According to the report, 99 per cent of Australian organisations have already integrated or expect to integrate AI models or AI agents into their identity infrastructure. At the same time, 98 per cent of local security leaders ranked identity-based threats as their foremost concern — the highest proportion recorded across all surveyed countries. The findings reflect growing awareness that compromised AI agents may provide direct access to sensitive systems at greater scale and speed than traditional identity compromises.
The study also shows that Australian organisations experienced the highest rate of ransomware attacks globally in the past 12 months, at 35 per cent. Despite repeated public warnings, 95 per cent of affected organisations reported paying ransoms to recover systems or halt attacks. Only Singapore recorded a higher payment rate. Cybersecurity analysts note that ransom payments continue to incentivise threat actors and undermine long-term resilience.
The report found that recovery times remain prolonged even among organisations that pay. No Australian respondent said they were able to restore normal operations within an hour of a ransomware incident, while almost a quarter reported recovery timelines exceeding 24 hours. A third of respondents believe a full recovery would take at least a week. Rebuilding identity infrastructure post-compromise was identified as a significant challenge, with 78 per cent estimating that it would take more than 24 hours.
Despite these risks, the research indicates that Australian organisations are moving to strengthen identity resilience. Ninety-two per cent plan to hire specialised staff focused on digital identity management, and Australia recorded the highest shift globally toward cloud and SaaS-based identity services, at 88 per cent.
The report suggests that while Australia is embracing AI-driven innovation, investment in corresponding security controls has not kept pace. Identity protection, monitoring of AI-driven system changes and safeguards against automated errors were highlighted as critical capabilities needed to mitigate the next wave of identity-based attacks.