Among 200 Australian respondents in a 1,905-person global IT poll, 95% had flagged organizational impact worries, with 70% citing AI-attack troubles.

Based on a Nov–Dec 2025 survey of 1,905 self-identified IT decision-makers at enterprises with at least 1,000 employees in the UK, US, Australia, France, Germany and Italy, on perceptions and self-reported experiences related to cyberwarfare and AI-enabled attacks, a cyber exposure management and security  firm has shared some indicators from the Australian subsample with the media.

​First, among 200 respondents based in Australia, 95% had indicated concern about the impact of cyberwarfare on their organization, and 84% had indicated a belief that state-sponsoref cyber capabilities could instigate a full-scale cyberwar that could cripple critical infrastructure worldwide at the time of the survey.

Second, 72% of Australian respondents had indicated that they considered the cyberwarfare threat to be imminent, and that they had already reported what they classified as an act of cyberwarfare to authorities, while 84% had indicated that their organization had evolved its cyberwarfare readiness posture over the previous three years to strengthen defenses against nation-states, according to the phrasing used in the study.

Other findings

Third, 70% of Australian respondents had indicated that their organization was impacted by an AI-generated or AI-led attack over the 12 months before data collection, the highest proportion reported for any country in this survey cohort. Also:

  • 62% of Australian respondents had indicated that their organization had delayed, stalled or stopped digital transformation projects because of perceived cyberwarfare threats.
  • ​86% of Australian respondents had indicated that cyberwarfare threats increasingly targeted unmanaged or supply chain assets that they considered not visible to traditional security tools.
  • ​66% of Australian respondents had indicated that their organization’s average ransomware payout exceeded its annual cybersecurity budget, based on their self-reported estimates.
  • The report cited an average self-reported cost of a ransomware payment in Australia of US$15,390,000 for 2025, compared with US$8,610,059 in a survey in 2024 (with no guarantee that the underlying samples and methods were strictly comparable year-on-year).
  • A​cross all countries, the report data indicated that 66% of respondents had indicated* that their organization had experienced up to two cybersecurity breaches, and that 52% had indicated that their organization’s average ransomware payout had exceeded its annual cybersecurity budget. (*self-reporting, without independent verification)

​According to Nadir Izrael, CTO and co-founder, Armis, the firm that commissioned the survey, “Cyberwarfare is now a constant condition; attackers are operating at machine speed, while too many organisations are still trying to defend themselves with assumptions and structures built for a very different threat landscape.”