.......................................................................................................................



.......................................................................................................................

STATE OF

THE INDUSTRY 2024

INFO@AUSCYBERNETWORK.AU

Acknowledgement to Country

We acknowledge the Traditional Owners and Custodians of Country throughout Australia and their continuing connection to land, sea and communities. We pay our respect to them, their cultures and their Elders, past and present.

Copyright

© Australian Cyber Network

   

For attribution of this publication (and any material sourced from it) use the following wording: State of the Industry (Cyber Security) 2024, Australian Cyber Network Limited, 2025

For media enquiries:

MEDIA@AUSCYBERNETWORK.AU

Contact Us

Website

Understanding the size, shape and value of the Australian cyber security industry is complex, with different reports offering different methodologies, data sources and interpretations. The State of the Industry 2024 has been created to provide a clear and consistent quantitative picture of Australia’s cyber security industry. It includes all source data and methodology, offering transparency for government, industry, academia and researchers.


This report provides an accurate snapshot of the industry to support informed decisions on the development of cyber security products, services, workforce and investment. It also establishes a baseline to track growth and identify emerging opportunities.


Data was sourced from reputable providers as well as the Australian Cyber Network’s AUCyberscape and AUCyberExplorer platforms, which can be used to generate additional insights. Each data requirement followed a tailored approach, with methodologies varying in complexity. Appendix B outlines the limitations encountered, highlighting the challenges of assessing quantitative aspects of Australia’s sovereign cyber security industry.   


Our goal is to offer a trusted reference point built from publicly available national and international data and published reports and serve as a launchpad for the Australian Cyber Network to provide improved data quality and better visibility of the industry, ultimately supporting policy and initiatives that affect cyber businesses.

OVERVIEW

For general enquiries:

An analysis of publicly sourced data and information on the progress against the first 12 months of the Strategy. It also features an article.

Outlines the composition of Australia’s cyber security workforce and enrolment and completions of vocational and tertiary education. It also features articles from several Australian cyber security companies.

Outlines the composition of Australia’s cyber security industry, overview of state and territory initiatives and an ecosystem map. It also features articles from several Australian cyber security companies.

Outlines the 2024 positioning of Australia’s cyber security sector from national economic value, cybercrime statistics, investment in cyber security and the legislative and regulatory environment. It also features articles from several Australian cyber security companies.

Highlights of the global outlook of the international cyber security market including revenue, cybercrime, workforce and international collaborations.

CHAPTER 5: 

AUSTRALIA'S CYBER SECURITY STRATEGY 2023-2030

05

CHAPTER 4: AUSTRALIA'S CYBER SECURITY WORKFORCE

CHAPTER 2:

AUSTRALIAN CYBER SECURITY YEAR IN REVIEW

CHAPTER 3: AUSTRALIA'S CYBER SECURITY COMPANIES

04

03

02

CHAPTER 1: 

THE GLOBAL OUTLOOK FOR CYBER SECURITY

01

REPORT CONTENTS

AUSTRALIA'S CYBER STARTUP ECOSYSTEM: UNICORN POTENTIAL IF INVESTORS AND CUSTOMERS ALIGN BEHIND HOMEGROWN FOUNDER TALENT

This article presents an assessment of the Australian cyber security startup ecosystem, examining the experiences and structural realities of founders, the availability and flow of investment, access to customers and the role of community in enabling growth. Drawing on qualitative insights and comparative data, it explores how Australia's startup landscape measures up globally, with focused snapshots on international investment trends, the dominance of US funding models and local founder sentiment. The analysis concludes with a set of actionable recommendations to strengthen the ecosystem and position Australian cyber startups for long-term success in an increasingly competitive global market.

A FOUNDERS DIARY: DO NOT TRUST THE KNIGHTS IN SHINING ARMOR 

See the thoughts and reflections of Jon Robertson, Managing Director and Founder of a successful startup, Tarian Cyber, and his advice to startup founders and those thinking about making the jump!   

EXCITEMENT AND LONELINESS: THE JOURNEY OF AN AUSTRALIAN CYBER STARTUP

Information security is essential to Australian national security and prosperity, but it has never been harder to start a sovereign cyber company. This is the story of a two-person boot-strapped cyber startup, trying to make the adoption of artificial intelligence (AI) safe for Australian businesses. 

A CROSS SECTORAL HEALTH ISAC FOR AUSTRALIA

The Australian government has funded the establishment of a Health Sector Information Sharing and Analysis Centre (HS-ISAC) to enhance cyber threat sharing across the healthcare sector. CI-ISAC was awarded the grant and has leveraged its existing capabilities to create a Health Cyber Sharing Network (HCSN) to encourage cyber threat intelligence sharing and build cyber resilience for Healthcare entities and their supply chains.

UNLOCK YOUR POTENTIAL: THE DEFINITIVE GUIDE TO THE BENEFITS OF AN IRAP ASSESSOR CAREER

Are you a cybersecurity professional seeking a challenging and rewarding career path? Becoming an Infosec Registered Assessor Program (IRAP) Assessor could be your next significant step. This role offers not only professional growth and financial stability but also the satisfaction of contributing to Australia's national security. Let's delve into the compelling benefits and how you can embark on this journey.

BEYOND THE SKILLS SHORTAGE: AUSTRALIA'S CYBER WORKFORCE NEEDS REAL CAPABILITY, NOT JUST MORE PEOPLE

The Australian cyber security industry's biggest challenge isn't just a skills shortage - it's the lack of real-world capability testing. To build a truly resilient cyber workforce, we must move beyond recruitment and focus on readiness through testing, training, and preparing teams for real-world threats.

ILLUMINATING THREATS, STRENGTHENING DEFENCESA CASE FOR OSINT'S ROLE IN AUSTRALIA'S CYBER RESILIENCE

Australia’s cyber threat landscape is evolving at pace, shaped by geopolitical tensions, the rapid advancement of generative artificial intelligence (AI), and an increasingly fragmented digital world. The Australian Cyber Security Strategy 2023–2030 sets out a strategic framework to enhance Australia’s cyber resilience, strengthening national defence, industry preparedness, and public-private collaboration to counter evolving threats. Open-source intelligence (OSINT) will play a critical role in building cyber resilience and national security.

BEYOND THE BREACH:

WHY AUSTRALIAN BOARDS MUST PRIORITISE CYBER SECURITY EXPERTISE
The digital transformation of business has created an accelerated challenge for Australian Boards. Cyber-attacks have evolved from simple technical disruptions to sophisticated business threats that can devastate organisations’ operations, reputation, and bottom line. The emergence of AI-powered threats, coupled with escalating geopolitical tensions, has created a perfect storm that demands immediate attention at the highest levels of corporate governance.

CYBER SECURITY AND CYBER FORENSICS
This article will discuss the scientific discipline of Cyber Forensics, its relationship with the cyber security industry and the need for regulation.

ASX 200 CYBER SECURITY MATURITY REPORT
This article highlights the critical baseline of cyber security maturity across the ASX 200, leveraging OSINT-driven data collection to analyse key security indicators, from public-facing assets to security controls like web applicaton firewalls, HTTP security headers and vulnerability disclosure programs. By benchmarking cyber security readiness across industries, this research highlights strengths, gaps, and areas for strategic improvement, helping businesses align with global best practices and strengthen Australia's overall cyber resilience.

HIDING IN PLAIN SIGHT:

HOW RESIDENTIAL PROXIES FUEL CREDENTIAL STUFFING
News of data breaches and high-profile attacks involving account takeovers dominate headlines with alarming frequency, underscoring the evolving cyber security risks facing Australian businesses. As cyber criminals evolve their tactics, Australian businesses are recommended to integrate multi-layered security measures to protect their user accounts.

FEATURE ARTICLES

4th most targeted nation globally

Australia emerged as one of the top five most targeted nations for cyber threats against critical infrastructure, now ranking 4th globally

Average self-reported cost of cybercrime per report for businesses

down 8 per cent

Average self-reported cost of cybercrime per report for individuals

up 17 per cent ($30,700)

Alternate Arrow Circle DownFont Awesome Free 5.0.6 by @fontawesome - http://fontawesome.com License - http://fontawesome.com/license (Icons: CC BY 4.0, Fonts: SIL OFL 1.1, Code: MIT License)
Alternate Arrow Circle UpFont Awesome Free 5.0.6 by @fontawesome - http://fontawesome.com License - http://fontawesome.com/license (Icons: CC BY 4.0, Fonts: SIL OFL 1.1, Code: MIT License)

47 million data breaches

Australia recorded 47 million data breaches in 2024, making it the 11th most affected country globally

6 minutes

On average, a cybercrime report occurs every six minutes, remaining stable compared to 2023

  • Dedicated Roles are forecasted to grow to 79,334, accounting for 41 per cent of the industry workforce
  • Related Roles are forecasted to grow to 114,079, accounting for 59 per cent of the industry workforce

Forecast of 193,413 in 2019

In 2029, the workforce is forecast to rise to 193,413, representing an overall growth of 41 per cent in five years

25 per cent

of the cyber security workforce identify as female, an increase of 8 per cent from 2021

  • 56,080 were identified as Dedicated Roles (41 per cent) of which 20,500 (36 per cent) were identified as Core Roles
  • 81,373 were identified as Related Roles (59 per cent)

137,453 people

were employed in the Australian cyber security workforce, an increase of 9.27 per cent on the previous year

Cybercrime

............................................................

30 per cent

Micro companies (0-4 employees) comprising of 30 per cent

45 per cent

Small companies (5-19 employees) comprise 45 per cent of the industry

67 per cent

of cyber security companies aprovide cyber security products

97 per cent

of companies are Australian owned and operated

302

The cyber security industry comprises of 302 Australian owned and operated companies

increasing from $105 million in 2023

an increase of 9.66% in 2023

Alternate Arrow Circle UpFont Awesome Free 5.0.6 by @fontawesome - http://fontawesome.com License - http://fontawesome.com/license (Icons: CC BY 4.0, Fonts: SIL OFL 1.1, Code: MIT License)
Alternate Arrow Circle UpFont Awesome Free 5.0.6 by @fontawesome - http://fontawesome.com License - http://fontawesome.com/license (Icons: CC BY 4.0, Fonts: SIL OFL 1.1, Code: MIT License)

$348 million

Cyber security founders raised $348 million in private investment

$9.99 billion

Cyber security sectory generated an estimated Gross Value Add (GVA) of $9.99 billion in 2024

$6.13 billion

Cyber security revenue was estimated at a value of $6.13 billion in 2024

Workforce

............................................................

Industry Growth

............................................................

Economic Growth

............................................................

KEY INSIGHTS

Access the State of the Industry 2024 Report.

READ THE REPORT IN FULL