According to Gartner, this represents a year-on-year increase of approximately 9–10%, highlighting how cybersecurity is becoming a core business priority rather than a purely technical function.
The increase in spending comes as organisations face a more complex and rapidly evolving threat landscape.
Cybercriminal activity in Australia continues to rise, with businesses dealing with:
More frequent ransomware attacks
Sophisticated phishing campaigns
Increasing exploitation of cloud and identity systems
At the same time, the emergence of AI-driven cyber threats is forcing organisations to rethink traditional security approaches, as attackers adopt automation and advanced techniques to scale attacks more effectively.
This combination of factors is pushing cybersecurity higher up the agenda for executive teams and boards.
The projected growth in spending reflects a broader shift in how cybersecurity is viewed across Australian organisations.
Rather than being treated as an IT issue, cybersecurity is increasingly recognised as a business-critical risk, with implications for; operational continuity, regulatory compliance, brand reputation, and financial performance.
As a result, organisations are investing not only in tools and technologies, but also in; risk management frameworks, incident response capabilities, and security awareness and training.
Gartner’s forecast suggests that spending growth will be concentrated in several key areas:
Cloud Security
As organisations continue migrating systems to the cloud, securing cloud environments and managing access control remains a priority.
Identity and Access Management
With identity becoming a primary attack vector, investment in authentication, identity governance and zero-trust frameworks is increasing.
Security Services
Many organisations are turning to managed security providers to address capability gaps and respond to the ongoing shortage of cyber talent.
AI and Automation
Security teams are beginning to adopt AI tools themselves, using automation to detect and respond to threats more efficiently.
Despite increased investment, a shortage of skilled cybersecurity professionals remains a major challenge in Australia.
This talent gap is driving demand for, managed services, automation tools, and simplified, integrated security platforms. For many organisations, improving cyber resilience is not just about spending more, but about using resources more effectively.
The continued growth in cybersecurity spending reflects a long-term shift in how organisations approach risk.
With digital systems underpinning critical operations across industries, cybersecurity is now seen as a foundational element of business resilience.
As Australia continues to navigate an evolving threat landscape, sustained investment in cybersecurity will be essential to maintaining trust, stability and operational continuity.
ICYMI Australian News: Nearly Half Of Australians Anticipate Military Threat Within Five Years
Continue the conversation LIVE at our UK event next April: The Security Event
Subscribe to The Security Briefing for monthly updates!