Cyber criminals are increasingly targeting businesses across the country, with more than half of all attacks now happening on weekends when IT teams are often under-resourced. Pressure is mounting for companies to prioritise cybersecurity, as former government officials and security experts warn that business leaders are downplaying the scale of the threat, putting customer data and critical systems at significant risk.
New data from cybersecurity firm Semperis shows that many large organisations in Australia have suffered multiple attacks within the past year. Alarmingly, 52% of incidents occur during weekends or public holidays, taking advantage of reduced staffing and delayed responses. Despite this, many leaders and board members continue to view security breaches as unavoidable expenses rather than preventable failures. Experts warn that this attitude only increases vulnerability.
While the majority of organisations report having a Security Operations Centre in place, 89% say they lack adequate coverage outside normal business hours. Adding to the concern, 43% of ransomware victims in Australia said they received physical threats alongside demands for payment. This shift highlights how cyber crime has evolved from data theft into a form of psychological intimidation.
Warnings have not been in short supply. Authorities such as the Australian Securities and Investments Commission and the Australian Prudential Regulation Authority called on businesses, particularly in critical industries like superannuation, to strengthen their digital defences last year. However, many firms delayed essential updates such as implementing multi-factor authentication until after suffering breaches.
Overall, the situation remains concerning. Although government initiatives including legislation and awareness campaigns are in place, business leaders must take personal responsibility for their organisation’s cyber posture. Elevating cybersecurity to a boardroom priority, rather than treating it as a back-office function, may prove essential to reversing the growing trend of attacks on Australia’s digital infrastructure.