Kapil Kukreja

Australian businesses are facing a perfect storm of cybersecurity threats, as the rapid adoption of artificial intelligence (AI), ongoing credential-based attacks, and inconsistent governance combine to expose critical vulnerabilities in businesses, according to Kapil Kukreja, partner, HLB Mann Judd Melbourne.

Last year Australians reported a total of $2.3 billion in losses due to scams. Mr Kukreja says businesses can no longer afford to treat cyber risk as a back-office function.

“Cybersecurity is now a strategic issue. Between the rise of AI, increasing attack frequency, and gaps in governance, businesses are exposed on multiple fronts, with many still overlooking basic protections.”

HLB International’s Cybersecurity Report released in 2024 found that 39 per cent of businesses reported a rise in the number of attacks, with a further 29 per cent experiencing more severe consequences from cyberattacks in the past year.

Despite this, many businesses still underinvest in security measures with only 29 per cent implementing AI-related security and governance controls, and just a quarter (24 per cent) running ongoing cyber awareness training.

“Many organisations are still approaching cybersecurity as a one-off investment rather than a continuous, evolving discipline. The growing sophistication of cyber threats demands not only smarter technologies, but a proactive mindset, embedding security into every layer of the business,” says Mr Kukreja.

He said the recent cyberattack on multiple Australian organisations highlights the urgency of strengthening basic cyber hygiene across all sectors and sizes of business.

“One of them wasn’t a sophisticated hack, it relied on previously leaked passwords and weak access controls. It’s a warning that the fundamentals still aren’t being done well enough,” he said.

According to the HLB survey, 64 per cent of businesses now consider cybersecurity a major strategic priority, but there remains a clear gap between intent and action.

“The threat landscape is evolving rapidly, and businesses must evolve with it – including governance, operations, technology, and culture. Boards, executives, IT leaders and staff all have a role to play. Cybersecurity is no longer optional. It’s foundational to business continuity, reputation, and trust. The organisations that act now will be far better positioned for the future.”

Mr Kukreja outlined key recommendations for businesses looking to strengthen their systems:

• Audit AI usage and ensure any adoption is supported by governance frameworks. As businesses increasingly integrate AI tools into operations, it’s essential to understand how and where AI is being used. Regular audits can uncover risks, ensure compliance with data and privacy laws, and confirm that AI usage aligns with ethical and security standards. Robust governance frameworks should guide AI deployment to avoid unintended consequences and vulnerabilities.
• Increase training frequency – not just annually or post-incident, but ongoing. Cybersecurity awareness training should be part of the business, not a checkbox exercise. Continuous education through monthly updates, phishing simulations, or microlearning modules, helps staff stay alert to evolving threats and reduces the likelihood of human error, which remains a top vector for breaches.
• Understand third-party risks especially vendors with access to business systems. Suppliers, contractors, and software providers can inadvertently introduce vulnerabilities. Conduct regular assessments of third-party security practices, ensure contracts include cybersecurity obligations, and limit access based on the principle of least privilege to reduce exposure to external threats.
• Keep systems patched and updated to prevent known vulnerabilities being exploited.Many cyberattacks exploit known flaws for which fixes already exist. Timely patching of software, operating systems, and firmware is one of the most effective ways to shut the door on attackers and maintain strong baseline security.
• Test incident response plans regularly to minimise disruption and recovery time. Having a plan isn’t enough, it must be tested under realistic conditions. Regular tabletop exercises and simulations help ensure everyone knows their role, uncover gaps in the plan, and improve the speed and effectiveness of responses when a real incident occurs.

The post AI, cyber threats, and operational risk: businesses must update mindset on managing cyber risk appeared first on AdviserVoice.

Kapil Kukreja

Less than one in five leaders in information technology have ongoing cybersecurity awareness programmes in place, while just a quarter invest in annual cyber training, according to the 2023 HLB Cybersecurity Report.

The fourth edition of the report – released during the Federal Government’s Cyber Security Awareness Month – surveyed 750 senior IT professionals globally. It provides a snapshot of the current cyber-threat landscape and highlights the key actions leaders have taken since 2020 to become cyber-resilient.

The report found 50 per cent of business leaders saw an increase in cyber-attacks over the past 12 months, with another 35 per cent indicating the attack levels stayed the same as last year. Cyber-attack frequency and sophistication continue to increase proportionally to organisations’ digitisation efforts, with an estimated 1248 attacks per week worldwide.

62 per cent of leaders expect cybersecurity risks to become even more prominent over the coming five years, with the democratisation of malicious software, the rapid pace of digital transformation, ongoing geopolitical conflicts, and economic uncertainty combining to create the perfect environment for hackers.

HLB Mann Judd Melbourne partner, Kapil Kukreja, said the report findings are a stark reminder that many organisations remain unprepared for the financial and reputational impacts of a cyber breach.

“Australia has unfortunately recorded a number of very high-profile cybersecurity breaches in recent years, including Canva, Optus, Medibank and Latitude Financial Services. These four companies are across four different sectors, and are just the tip of the iceberg in terms of total number of companies subjected to a breach.

“All businesses – irrespective or size, sector or structure – need to be sufficiently prepared and ensure processes are watertight, appropriate budgeting is allocated, and staff and management are routinely trained in best-practice cyber techniques.

“Business owners, company boards and senior executives are ultimately accountable, but everyone has a role to play in safeguarding operations against an attack, which are becoming more prevalent, despite increased awareness,” he said.

An emerging trend observed in the findings is the impact artificial intelligence (AI) will have on operations, with 47 per cent of IT professionals surveyed indicating they are concerned about AI-related attacks and have implemented corresponding defence strategies.

One third of respondents (34 per cent) said they are aware of a variety of AI-enabled security tools in the market, however they are yet to explore the option of deploying them. Further, 89 per cent of leaders are concerned with the current pace of technological innovation, particularly in generative AI, and the potential increase in cyber-related risk, of which 34 per cent are very concerned.

“AI is an exciting development for businesses, including our own, however as with all untested advances, organisations can achieve the best security outcomes by combining technological innovations with ongoing investments in people and processes.

“Cybersecurity automation solutions can help organisations respond faster to data breach events, but exclusively relying on machines to prevent an attack could have disastrous consequences,” said Mr Kukreja.

The post Cyber awareness improves while accountability lags appeared first on AdviserVoice.

Josh Chye

Interest from foreign investors in Australian property, including residential, remains strong despite the impact of lockdowns and property tax rates, according to HLB Mann Judd Melbourne partner, Josh Chye.

Mr Chye said demand from markets including Singapore, Hong Kong and Malaysia remains strong and, if anything, has been increasing

“New enquiries from mainland Chinese investors have scaled back significantly but other parts of the Asia Pacific region, including Singapore and Hong Kong, are consistently strong and Australia remains an attractive jurisdiction despite the relatively high taxation rates.

“This provides strong support of Australia’s property market despite concerns about rising interest rates or an economic downturn,” Mr Chye said.

Australia has one of the highest – if not the highest – rates of taxation in the region, at both the individual and corporate level. As a comparison, Australia’s personal tax rate of 47 per cent is more than double of Singapore’s rate of 22 per cent almost triple the rate of Hong Kong’s rate of 17 per cent.

“We also have higher than average tax costs for foreign buyers of real estate than our global neighbours, including on land tax. This has increased consistently over the past seven to ten years at both the state and Federal level, and the additional impost is a burden for foreign investors in real estate.

“This has created some concern and frustration among these buyers as there has been limited industry consultation on the tax increases. When these buyers look to acquire a project, the numbers they put in might change and the costs for stamp duty or land tax may significantly – and unexpectedly – increase,” he said.

“While the high tax rates are a consideration for many foreign buyers, this is balanced by the fact that Australia remains a stable jurisdiction for real estate investors. Price growth, particularly in Sydney and Melbourne, has also driven interest from foreign buyers.

“However, if there continues to be a trend of continued tax increases or removing of tax concessions solely focused on foreign investors, this will no doubt hurt Australia’s reputation and standing as a stable jurisdiction for foreign investors into Australia and other markets such as United States, Canada and the United Kingdom will increasingly look more attractive as also alternative destinations for real estate investments.”

“Prices have increased significantly over the last 18 months and there’s still no doubt Australia and its major cities are a huge attraction for foreign investors whether it be for business or personal reasons.

“The recent harsh lockdown restrictions in China have created more interest in investing here. The key challenge is not the desire but the ability for foreign capital to be physically transferred here, as certain countries have tightened their controls around money leaving the country,” he said.

Mr Chye said the current uncertainty in global markets is also unlikely to dampen interest in Australia property assets.

“Inflation and interest rates increases are common across the globe so if rates go up, it will put pricing pressure on property, however the demand will still be there.

“The pricing pressure will be global so from that perspective, it should not detract from investors looking to acquire Australian property assets,” he said.

The post Foreign buyers continue to hunt for local property appeared first on AdviserVoice.