an organisation’s workforce is dedicated to internal IT, and only 13 per cent of that subset is focused on cybersecurity. That equates to less than one full-time cybersecurity professional for every 100 employees.
Only 15 per cent of organisations have a standalone chief information security officer (CISO), and most (63 per cent) continue to combine cybersecurity responsibilities with broader IT roles. Just six per cent of organisations have specialised teams for functions like threat hunting and security operations.
These lean teams are also facing mounting pressure from the surge in threats. The top challenges reported include overwhelming threat volume (54 per cent), difficulty in retaining skilled cybersecurity talent (52 per cent), and tool complexity (44 per cent), leading to burnout and fragmentation within cyber teams.
Critical areas such as operational technology/Internet of Things security; development, security, and operations; and security training continue to receive limited funding; indicating a persistent lag in addressing operational and human-layer vulnerabilities.
About the survey
IDC surveyed 550 IT and security leaders across 11 Asia-Pacific markets, including Australia (70 respondents), New Zealand (30 respondents), and 50 respondents each from India, Indonesia, Malaysia, Singapore, South Korea, Thailand, the Philippines, Vietnam, and Hong Kong between February and April 2025. Respondents represented organisations with over 250 employees and were directly involved in cybersecurity decision-making. The findings are published in the IDC Info Snapshot, sponsored by Fortinet, State of Cybersecurity in Asia-Pacific: From Constant Risk to Platform-Driven Resilience, May 2025, IDC Doc #AP249601X.