Cybersecurity investment is essential to any business strategy to protect sensitive customer and company data. Which cybersecurity threats are companies in Australia concerned about in 2024? Are they implementing AI-driven cybersecurity solutions to operate securely in the digital workplace? Read Capterra’s survey results to find out. 

cybersecurity threats for businesses in Australia 

Businesses in Australia are increasing general cybersecurity investment to help address cybersecurity threats linked to phishing attacks, data breaches and weak passwords. These concerns are especially critical for those increasingly relying on digital technologies like IoT and cloud computing to do business. The use of generative AI is on the rise too and is predicted to accelerate in 2024, meaning companies may want to try generative AI for cybersecurity

At the end of 2023, Microsoft announced a $5 billion investment into Australian cloud and AI infrastructure to help the digital economy expand, building a "cyber shield" to protect networks from cyberattacks. Cybersecurity tools driven by AI algorithms can help analyse large datasets, detect patterns and identify anomalies indicative of threats. But are companies increasing their investment in these solutions to mitigate cybersecurity risks?

Capterra surveyed over 700 employees —of which a subset of 568 are explicitly involved in or aware of their company's cybersecurity measures. This article will focus specifically on this sub-group of more cybersecurity-aware respondents. Which security threats do their companies find most concerning in 2024? What do they consider the benefits and challenges of AI cybersecurity tools, and which areas are they investing in? The full methodology is at the bottom of the page.

Over half of companies increased their IT security spending in 2023 

Australian businesses have fallen victim to major cybersecurity attacks in recent years, with some of the most notable data breaches and hacking occurring at Optus and Medibank. The severity of these crimes may have alerted business owners to the potential impact of attacks like these on their operations, reputation, and financial stability. 

With high-profile data breaches making headlines, the government released the Australian Cyber Security Strategy to help companies and citizens proactively strengthen their cybersecurity posture. Perhaps this increased public awareness has proven beneficial: the Capterra 2023 Tech Trends survey found that IT security (e.g., cybersecurity and data protection) software was rated the top investment priority for companies in 2024. 

In our latest Data Security survey, we asked the more cybersecurity-aware participants if IT security spending had changed from 2022 to 2023. The majority (58%) said spending had increased, compared to 36% who said it had stayed the same. 

Cybersecurity threats: IT security spending of companies in Australia in 2023

Recognising the potential impact of a cybersecurity incident on business operations, companies may increase IT security spending on measures that ensure business continuity and rapid recovery in the event of a security breach. 

When asked about the security vulnerabilities their company currently struggles with, careless employees was the most selected answer (44%), followed by weak passwords and authentication (31%) and insufficient network security (29%). 

Employees who disregard or are unaware of security policies may inadvertently violate security protocols. Risky actions, intentional or unintentional, can contribute to insider threats, including accidentally sharing confidential information or poor password management. We asked employees what their companies were concerned about for the following 12 months. 

The top cybersecurity concerns for Australian businesses include: 

  • Advanced email phishing attacks (51%)
  • Advanced ransomware attacks (37%)
  • AI-enhanced attacks (36%)
  • Business email compromise (28%)
  • Software supply chain attacks (23%)

Employees can fall victim to advanced email phishing attacks through various methods that exploit their vulnerabilities and manipulate their trust. For example, credential harvesting involves attackers creating realistic-looking login pages for commonly used services, tricking employees into entering their details. 

Tips for businesses: Companies must organise training programs to regularly update workers on the latest phishing attack techniques, such as emails with malicious links that can lead to a ransomware attack. Password management can help employees securely store, generate, and organise passwords. Companies should regularly remind workers to follow best practices, such as using unique and strong passwords for each account and regularly updating them. 

A third of Aussie companies faced ransomware attacks in 2023

Ransomware attacks have been a common and growing cybersecurity threat for businesses globally. The frequency and severity can vary, but businesses of all sizes and across various industries can be targeted. 

The Australian Signals Directorate Cyber Threat Report 2022-2023 reveals the organisation responded to over 1,100 cyber incidents in the financial year. A further 94,000 reports were made through the government platform ReportCyber, which equates to around one every six minutes —up from one every seven minutes the previous year. 

Capterra found that a third of respondents (33%) said their organisation had been subject to one or more ransomware attacks within the last year. Ransomware attacks prevent victims from accessing their computer or network and stored data by encrypting the files. Cybercriminals demand a ransom in exchange for the decryption. 

Among many options for protecting company, client and personal data, a formal cybersecurity risk assessment is the most popular security measure for companies, according to survey takers (53%). Such assessments are crucial for organisations to identify, evaluate and mitigate potential risks to their information systems and data security. 

Security measures deployed by companies to protect data from cybersecurity threats

Tips for businesses: Companies should implement robust cybersecurity practices to reduce ransomware attack threats by:

  1. Regularly backing up data and ensuring that backups are secure and up-to-date.
  2. Educating employees about threats and the importance of cybersecurity hygiene.
  3. Keeping software and systems updated with the latest security patches.
  4. Using advanced endpoint protection and network security solutions.
  5. Developing and regularly testing incident response and recovery plans.
  6. Allocating a portion of the IT budget to cybersecurity tools to address various challenges. 

65% allocate some IT budget to AI-driven cybersecurity investment 

The adoption of AI technologies, in general, appears to be growing across every industry, with AI tools mainly functioning by collecting, analysing and storing data. This means strong cybersecurity measures are even more critical than ever for organisations to protect client data, as an incident can erode consumer trust and damage the company's reputation. Implementing strong security practices demonstrates a commitment to protecting customer information, which is vital for maintaining trust in the business. 

Companies may want to invest more in AI-driven cybersecurity to strengthen their defence against sophisticated AI-powered threats and proactively protect their digital assets. 65% of survey takers confirmed that their company has part of their IT budget allocated to AI-driven cybersecurity, 14% said their company has none, and 21% said they don’t know. 

Phishing and social engineering attacks (which involve manipulating or tricking people into breaking security procedures) were the most reported threats that prompted companies to consider increasing investment in AI solutions (42%). Cloud security threats (37%) were next, followed by ransomware attacks (36%), which again proved to be a big concern for Australian businesses. 

Cybersecurity threats prompting AI solution investment 

When also asked which specific areas of AI cybersecurity are investment priorities for their company, email security (49%) was most selected. With employees most likely targeted via emails, AI security can filter emails, analyse the content and context, and flag suspicious ones during an attempted attack. Other priority areas for AI cybersecurity investment include:

  • Cloud security (48%)
  • Network security (45%)
  • Threat detection and analysis (35%)
  • Security awareness and training (22%)

Cloud security can face threats arising from misconfigurations, unauthorised access and data breaches. AI cybersecurity can help continuously monitor cloud configurations, detecting deviations from security best practices. Automated alerts can notify administrators and allow for prompt remediation before they are exploited.

Tips for businesses: If companies face an attack and suffer business interruption, cyber insurance will pay for at least some of the damage and provide emergency services. Capterra found that 44% of respondents said their company has cyber insurance, whilst a quarter of survey takers said their company does not. Cyber insurance covers many crimes, including ransomware, cyber extortion, and social engineering attacks and is a necessity for businesses. 

Real-time monitoring reported as main advantage of AI cybersecurity for risk management

Capterra asked survey takers whose companies have allocated some of their IT budgets to AI-driven cybersecurity what their main benefits are. Real-time monitoring was the top advantage (47%) of AI in cybersecurity risk management for their company, followed by advanced threat detection (37%) and predictive analytics (32%).

AI-driven systems can analyse vast amounts of data, enabling the immediate detection of abnormal activities and patterns that may indicate a security threat. This speed is crucial for identifying and responding to threats as they unfold. IT security teams can receive alerts and take action in real-time, minimising the impact of security incidents and preventing further escalation.

Advantages of AI tools for cybersecurity threat risk management 

AI-driven cybersecurity offers several advantages over traditional cybersecurity approaches regarding threat detection and response. For example, manually analysing large datasets can be time-consuming and impractical, whereas AI can process vast amounts of information, enabling faster threat detection.

When we asked respondents for their input, real-time monitoring again appeared at the top of the list of ways AI enhances threat detection and response compared to traditional cybersecurity approaches (54%). The next most popular responses were behavioural analysis (46%) and threat intelligence integration (44%).

Tips for businesses: Companies can leverage AI for user and entity behaviour analysis (UEBA) to detect abnormal activities within their network. Behavioural analysis can identify insider threats and sophisticated attacks that may go unnoticed with traditional security measures. SIEM solutions collect and analyse log data from various sources, including network devices, applications, and security systems. These can extend to incorporate UEBA functionalities for advanced behaviour analysis.

Human oversight is key in AI-driven cybersecurity

Alongside the positives of using AI-driven cybersecurity come a few challenges. Whilst AI tools require large datasets to learn and make accurate predictions, respondents who work in companies that use AI for cybersecurity said data quality and quantity could also be the biggest limitations or challenges of using AI in this way (45%). This was followed by the challenge of human expertise (35%), as AI systems require skilled professionals to operate effectively. 

But what role does human expertise play exactly? Survey takers primarily said it was human oversight (49%), as employees must monitor AI systems to ensure they run correctly. While AI-driven cybersecurity brings automation, speed and scalability, employees provide critical thinking and ethical considerations for effective cybersecurity defence. Human experts are instrumental in implementing AI tools as part of cybersecurity investment so companies should aim to strike the right balance. 

Viewing cybersecurity as an ongoing and evolving process that requires regular assessment and adaptation to the changing threat landscape is essential.

In the following article in this two-part series we look at what protocols companies in Australia have in place to report a cyberattack. Are employees confident that their company is taking cybersecurity threats seriously? What cybersecurity practices do they follow? 

Looking for cybersecurity software? Check out our catalogue!


Data for Capterra's Security Report survey was collected in November 2023. Results comprise responses from 714 participants. The criteria to be selected for this study are as follows: 

  • Australian resident
  • Between 18 and 65 years old
  • Employed full-time in a company with more than one employee
  • Works for a company that uses cybersecurity software tools for protection and has some awareness of which tools are used
  • A subset (568) are involved/aware of their company’s cybersecurity measures 
  • Whenever we refer to respondents in this article, we are referring to this sub-set of 568 more cybersecurity-aware respondents