Site Search Site Search

Menu

Topics

Loading Results

2025 PwC Digital Trust Survey: Key findings

  • 67% of Australian respondents stated mitigating cyber risks as the number one priority over the next 12 months.
  • 50% of Australian CEOs are not confident in their organisations ability to comply with critical infrastructure regulation.
  • 51% of Australian organisations are not investing enough in upskilling their workforce, compared to 35% globally.

As cybersecurity threats continue to grow in sophistication and frequency, organisations worldwide are grappling with how to protect their digital assets and data. PwC’s 27th Global Digital Trust Insights Survey 2025, which surveyed over 4,000 business and technology leaders across 77 territories, sheds light on the evolving landscape of cyber risks, regulatory pressures, and the growing role of AI in cybersecurity. Among the key findings, Australian businesses stand out for both their strengths and areas of concern in tackling cyber threats. In this article, we explore the top 7 insights that are critical to Australian organisations. 

PwC’s 27th Global Digital Trust Insights Survey 2025

In its 27th year, it is the longest-running and largest survey of it’s kind with 4,042 executive respondents across business, technology, and security executives.

1. AI adoption in cybersecurity: A global comparison

Australian companies are notably slower than their global counterparts in adopting AI-driven cyber solutions. While AI is becoming a vital tool for threat detection and response worldwide, Australian organisations have yet to fully capitalise on this emerging technology. The survey shows that just 15% of Australian companies have seen GenAI impact their cybersecurity landscape in the last year, compared to 31% globally. This suggests that Australian businesses need to invest more significantly in AI to stay competitive in the cybersecurity space and build resilience.

2. Cyber resilience gaps: A growing concern

Despite the increasing recognition of cyber risks, the survey reveals significant gaps in the implementation of cyber resilience strategies. Only 2% of executives reported their company has implemented comprehensive cyber resilience actions across all areas. While many organisations are aware of the growing threats — ranging from cloud-related risks to third-party breaches — few feel prepared to address them. Australian leaders echoed these concerns, with 47% identifying cloud-related threats as their primary concern followed by 37% pointing to third-party breaches as major areas of vulnerability.

3. CISO involvement and leadership gaps

A worrying trend in the survey is the lack of Chief Information Security Officer (CISO) involvement in strategic decision-making. Fewer than half of executives reported that their CISOs are fully engaged in high-level planning, board reporting and overseeing technology deployments. This lack of integration between cybersecurity leadership and overall business strategy creates a fragmented approach to risk management. In Australia, only 40% of boards believe they are effectively managing regulatory responsibilities — below the global average of 50%.This suggests there is an opportunity for Australian CISOs to lift the visibility of efforts to meet the growing needs of cyber and privacy regulation.

4. Regulatory pressures and compliance challenges

The regulatory environment surrounding cybersecurity continues to evolve, with new frameworks such as the SOCI Act, CPS 230 and Privacy Act amendments putting pressure on organisations to stay compliant. Australian businesses appear to be struggling with the pace of regulatory changes. In fact, 13% of Australian organisations reported that cybersecurity regulations have caused delays in strategic planning and operational outcomes — double the global average of 7%. Furthermore, there is a significant confidence gap between Australian CEOs and CISOs regarding compliance, notably in areas of AI and critical infrastructure. Only 50% of Australian CEOs were confident in compliance to critical infrastructure regulation compared to CISOs at a more optimistic 65%.

5. Cybersecurity investment priorities

As the threat landscape intensifies, many Australian companies are increasing their cybersecurity budgets, with 76% of respondents expecting higher spending in the coming year — on par with global trends. However, Australian organisations are prioritising data protection and data trust (51%) more than other areas of investment. This focus aligns with a global shift towards strengthening data security to build customer trust. Interestingly, only 34% of Australian businesses are focusing on modernising their technology and cyber infrastructure, a step that global counterparts are investing in at a higher rate (43%). This suggests Australian organisations are taking on more risk associated with managing legacy infrastructure compared to global counterparts.

6. The growing role of emerging technologies

Generative AI (GenAI) is both a potential opportunity and a significant risk in the cybersecurity landscape. While organisations are exploring its use for threat detection, malware protection, and threat intelligence, skills are proving a key constraint. In Australia, 51% of businesses see a lack of training as the biggest internal challenge related to GenAI and cybersecurity, compared to 35% globally. This underlines the need for greater focus on upskilling workforces to navigate the complexities of emerging technologies and maximise their benefits.

7. Building trust through resilience

The concept of ‘cyber resilience’ is no longer just about preventing breaches; it’s about building organisational trust and preparing for the worst. 67% of Australian executives rank cybersecurity as the most concerning risk, and many are placing greater emphasis on strengthening their security postures to safeguard their reputation. Increasingly, cybersecurity is viewed as a key differentiator in business, with companies investing in resilience as a way to build customer confidence and trust.

A call-to-action for Australian businesses

While Australian organisations are making strides in addressing cyber risks, the findings from this survey suggest that there is still much work to be done. To effectively mitigate cyber threats and capitalise on emerging opportunities, Australian businesses can:

  • Accelerate AI adoption in cybersecurity to stay ahead of the curve.

  • Bridge the gaps in cyber resilience implementation and preparedness.

  • Ensure CISOs are deeply embedded in strategic planning and decision-making.

  • Address regulatory compliance challenges and foster stronger alignment between CEOs and CISOs.

  • Prioritise workforce training and upskilling, particularly in emerging technologies like GenAI.

  • Continue to invest in data protection and infrastructure modernisation to build long-term resilience.

As cyber risks grow more complex, taking a proactive, enterprise-wide approach to cybersecurity will be key to building trust, ensuring compliance and safeguarding digital transformation goals.

 

Want to dive deeper? Download the full 2025 Global Digital Trust Insights Survey to see further detailed analysis and recommendations for business leaders.

If you would like to discuss how we can help your organisation, please contact Robert Di Pietro and Mike Cerny.

Contact the authors

Robert Di Pietro

Partner, Advisory, Cybersecurity & Digital Trust Leader, Melbourne, PwC Australia

Contact form

Michael Cerny

Partner, Advisory, Cybersecurity & Digital Trust, PwC Australia

Contact form

{{filterContent.facetedTitle}}

Related Articles
heading
Digital Pulse shares insights from PwC experts to empower your digital journey. By exploring stories at the intersection of humanity and technology we help you solve today’s business challenges to unlock the possibilities of tomorrow.
sitelinks Home Topics About
policylinks PwC Consulting Privacy Legal disclaimer
sociallinks Connect with us Email Twitter
subscribe Get the latest in your inbox weekly. Sign up for the Digital Pulse newsletter.

© 2021 - 2025 PwC. Digital Pulse shares expertise from PwC consultants and wider industry networks to provide thought leadership and actionable insights to empower your digital journey. We focus on transformational change and how this impacts consumers and business alike.

Industries
Agribusiness and Food Banking and Capital Markets Construction and Transportation Education and Skills Entertainment and Media Government Insurance Power & Utilities Retail and Consumer Real Estate Telecommunications
Asset Management Charities and Not-for-profit Defence Energy (Oil & Gas) Financial Services Healthcare Mining Infrastructure Superannuation Technology
Capabilities
Asia Practice Assurance Business Align & Connect Consulting Cybersecurity and Digital Trust Deals Digital Transformation Energy Transformation Environment, Social and Governance (ESG)
Future of Work Indigenous Consulting Integrated Infrastructure Legal People & Organisation PwC Private Strategy Tax
About Us Alumni Governance Board Diversity and Inclusion Executive Board Non-executive Director Centre Social Impact Suppliers of PwC The New Equation
Media
Insights
Careers Student careers Graduate careers Experienced careers
Contact Us Local Offices Sitemap
Digital Pulse Topics About us Subscribe

© 2017 - 2025 PwC. All rights reserved. PwC refers to the PwC network and/or one or more of its member firms, each of which is a separate legal entity. Please see www.pwc.com/structure for further details. Liability limited by a scheme approved under Professional Standards Legislation.