cyber daily logo

Breaking news and updates daily. Subscribe to our Newsletter

Breaking news and updates daily. Subscribe to our Newsletter X facebook linkedin Instagram Instagram

Only 27% of Australian businesses report cyber attacks

A massive majority of Australian organisations withhold news that they suffer from a cyber attack, according to new research by Cloudflare.

user icon Daniel Croft
Tue, 29 Aug 2023
Only 27% of Aus businesses report cyber attacks
expand image

Despite a massive 76 per cent of respondents saying they had suffered a cyber attack in the last year, only 27 per cent revealed incidents to the authorities.

The Office of the Australian Information Commissioner (OAIC) states that organisations must notify affected individuals and the OAIC in the event of an eligible data breach, being one that leads to personal data being lost or accessed or disclosed without authorisation, could result in serious harm or when the affected organisation is unable to prevent the risk of serious harm, under the Notifiable Data Breach scheme.

In addition, 37 per cent of Australian organisations said they suffered over 10 security breaches or incidents in the last year, while only 43 per cent said that in the event of an attack, they were highly prepared to prevent it.


Organisations that suffer data breaches have obvious reasons for wanting to keep a breach quiet. A breach has the potential to massively harm a company’s reputation, as it points out flaws in their systems.

There are also drastic financial burdens that follow. Cloudflare found that just under half (49 per cent) of respondents reported a financial impact of $1.5 million or more, while 25 per cent of small businesses had suffered impacts of at least $3 million.

On top of the cost of remediation and improving security systems, organisations could be subject to fines as high as $50 million; 30 per cent of adjusted turnover for the period; or three times the financial gain from the misuse of data in the case out outstandingly shocking breaches.

A separate survey run by Artic Wolf on the same topic found that there were five distinct reasons that organisations hesitate to disclose breaches, including fear of reputational damage, fear of internal repercussions, and fear of insurance policy changes.

Head of ANZ for Cloudflare Raymond Maisano has concluded that the findings suggest that Australian organisations need to do more to ensure they are more prepared for future attacks, which are more or less inevitable.

“Preparedness is key, but when it comes to deploying cyber security solutions, we’re finding less is more and efforts need to be directed into streamlining the security architecture to improve cyber security outcomes,” said Maisano.

“The increasingly complex threat environment paired with the industry-wide talent crunch needs to be met with a strong security culture that empowers business leaders, boards, and the rest of the company to proactively build their awareness and approach cyber security holistically.”

Daniel Croft

Daniel Croft

Born in the heart of Western Sydney, Daniel Croft is a passionate journalist with an understanding for and experience writing in the technology space. Having studied at Macquarie University, he joined Momentum Media in 2022, writing across a number of publications including Australian Aviation, Cyber Security Connect and Defence Connect. Outside of writing, Daniel has a keen interest in music, and spends his time playing in bands around Sydney.

cd intro podcast

Introducing Cyber Daily, the new name for Cyber Security Connect

Click here to learn all about it
cyber daily subscribe
Be the first to hear the latest developments in the cyber industry.