Full Report
Australian businesses may be underestimating the severity of cybersecurity risks, a new survey reveals. According to the Datacom State of Cybersecurity Index for 2025, conducted by Tech Research Asia (TRA), a shocking disconnect exists between the perceptions of security leaders and the actual cybersecurity readiness felt by employees. This gap, identified in a survey of 400 IT security leaders and employees across Australia, raises concerns about the country’s preparedness to face the growing cybersecurity challenges, especially as artificial intelligence (AI)-driven cyberattacks continue to rise. The survey highlights that while 79% of security leaders feel confident that their employees are well-informed about cybersecurity threats, only half (50%) of employees agree with this assessment. This stark disparity in perception presents a serious issue for Australian businesses, as it suggests that a large portion of the workforce may not be adequately prepared to defend against cyber threats. Datacom State of Cybersecurity Index: AI-Driven Cyber Threats One of the key findings of the Datacom State of Cybersecurity Index is the escalating concern among security leaders regarding AI-based cyber-attacks. While AI’s potential to enhance cybersecurity measures is widely acknowledged, it is also becoming a tool exploited by hackers and cybercriminals. In fact, AI-driven threats are now at the forefront of concerns for security professionals. "AI-based cyber-attacks are one of the primary concerns for security leaders today," said Collin Penman, Chief Information Security Officer at Datacom. "The increasing use of AI by cybercriminals allows them to automate and scale up their attacks, making it much harder for traditional defenses to keep up." However, despite the growing awareness of AI’s role in cybersecurity threats, employee knowledge and readiness to handle AI-based risks remain alarmingly low. Only 29% of employees view cybersecurity as a top priority, and there is a distinct lack of understanding when it comes to AI risks and organizational policies surrounding the use of AI tools. This knowledge gap not only leaves companies vulnerable to cyberattacks but also heightens the risk of human error in the event of a cyber breach. The Disconnect Between Security Leaders and Employees A critical insight from the survey is that many employees still perceive cybersecurity as the sole responsibility of the IT team. Despite the growing acknowledgment that cybersecurity is an organization-wide responsibility, 58% of security leaders reported that their teams were experiencing cyber burnout due to the increasing pressure to protect against advanced threats. This “IT-is-the-solution” mindset only exacerbates the problem, as employees may not feel personally accountable for cybersecurity, leading to a lack of vigilance and proactive behavior in the workplace. The Datacom State of Cybersecurity Index also points out that while 95% of security leaders believe their cybersecurity practices are well-aligned with business outcomes, the reality is that many organizations lack a business continuity or resiliency plan in the event of a cyberattack. The absence of such plans means that many businesses may not be fully prepared to recover quickly or effectively after a breach, leaving them exposed to prolonged disruptions and damage. AI in Business and Its Impact on Cybersecurity The adoption of AI in Australian businesses is another factor that complicates the cybersecurity landscape. According to the survey, 67% of senior tech leaders consider AI to be the trend shaping the future of business, yet only 17% prioritize cybersecurity at the same level. This imbalance between the enthusiasm for AI and the attention given to securing AI-driven systems raises questions about potential vulnerabilities within organizations. Despite AI’s promise to enhance productivity, the survey indicates that proper governance frameworks to secure AI technology are lacking. Only 25% of employees have read their organization's AI security policies, despite the widespread use of AI tools. The increasing reliance on AI technologies to optimize business processes without equally prioritizing AI security is creating a perfect storm for potential cyber threats. "AI is transforming businesses by boosting efficiency and productivity, but as we see with the Datacom State of Cybersecurity Index, this transformation must be matched by equally robust cybersecurity measures," said Laura Malcolm, Managing Director of Datacom Australia. "Organizations need to implement solid AI security policies and business continuity plans to mitigate risks and protect their operations." The research conducted by Tech Research Asia highlights the critical need for a more integrated, organization-wide approach to cybersecurity, where every employee plays a role in identifying and mitigating risks.
Analysis Summary
# Industry News: Datacom Index Highlights Critical AI Security Gap in Australian Business Readiness
## Summary
New findings from the Datacom State of Cybersecurity Index Report reveal a significant disconnect among Australian businesses regarding Artificial Intelligence (AI) adoption and security preparedness. While 67% of senior technology leaders view AI as the primary trend shaping the future of business, a mere 17% prioritize cybersecurity at the same level, creating substantial governance gaps. This imbalance suggests organizations are rapidly deploying AI tools without establishing commensurate security frameworks to protect these new, potentially vulnerable systems.
## Key Details
- Date: March 25, 2025 (Assumption based on article date)
- Companies Involved: Datacom, Tech Research Asia
- Category: Market Analysis / Industry Report Launch
## The Story
The Datacom State of Cybersecurity Index Report, partially informed by research from Tech Research Asia, indicates that AI adoption is high among senior tech leaders in Australia, who see it as crucial for business future. However, the report underscores a critical misalignment: the prioritization of AI implementation vastly outstrips the prioritization of securing AI systems. Only 17% of leaders match AI trend prioritization with cybersecurity focus. Furthermore, internal adoption is high, with many business processes optimized by AI, yet policy adherence is low—only 25% of employees report having read their organization's AI security policies. Datacom’s Managing Director, Laura Malcolm, stressed that this transformation requires "equally robust cybersecurity measures," including solid AI security policies and business continuity planning, to mitigate emerging risks.
## Business Impact
### For the Companies Involved
- **Datacom/Tech Research Asia:** The report solidifies their position as thought leaders providing essential, data-driven insights into the regional cybersecurity maturity curve and creating potential sales pipelines for security consulting services addressing the identified gaps.
### For Competitors
- Competitors offering security assessment or governance services can leverage this report to benchmark against Datacom's findings and target organizations lagging in AI governance.
### For Customers
- Australian businesses identified in or targeted by this data face immediate risk exposure due to unsecured AI deployments. They must urgently review and enforce AI security policies and invest in governance frameworks.
### For the Market
- The findings signal a structural maturity issue within the regional market, suggesting increased future liability and potential breaches stemming from undocumented or poorly governed AI use. This will likely drive demand for specialized AI security tools and compliance services.
## Technical Implications
The report points to a lack of established governance frameworks for AI adoption. Technically, this implies organizations may be using large language models (LLMs) or other generative AI tools without adequate data leakage prevention controls, robust input validation, or understanding of model drift risks, exposing sensitive corporate or customer data.
## Strategic Analysis
- Market Positioning: The data positions AI security as the next major required investment area, shifting focus from purely network defense to data governance around automated systems.
- Competitive Advantage: Organizations that proactively integrate AI security policies into their operational DNA—moving beyond simple awareness to documented compliance (as suggested by the low policy readership)—will gain a significant trust advantage.
- Challenges: The primary challenge is cultural and educational—getting employees to adhere to AI security policies when the tools themselves are perceived primarily as productivity enhancers.
## Industry Reactions
- **Analyst opinions:** Analysts will likely frame this as a classic "innovator's dilemma" scenario, where speed of deployment overrides security diligence, predicting an uptick in AI-related data compromise incidents within the next 12-18 months if policy adherence doesn't improve.
- **Expert commentary:** Experts will reinforce the call for mandatory training, AI supply chain vetting, and integration of security validation into the MLOps pipeline.
- **Market response:** Expect security vendors to rapidly market specific "AI Governance" or "LLM Security Platforms" in response to this identified market failure point.
## Future Outlook
- **Predictions and expectations:** We expect regulatory bodies to begin drafting specific mandates for AI usage transparency and security in the near future, catalyzed by findings like these highlighting self-regulation failures.
- **What to watch for:** Increased focus on auditability of AI decision-making processes and mandated security attestations for third-party AI services used by enterprises.
## For Security Professionals
Security professionals must urgently assess their organization's Shadow AI usage (unapproved AI tools), develop clear, digestible AI security policies, and implement training specifically focused on risks associated with proprietary data input into public or third-party AI services. They must shift focus towards securing the data pipeline feeding and resulting from AI models.