How does Australia fare in cybersecurity? Findings from our latest global survey revealed.

  • Cybersecurity budgets are getting bigger with Cloud security a focus.
  • Cyber teams need to be better integrated into the business - Australian companies don’t fare as well as those globally.
  • Global top performers have successfully repositioned ‘cyber risk’ to become ‘cyber opportunity.'

PwC’s Global Cybersecurity survey is once again, a fascinating read. In its 26th year, it’s the longest-running and largest cybersecurity survey of its kind. Not only do we get to understand how business leaders are responding to cyber risk challenges globally, but we get to see the differences between countries. Our hope is that business leaders find useful knowledge and practical help on how to face challenges successfully. 

The story here in Australia is revealing. The self-reported cost of the most significant data breaches in the past three years was higher in many cases for Australian companies than those elsewhere. About two in three local organisations (64%) suffered between $158,000 to $14.2 million in losses. Beyond the monetary cost, 49% of respondents are worried about the loss of customer, employee or transaction data and 43% are worried about brand damage (including losing customer confidence).

Budgets are getting bigger.

Business leaders are responding by:

  • Increasing cybersecurity budgets - 74% of respondents are increasing cybersecurity budgets in the year ahead (compared to 60% in 2023), with a particular focus on application and cloud security.

  • Improving governance and reporting lines - with 33% of cyber teams reporting directly to the Board compared to 19% globally.

  • Boosting resilience - such as identifying critical business processes (42% in Australia compared to 35% globally).

Top cyber threats to organisations over the next 12 months

Question: Over the next 12 months, which of the following cyber threats is your organisation most concerned about? (Ranked in top three).
Base: Global = 3876, Australia = 122
Source: PwC, 2024 Global Cybersecurity Survey.

How are organisations' cyber budgets changing in 2024?

Question: How is your organisation’s cyber budget changing in 2024?
Base: Global = 3876, Australia = 122
Source: PwC, 2024 Global Cybersecurity Survey.

This response is, in part, shaped by our regulatory environment, which is catching up to the rest of the world, notably in critical industries. The 2023-2030 Australian Cyber Security Strategy seeks to chart a course to enhance and harmonise regulations, secure government systems, build frameworks to respond to major incidents, and strengthen our international strategy.

While the cybersecurity focus of Australian companies is commendable, there’s still room for improvement. For example, only 36% of respondents indicated their company has a disaster recovery and back-up plan that they continually update.

Managing cloud security

Cloud security ranks high in budget allocation worldwide and in Australia (ranked in the top three for 33% global and 35% local respondents).

In Australia, most companies are using private and public cloud service providers or both. Just 8% store their data on premises. Local companies are significantly less likely to use the hybrid approach than internationally (33% to 42%).

The upside for companies leveraging the cloud, is that there’s a good chance they are simplifying their technology environment and reducing their legacy tech footprint. This not only reduces complexity, but also leverages the benefits of cloud provider investments in security. Australian companies are more confident than those internationally (85% compared to 69%) that they have the right amount of cybersecurity technology solutions. Interestingly, globally, organisations are twice as likely to report they have too many and want to consolidate (19% compared to 10%).

Ready to respond?

Although Australian companies are confident their revenues will continue to rise in the year ahead (86%), if they want to deliver on their optimistic expectations for growth, there’s more to do on cybersecurity. 

Cyber teams still need to be better integrated into the business, to allow for greater information sharing and collaboration. This is where Australian companies don’t fare as well as those globally. There is a marked difference in responses regarding cyber teams collaborating with other parts of the business that affect the organisation’s cybersecurity posture (13% Australia and 23% global), and allocating cyber budget to the top risks of the organisation (12% versus 23%).

Please indicate how consistently your organisation's cybersecurity team does the following

(Those who selected Usually (81-100% of the time').

Question: Please indicate how consistently your organisation's cybersecurity team does the following- (Those who selected "Usually (81-100% of the time ).
Base: Global = 3876, Australia = 12
Source: PwC, 2024 Global Cybersecurity Survey.

Cyber should be harnessed as an opportunity. Global top performers do this. They are responsive, agile and collaborative, informing and engaging with all business units to drive momentum. In turn, their efforts yield fewer breaches and lower costs.

Top 5% are more likely to:

  • Invest more into cyber budget, with 85% increasing their cyber budget in 2024 (vs 79% overall), of which 19% are increasing cyber budget in 2024 by 15% or more, compared to 10% overall.
  • Say their most damaging cyber breach in the past three years cost them less than $158,000 (28% vs 19% overall).
  • Strongly agree their organisation will develop new lines of business using generative AI (GenAI) (49% vs 33% overall).

Secure digital systems can also offer new revenue streams or enhance existing products and services. Global top performers reap all of these benefits. They have successfully repositioned ‘cyber risk’ to become ‘cyber opportunity’ enabling increased performance within the business and across the business as a whole. Will you be one of them?

To read more on how global top performers approach cybersecurity, and more, see: From risk to enabler: Australian insights on cybersecurity


Contact the authors

Robert Di Pietro

Cybersecurity & Digital Trust Leader, Melbourne, PwC Australia

+61 418 533 346

Contact form