Nano Solutions
Book a Free Discovery Call

Cybersecurity in Australia: Key Insights from FY2023-24

Petr Cervenka Petr Cervenka
cybersecurity business-tips
Cybersecurity in Australia: Key Insights from FY2023-24

The Australian Signals Directorate (ASD) has released its annual 📊review, highlighting significant trends, challenges, and achievements in safeguarding Australia against cyber threats. Here’s what you need to know:

The Threat Landscape

  • Growing Cybercrime Costs:
    • Individuals reported a 17% rise in cybercrime costs, averaging $30,700 per incident.
    • Small businesses faced higher impacts (+8%), while medium and large businesses saw costs decline overall.
  • Top Cyber Threats:
    • For individuals: Identity fraud (26%), online shopping fraud (15%), and online banking fraud (12%).
    • For businesses: Email compromise (20%) and banking-related fraud (26%).
  • Incident Trends:
    • A report of cybercrime was filed every 6 minutes, with ransomware incidents increasing by 3%.
    • Low-level malicious attacks surged by 10%, while severe compromises decreased slightly.

What ASD Achieved

  • Rapid Response: Handled over 1,100 cyber incidents, providing critical assistance to impacted entities.
  • Blocking Malicious Activity:
    • 82M malicious domains blocked (+21%).
    • Over 189,000 malicious domains targeting Australian servers removed (+49%).
  • Strengthened Collaboration:
    • Cyber Threat Intelligence Sharing grew by 66% to over 400 partners, sharing 1.37M indicators of compromise.
    • Conducted 16 cyber exercises with 130+ organisations to enhance resilience.
  • Awareness & Guidance: Published 118 alerts and collaborated on 19 international advisories to improve public preparedness.

Critical Infrastructure Protection

  • Notified organisations 90+ times of malicious activity and conducted 42 workshops to improve security.
  • Completed 10 critical infrastructure security uplifts covering 15 key assets.

What This Means for Perth Businesses

The report’s findings carry direct implications for small and medium businesses in Western Australia. With cybercrime costs rising fastest for individuals and small businesses, the message is clear: no organisation is too small to be targeted.

Perth businesses operating in mining services, logistics, and professional services are particularly exposed. These industries rely heavily on email communication, cloud-based tools, and third-party integrations — all of which expand the attack surface. A single email compromise can lead to fraudulent invoices, unauthorised fund transfers, or the exposure of sensitive client data.

Practical Steps You Can Take Now

You do not need an enterprise-level security budget to meaningfully reduce your risk. Here are actions any Perth business can implement:

  • Enable multi-factor authentication (MFA) on all business email and cloud accounts. MFA alone blocks the vast majority of automated credential attacks.
  • Implement the ASD Essential Eight — a set of baseline mitigation strategies designed specifically for Australian organisations. Start with application patching, restricting admin privileges, and configuring Microsoft Office macro settings.
  • Conduct regular phishing awareness training. Human error remains the leading cause of email compromise. Even a short quarterly session can dramatically improve your team’s ability to spot suspicious messages.
  • Review your backup strategy. Ransomware attacks increased by 3% this year. Ensure you have offline or immutable backups that cannot be encrypted by an attacker who gains access to your network.
  • Engage a local IT partner for a security review. An external assessment can identify blind spots that internal teams overlook, particularly around firewall configurations, outdated software, and access controls.

Compliance Is Becoming Non-Negotiable

The Australian Government continues to tighten cybersecurity obligations, particularly for businesses that handle personal information or operate in critical infrastructure sectors. The Privacy Act reforms and the Security of Critical Infrastructure Act (SOCI) are raising the bar for what constitutes adequate security. Businesses that fall short risk not only breaches but also regulatory penalties.

Small Business Is Not a Shield

One of the most dangerous assumptions a business can make is that its size makes it an unlikely target. The ASD data tells a different story. Cybercriminals increasingly use automated tools that scan for vulnerabilities indiscriminately — they do not check your revenue before launching an attack. Small businesses often have weaker defences and fewer resources to recover, making them attractive targets for opportunistic attackers. The average cost of $30,700 per incident can be devastating for a business with limited reserves.

How Nano Solutions Can Help

At Nano Solutions, we help Perth businesses build resilient infrastructure through automated patch management, security configuration enforcement, and ongoing cloud monitoring — using tools like Ansible to ensure your systems stay hardened and compliant. If the ASD report has prompted you to reassess your security posture, we are here to help.

Explore our cloud compliance solutions and secure code review services to get started.

Stay vigilant. Stay secure.

If you are reviewing your own security posture in light of these figures, Nano Solutions provides application security services including secure code review, penetration testing, and Essential Eight uplift, plus cloud security and cloud compliance solutions for Perth and Australian businesses. Get in touch for a scoping conversation.

Petr Cervenka

Petr Cervenka

Petr is the founder and lead developer at Nano Solutions, a Perth-based custom software firm. With over a decade of experience building enterprise platforms for government and private sector clients, he leads delivery of complex projects across Australia.

Connect on LinkedIn