With 88% of Australian companies hit by cyber attacks last year, Marc Beder from 11:11 Systems shares how to build smarter defences against evolving threats.
Cybersecurity is a year-round responsibility, but Cybersecurity Awareness Month is as good a time as any to take stock of how well your business is protected. It’s an opportunity to review your policies, reflect on emerging risks, and strengthen your defences in an increasingly complex digital world.
You only need to catch the news to understand cybersecurity, cyber recovery, and cyber resilience are of critical importance for any organisation. Barely a day goes by without a major breach making major headlines. But it’s not just those incidents. In FY24-25 the Australian Signals Directorate’s Australian Cyber Security Centre responded to over 1,200 cyber security incidents, up 11% from the year before.
As our reliance on technology deepens, the threats we face grow more sophisticated and widespread. They’re no longer just a problem for IT departments. It affects every level of an organisation, including at the senior level where company directors can face regulatory or civil consequences for failure to manage their cyber risks.
With Gartner predicting that cybersecurity would be the leading investment for 82% ANZ CIOs in 2025, and recent numerous high-profile attacks to Australian businesses, it’s fair to say it’s a hot topic for business leaders. To understand how businesses are navigating this new reality, we surveyed senior IT leaders from across the world.
Here’s a little bit of what we found.
Cyber attacks are more frequent and costly than you think
We say it all the time: it’s not if, but when. And it has never been more accurate. Our survey revealed that 88% of Australian companies experienced a significant cyber attack in the past year, compared to 82% globally, and a staggering 63% were hit two or more times, 5% more than the global figure. These aren’t minor incidents. They’re major disruptions with substantial financial consequences.
For nearly 20% of the organisations we surveyed, just one hour of downtime resulted in losses of more than half a million dollars (US). And Australians are not immune, with the ASD reporting the average financial loss for businesses has gone up by 50% in the past year. While these figures are alarmingly high, many experts believe they are conservative. For example, the IBM Cost of a Data Breach Report from 2025 found the global average cost of a data breach to be $4.4 million. This highlights a dangerous gap between perception and reality. Despite the clear and present danger, a surprising level of overconfidence persists among IT leaders.
AI is reshaping the battlefield
The complexity of planning for cyber incident recovery is the single biggest challenge facing IT leaders today. Adding to this complexity is the rapid emergence of artificial intelligence (AI). While a powerful tool for businesses, AI is also being weaponised by cybercriminals.
Our cyber trends survey found that AI-driven attacks are the number one concern for IT cybersecurity leaders.
- 75% of Australian respondents believe using AI in their own business could make them more vulnerable to an attack.
- 67% of Australians are concerned that AI makes it easier for bad actors to attack infrastructure and target employees.
- 39% of Australian companies have already experienced AI-driven phishing attacks.
AI enables cybercriminals to launch faster, larger-scale, and more effective attacks. It helps them analyse vulnerabilities to deploy targeted ransomware and create advanced malware that adapts to security measures. AI also enhances social engineering attacks, with tools that craft highly personalised phishing emails or even deepfake audio and video to deceive employees.
Clean room recovery plays a key role
Our cyber trends survey also found that as attacks become more sophisticated, recovery methods must evolve. One of the most effective strategies is clean room recovery, which involves restoring IT systems in a completely isolated and contamination-free environment. Instead of rebooting potentially compromised machines, this process rebuilds your digital infrastructure in an environment removed from production IT.
Why is this so important?
- It prevents reinfection: By starting fresh, you ensure that your environment can’t be corrupted by malware or hidden backdoors left by attackers.
- It guarantees system integrity: Attackers can infect backups that lie dormant for weeks. Clean room recovery rebuilds everything in isolation, allowing for forensic activities to take place and provide certainty of a clean environment, eliminating the risk of reintroducing old malware.
- It enhances incident response: Keeping the recovery environment separate preserves forensic evidence, helping security teams analyse the attack without contaminating the restored systems.
Build a resilient future
The cybersecurity landscape is more challenging than ever, but the tools and strategies to combat threats are also advancing. Our cyber trends survey revealed that while approaches to cyber resilience vary, there is a consensus on the importance of testing and investment. 68% of organisations test their cyber incident recovery plans annually, and an overwhelming 93% of Australian’s plan to invest in cyber incident recovery in the next 12 months, slightly lower than the global figure of 96%.
When selecting a solution, IT leaders overwhelmingly prioritised support for public cloud workloads and the ability to customise the solution for application-level recovery. This reflects the reality of modern IT environments, where data lives both on-premises and in the cloud.
Another consideration is that the solution goes beyond just security. It requires a multi-layered approach that includes:
- Preventive security to identify vulnerabilities and cultivate a security-first culture.
- Reactive controls so you can respond and recover, even if the worst-case scenario happens.
- Consultation and expertise to guide you and support you through the known and unknown.
By combining proven technology, tried-and-true processes, and the deep expertise of knowledgeable specialists, your organisation can move from a state of uncertainty to resilience, fully prepared for whatever comes in the year ahead.
Navigating these cyber trends and the complexities of cybersecurity require a proactive and strategic approach. Download the 11:11 Cyber Trends Report – 2025 to get the complete picture of the state of today’s IT challenges.
Keep up to date with our stories on LinkedIn, Twitter, Facebook and Instagram.
