Cyber Maturity: Are Aussie Businesses Lagging Behind?

In today’s digital landscape, you’d expect businesses to be cyber-ready. Yet, a recent report by Commvault and GigaOm shows cyber maturity is still a significant hurdle.

The 2024 Cyber Recovery Readiness Report surveyed 1,000 IT pros worldwide and found only 13% of businesses are cyber mature. These companies, which deploy key resiliency markers, recover from attacks 41% faster and have fewer breaches. This reveals a stark contrast in the preparedness levels between cyber mature organisations and those still struggling to keep up with evolving cyber threats.

Key Resiliency Markers:

  1. Early Warning Security Tools: Crucial for detecting insider risks and potential threats early, these tools serve as the first line of defence.
  2. Known-Clean Dark Sites: Secondary systems that ensure operations can continue seamlessly, even when primary systems are compromised.
  3. Immutable Data Storage: Secure environments that store data in a way that prevents alteration or deletion, ensuring data integrity during a cyberattack.
  4. Defined Incident Response Plans: Clearly outlined roles, processes, and runbooks that guide organisations through a structured response to cyber incidents.
  5. Cyber Recovery Readiness Measures: Regular testing and validation of recovery plans to ensure they are effective and up-to-date.

Despite these clear benefits, many businesses still lag behind in implementing these measures. The report highlights the importance of layered resilience and calls for businesses to avoid cutting corners if they wish to stay ahead of cyber threats.

Chris Ray, a cybersecurity analyst at GigaOm, emphasises that a comprehensive approach to cyber preparedness is crucial. He notes that businesses integrating multiple layers of resilience are better positioned to withstand and recover from cyberattacks. This holistic approach involves not just technological solutions but also strategic planning and continuous improvement.

The Australian Context

In Australia, the situation is particularly pressing as cyber threats continue to grow in sophistication and frequency. Australian businesses must recognise that cyber maturity is not a one-time achievement but an ongoing process. Investing in cyber resilience not only protects business operations but also builds trust with customers and stakeholders.

The report suggests that many organisations are still reactive rather than proactive in their cybersecurity efforts. This reactive stance often leads to higher recovery costs and more significant business disruptions. To shift towards a more proactive posture, businesses should prioritise regular cyber resilience assessments and training for their staff.


The journey to cyber maturity is not just about implementing the latest technologies but also about adopting a holistic and layered approach to cybersecurity. With the increasing complexity and frequency of cyber threats, businesses must prioritise their cyber resilience efforts to safeguard their operations and data. This commitment to ongoing improvement and preparedness will enable organisations to not only survive but thrive in the face of cyber adversity.

For more insights, check out the full report here.