Recent high-profile breaches have brought cybercrime back squarely into the news and into the public consciousness. These incidents feel deeply personal to Australians. Millions have had their data compromised - the true cost of which is difficult to estimate - and people have had their trust broken.  

For the impacted organisation, a cyber incident can cost millions in remediation, legal fees, and regulatory penalties. Probably more damaging in the long term is the damage to a company’s reputation - the erosion of customer confidence and stakeholder trust.  

In 2025 the cyber threat landscape continues to evolve, shaping strategies and investments from businesses trying to stay ahead of attackers. Let’s look at a how the landscape has shifted for Aussie Businesses in 2025.  

Ransomware Attacks on Australian Businesses are Surging 

Australian businesses continue to rank in the top 10 globally when it comes to ransomware attacks, an area of cyber-crime that has seen a 125% increase in the past year alone. The finance, healthcare, and retail industries are popular targets, and a successful attack can be devastating - with attacks often leading to multimillion-dollar ransom demands, service disruptions, and compromised customer data. The adoption of remote work has further exacerbated vulnerabilities, underlining the need continue to invest in cybersecurity defences. 

AI is increasingly powering Cyber Crime 

The use of AI in cybercrime continues to accelerate, with a sharp uptick in the volume and complexity of deepfake scams and AI-driven phishing attacks. AI can create hyper-realistic impersonations, tricking employees and customers into handing over personal information. Interestingly new tools are also coming to market that use AI for cyber defence – for example real time AI powered anomaly detection.  

Supply Chain Vulnerabilities are a growing target 

A third area of concern in 2025 is the rapidly growing problem of supply-chain attacks, where cybercriminals exploit a third-party vulnerability as a deliberate strategy to infiltrate a target organization. There has been a staggering 2,600% rise in supply chain attacks over recent years, so it’s more important than ever for businesses to leverage tools like UpGuard to monitor the attack surface of their supply chain partners.  

Response from the Australian Government  

In response to these escalating cyber threats, the Australian government has introduced new cybersecurity regulations, including the Security of Critical Infrastructure Act, and made amendments to the Privacy Act. In combination with the Notifiable Data Breaches (NDB) scheme, which requires organizations to report significant data breaches to affected individuals and regulatory bodies, these changes are intended to better secure Australians’ data.   

The ACSC also continues to play a crucial role in safeguarding national cybersecurity by providing a range of information and services to Australian businesses, including threat intelligence, incident response support, and cybersecurity guidance. Companies are encouraged to reach out and actively collaborate with the ACSC to enhance their cyber resilience and stay ahead of emerging threats.  

Things will continue to evolve - so it’s important that your cyber security defences are updated regularly too. Here are three key things you can do to improve your security posture for 2025.  

• Assess your supply-chain attack surface. Use a tool like Upguard to assess your key vendors to ensure you are not exposed through your supply chain.  

• Keep investing in Employee Training: the fact is that many breaches come via employees, so it’s critical to keep educating staff about the latest phishing scams and social engineering tactics. 

• Have an Incident Response Plan. Having a robust incident response plan will make a big difference to the speed and effectiveness of your teams' response should the worst happen. Practicing via simulations is even better.  

Deepend specialise in customer-facing technologies and have extensive experience helping our clients securing their digital assets. Please reach out to our team if you would like to discuss further.