The Australian Signals Directorate's (ASD) Annual Cyber Threat Report 2024-25 delivers a clear warning: the cyber threat landscape is intensifying, and no organisation is immune. For IT leaders navigating budget discussions, resource constraints, and competing priorities, this report provides the evidence needed to make the case for stronger cyber defences.
Let's break down what the numbers mean and how your organisation can respond effectively.
Key Statistics from the ASD Report
The 2024-25 financial year painted a concerning picture of Australia's cybersecurity environment:
- 1,200+ cybersecurity incidents responded to by ASD's Australian Cyber Security Centre (ACSC)—an 11% increase year-on-year.
- 84,700 cybercrime reports received—one every six minutes.
- 1,700+ proactive notifications sent to organisations about malicious activity—an 83% increase.
- 138 ransomware incidents handled, with 39% discovered by ACSC rather than the victims themselves.
- $80,850 average cost of cybercrime for businesses—a 50% increase.
- $33,000 average cost to individuals—up 8%.
- 111% surge in attacks targeting critical infrastructure.
- 95% success rate for attackers targeting healthcare and social assistance sectors (compared to 52% across all sectors).
- Ransomware incidents against healthcare doubled in the reporting period.
- 42% of critical incidents involved compromised credentials.
- Ransomware accounted for 11% of all cyber incidents.
- 35% of ransomware victims had their data posted online.
- Identity fraud remained the top-reported cybercrime, increasing by 8%.
- State-sponsored actors are pre-positioning in networks for potential future disruptions.
What this means and how Professional Advantage can help
You're Likely Already Compromised. You Just Don't Know It.
The fact that ACSC discovered 39% of ransomware incidents before the affected organisations did is perhaps the most troubling statistic in the report. This visibility gap means many organisations are operating with a dangerous blind spot. Attackers are already in your networks, moving laterally, escalating privileges, and exfiltrating data while your security tools remain silent. The average dwell time for sophisticated attackers can stretch into months or even years.
How Professional Advantage assists: We implement comprehensive Security Information and Event Management (SIEM) solutions that give you visibility across your entire infrastructure. This includes centralised logging, Security Orchestration, Automation, and Response (SOAR) capabilities, and continuous monitoring that identifies anomalous behaviour before it becomes a breach. We correctly configure detection rules, tune out false positives, and establish workflows that enable your team to respond to genuine threats.
The Cost of Incidents is Accelerating Faster than Budgets
The 50% increase in average incident costs (now $80,850 per business incident) should grab the attention of every CFO. This does not include reputational damage, customer churn, regulatory penalties, or productivity losses during recovery. With attack frequency also increasing, the financial risk is compounding.
How Professional Advantage assists: We help you build the business case for preventative security investment by conducting risk assessments that quantify your exposure. Our approach to implementing layered defences—from the Essential Eight through to sensitive data discovery and advanced threat detection—is designed to significantly reduce both the likelihood and impact of incidents, delivering clear ROI compared to incident response and recovery costs.
Legacy Systems are Your Achilles' Heel
The report explicitly warns about the high costs of remediating incidents involving legacy IT systems. Many organisations run critical business functions on infrastructure that cannot support modern security controls, lacks adequate logging, and cannot be easily patched.
How Professional Advantage assists: We specialise in legacy system modernisation strategies that balance security improvements with operational continuity. We will assess which systems pose the highest risk, develop secure migration paths to modern platforms, integrate contemporary security controls with existing infrastructure where immediate replacement is not feasible, and implement compensating controls during transition periods.
Critical Infrastructure is Under Sustained Attack
The 111% increase in attacks on critical infrastructure, combined with the healthcare sector's alarming 95% success rate among attackers, indicates that defensive measures in these sectors are failing. If your organisation operates in or depends on healthcare, financial services, telecommunications, transport, or education, you face disproportionately high threats.
How Professional Advantage assists: We bring sector-specific expertise in protecting critical infrastructure, understanding the unique operational requirements and constraints you face. Our approach includes implementing the Essential Eight at higher maturity levels, deploying industry-appropriate security frameworks, establishing threat intelligence programs focused on sector-specific threat actors, and ensuring security controls do not disrupt critical operations.
Credentials are the Keys to Your Kingdom
With compromised credentials involved in 42% of critical incidents, the traditional username-and-password model is fundamentally broken. Attackers have industrialised credential compromise through phishing, password spraying, credential stuffing, and harvesting from third-party breaches.
How Professional Advantage assists: We implement phishing-resistant multi-factor authentication and modern identity and access management solutions. This includes privileged access management systems that control administrative access, identity governance programs that ensure appropriate provisioning and de-provisioning, passwordless authentication where applicable, and credential exposure monitoring that alerts you to compromised credentials before attackers can exploit them.
Supply Chain Risk is Expanding Your Attack Surface
The report's emphasis on supply chain security reflects what many IT leaders are experiencing: your security perimeter now extends far beyond your own infrastructure. Every vendor, partner, and service provider with access to your systems or data represents a potential entry point for attackers.
The challenge is that you often have limited visibility into and control over the security practices of third parties. You are trusting that they are implementing adequate controls, but how many of your vendors could answer detailed questions about their security posture? How quickly would you know if one of them had been compromised?
How Professional Advantage assists: We provide comprehensive supply chain security solutions, including vendor risk assessment frameworks, security audits of critical suppliers, technical controls for third-party access, continuous monitoring of supplier security postures, and contractual requirements that hold vendors accountable. We help you understand and manage the extended attack surface that comes with digital transformation and interconnected business ecosystems.
State-Sponsored Actors are Playing the Long Game
While ransomware grabs headlines with its immediate impact, state-sponsored espionage poses a distinct threat that IT leaders must be aware of. Groups like APT40 are not looking for quick financial gain. They are conducting long-term intelligence collection and pre-positioning for potential future disruptions.
These sophisticated actors use "living off the land" techniques, leveraging legitimate administrative tools and processes that are already in your environment. They are patient, methodical, and complicated to detect with traditional security tools. The compromise might have happened months or years ago, and the consequences might not materialise until a geopolitical crisis or critical moment.
How Professional Advantage assists: We implement advanced threat hunting capabilities that look for the subtle indicators of sophisticated adversaries. This includes behavioural analytics that identify anomalous use of legitimate tools, threat intelligence integration focused on state-sponsored tactics and techniques, enhanced logging of administrative activities, and proactive security assessments that identify potential pre-positioning before it can be exploited.
The "When, Not If" Reality Requires a Mindset Shift
Perfect security is impossible, and every organisation will eventually face a significant incident. The differentiator between organisations that survive and those that suffer catastrophic damage is preparation. This means tested incident response plans, isolated and verified backups, and predetermined crisis management frameworks.
How Professional Advantage assists: We develop comprehensive business continuity and incident response capabilities that go beyond documentation. This includes tailored incident response plans, regular tabletop exercises and , crisis management frameworks for effective decision-making under pressure, robust backup and recovery solutions, and support for meeting mandatory ransomware reporting obligations under the new regulatory regime.
Taking Action
The ASD Annual Cyber Threat Report makes clear that the threat landscape is intensifying and the cost of inaction is rising. For IT leaders, this is not just a technology challenge. It's a business imperative that requires investment, commitment, and strategic thinking.
Professional Advantage understands that every organisation faces unique challenges, constraints, and risk profiles. We do not believe in one-size-fits-all solutions. Instead, we work with you to understand your specific situation and develop practical, achievable strategies for strengthening your cyber defences.
The organisations that will thrive in this environment are those that take proactive action before they are forced to respond to an incident. Don't wait for a breach to expose vulnerabilities in your defences. Contact Professional Advantage today to schedule a comprehensive cybersecurity assessment and develop a roadmap for resilience.
