Australian businesses are more actively improving their cybersecurity infrastructure to defend against potential attacks, according to findings of a recent survey by leading software research site, Capterra.

The findings show that one-third (33%) of the respondents have experienced security breaches in 2023 amid recent notable data breaches occurring at Optus and Medibank. 

“The survey presents us an overall picture of cybersecurity’s increasing trend in Australia. The increase of investment in AI-driven solutions should come together with a growing consciousness to alleviate weak password practices,” Capterra research analyst, Laura Burgess said.

“As cybersecurity threats continue, businesses are encouraged to adopt a multi-faceted approach. A combination of IT security investment, workforce education and strong security policies would help ensure an improved defence against these risks.”

The biggest concern points towards advanced email phishing attacks, with 51% alarmed by the vulnerability of companies and their employees to this threat. Organisations are encouraged to prioritise awareness and defences against email phishing. Other security concerns include advanced ransomware attacks (37%), AI-enhanced attacks (36%), business email compromise (28%), and software supply chain attacks (23%). 

In response to the progression of these threats, more than half (58%) of Australian businesses reported an increase in IT security spending in 2023 compared to 2022.

Adopting AI technologies as a cybersecurity solution shows an ongoing development, with close to two-thirds (65%) of companies allocating part of their IT budget to AI-driven cybersecurity measures. With AI making its mark in the latest technologies, this shift indicates how companies recognise its potential to safeguard information.

Major factors influencing companies’ drive to invest more in AI-driven solutions include phishing and social engineering attacks. Almost half (42%) of respondents indicated these specific threats as the main reasons in their decision-making process to improve their cybersecurity infrastructure. 

While there’s an increasing trend in cybersecurity technology adoption, potential exposure to threats is presented by weak password practices. It remains a persisting challenge as almost half (45%) of respondents use the same password for multiple software or accounts.

The risk of exposure is heightened for employees working remotely, as their personal network may have a different level of security compared to the corporate domain. Awareness through cybersecurity training is emphasised to comprehensively address this risk, with only 36% stating they raised security concerns with their IT department.