Australian Businesses Experiencing More Cyber Security Breaches, Spending on the Rise


According to new research from Accenture and The Ponemon Institute, cyber-crime in Australia increased by over 25 per cent in 2017, the second highest rate of countries surveyed, with Australian businesses increasing spend on their cyber defences accordingly (a 25 per cent increase from 2016.)

As part of the global survey, 2182 interviews were conducted from 254 companies, in seven countries including the United States, Germany, Japan, the United Kingdom, France, Italy, and 169 from Australia.

Australian businesses experienced an average of 53 security breaches last year, a 25 per cent increase, but significantly less than the global average of 130.

In Australia, malicious insiders, phishing and social engineering are the costliest attack types, with a price tag of $136,804 and $112,902 per incident, respectively. Detection accounts for one third of security costs on average.

The survey of 169 interviews revealed that the use of AI and advanced analytics in cyber security is low, with only 24 per cent and 32 per cent of companies respectively having deployed these technologies. However, these technologies were found to produce amongst the highest level of cost savings when compared to other security and defence costs.

“With cyber incidents on the rise, and ever evolving in terms of scale and sophistication, Australian businesses should ensure they are appropriately prepared. It is encouraging to see strong investment in this field, however it is clear that businesses should consider the targeted deployment of advanced analytics and artificial intelligence in their cyber defences,” said Josh Kennedy-White, Managing Director, Accenture Security, Asia Pacific. “These advanced technologies represent significant return on investment.”

Other relevant findings include:

  • Information loss is one of the most expensive consequences of cyber-attacks in Australia, second to business disruption (41 per cent and 32 per cent respectively)
  • The most common security technologies deployed in Australia are security intelligence systems (64 per cent), advanced identity and access governance (60 per cent)

Steps to improve effectiveness of cybersecurity efforts

By taking the following three steps, Australian organisations can further improve the effectiveness of their cybersecurity efforts to fend off and reduce the impact of cyber-crime:

  1. Build cybersecurity on a strong foundation: Invest in the ‘brilliant basics’ such as security intelligence and advanced access management and yet recognise the need to innovate to stay ahead of hackers.
  2. Undertake extreme pressure testing: Organisations should not rely on compliance alone to enhance their security profile but undertake extreme pressure testing to identify vulnerabilities more rigorously than even the most highly motivated attacker.
  3. Invest in breakthrough innovation: Balance spend on new technologies, specifically analytics and artificial intelligence, to enhance program effectiveness and scale value.


The study, conducted by the Ponemon Institute on behalf of Accenture, analyses a variety of costs associated with cyber-attacks to IT infrastructure, economic espionage, business disruption, ex-filtration of intellectual property and revenue losses. Data was collected from 2,182 interviews conducted over a ten-month period from a benchmark sample of 254 organisations in seven countries – the US, United Kingdom, Australia, Germany, Japan, France and Italy. The study represents the annualised cost of all cyber-crime events and exploits experienced over a one-year period. These include costs to detect, recover, investigate and manage the incident response. Also covered are costs that result in after-the-fact activities and efforts to contain additional expenses from business disruption and the loss of customers.