The Race to Adapt: Fastly research reveals Australian and New Zealand businesses lost almost 10% of their revenue from cyberattacks in the last year

Sean Leach, Chief Product Architect, Fastly

Organisations take an average of up to seven months to recover from the negative effects of security breaches, which include customer account compromises, and large-scale data loss.

Fastly, Inc. (NYSE: FSLY), a leader in global edge cloud platforms, has today launched its new annual global cybersecurity report which uncovered the staggering impacts of cyberattacks on leading businesses across the globe, with each of these in Australia and New Zealand suffering an average of 49 known cyberattacks this year.

The Australian and New Zealand data also reveals the hugely damaging financial effects of security breaches, with businesses losing nine percent of their revenue over the last 12 months as a direct result of the cyberattacks they have suffered. However, financial damage is not the only result of cyberattacks. Australian and New Zealand businesses also highlighted network outages (33%), data loss (26%), customer/client accounts being compromised (25%) and loss of customer/client trust (25%) as the most common damages caused by security breaches.

Sean Leach, Vice President Technology, Fastly, said, “While the immediate results of a cyberattack can be extremely damaging, what really hits businesses hard is the time it takes them to recover from these. On average, it will take businesses around the world 7.5 months to recover from the loss of client trust as a result of a cyberattack. That is highly sobering for organisations which cannot afford to lose business in today’s economic climate. Once trust is broken, it’s very difficult to recover. This means a single cyberattack – particularly one resulting in a customer data breach – will have long-term impacts on the business that suffers it. During an uncertain economy, the long-term financial consequences of suffering a security breach cannot be ignored.”

In Australia and New Zealand over the next 12 months, 37% of respondents said that an increasingly sophisticated threat landscape would be the main driver of cybersecurity threats.  This was followed by lack of talent and the emergence of generative AI technology (both 36%).

In recognition of the financial implications of not having the correct security infrastructure in place, businesses are re-evaluating their investments, with 76% planning to increase their cybersecurity budgets in the next year. Despite this increase, uncertainty continues to reign in security teams, with 43% of security professionals feeling they spent too much on cybersecurity tools in the last 12 months, compared to 18% who feel they did not spend enough.

Representative of this conflicted spending strategy is the fact that only 47% of security tools are being fully deployed, representing significant money left on the table in the fight against cyber criminals. On average, Australian and New Zealand organisations rely on seven different network and application cybersecurity solutions.

The diminishing talent pool in security is also causing issues for today’s cybersecurity leaders. In fact, 28% of cybersecurity professionals estimate that security issues in the last 12 months were caused by the talent shortage, with 32% predicting this will continue in the next 12 months. Accordingly, over the past year, 53% of businesses have increased their talent-specific budgets to solve the problems presented by the existing talent pool.

A lack of experience dealing with threats (39%), an inability to work at scale (38%), and a lack of necessary skills (37%), are cited by security professionals to be the core challenges facing the talent pool, which have significantly complicated the hiring process.

One potential solution to these challenges is Generative AI with 61% of security professionals planning to invest in it over the next two years.

Generative AI is also the top security priority for businesses over the next 12 months, with 36% focusing on AI security. This increased prioritisation comes as a result of the double-edged sword Generative AI presents. On one hand, it is predicted to be the third most prevalent cyber security threat driver in the next year, but on the other, in the same time period 83% of cybersecurity professionals estimate Generative AI’s impact will be positive.

Indeed, 44% of respondents cite that Generative AI will unlock new opportunities with 43% indicating that it will allow managers to ensure that colleagues are trained in the fundamentals of cybersecurity and more than one in three (34%) indicate it will encourage innovation.

Finally, the survey found that making cybersecurity more accessible (41%), defining approaches to new threats (38%), and improving cyber security skills through training and talent acquisition (33%) will be the main security priorities over the next year.  This should help company cyber security strategies contribute more effectively to successful enterprise-wide innovation with the survey finding that half of all respondents cite their cybersecurity strategy as hampering business innovation in 2023.

Despite now prioritising the resolution of challenges related to the talent pool for the last two years, many businesses continue to try to address these by simply spending more,” said Leach. “While this strategy can help businesses to secure the top talent, it ignores the technological developments – and alternative solutions – that can help security teams overcome their personnel challenges. Among these, we’ve seen that Managed Security Services (MSS) and Generative AI have been particular focus areas as businesses look to reduce the toil for their in-house security teams by taking time-consuming work off their hands to increase productivity, unlock new opportunities for innovation and ensure businesses are better protected across their attack surface.”

To read the full report and understand how Australian and New Zealand businesses can help protect themselves within the constantly-evolving threat landscape, visit