Skip to content

Australian mid-market on high alert against cyber threat

Three out of five medium sized businesses have experienced a cyber-attack or cyber incident, according to new research from business management platform MYOB. This rose to 81% for respondents in finance and insurance, 68% in wholesale and 62% in the business, professional and property industry.  

The survey of 500 mid-sized Australian businesses (20-500 FTEs and $5 million+ revenue) found 83% of respondents have undergone a cyber security upgrade or cyber training in the last two years, and 84% say they feel prepared for a cyber event or attack. 

Peter Wolski, Head of Information and Cyber Security at MYOB, said while it’s encouraging to see a high percentage undergoing cyber upgrades and training, there is a risk this could lull mid-sized businesses into a false sense of security.  

“Cyber security should be top of mind for businesses of all sizes, but the mid-market often represents a tipping point where the threat can become particularly critical,” Peter said. 

“Many in the mid-market are scaling rapidly and may have outgrown the solutions they implemented as a smaller business. As a business grows it also becomes more important to set formal processes and policies in place for all employees to follow. 

“The survey findings suggest that mid-market leaders know the importance of cyber security, and the majority are keeping on top of best security practice, however the threat is very real and while 84% say they feel prepared for a cyber event or attack, businesses shouldn’t get too comfortable, especially as cyber criminals get more sophisticated.” 

Medium businesses (20-199 employees) contribute one fifth (21%) of Australia’s gross domestic product (GDP). According to the Australian Signals Directorate’s Cyber Threat Report 2022-2023, the average cost of cybercrime for medium businesses over that year was $97,200. This is higher than the average reported for small businesses at $46,000 and large businesses at $71,600. The top three cybercrime types for businesses were email compromise, business email compromise fraud and online banking fraud.  

Technology advancements in areas such as Generative AI are also making it easier for cyber criminals to craft more sophisticated messages that might dupe businesses.  

“All the benefits that Gen AI brings in terms of automation and intuitive communication unfortunately also helps those who might be looking for security vulnerabilities. It’s more important than ever to be vigilant, as it’s not as easy to immediately identify scam communications. 

“In addition to increased threats as bad actors improve their technology, businesses are feeling the pinch with costs going up and consumer spending down. The last thing business owners want or need is to be involved in a cyber incident and it’s imperative to stay on top of the security required as a business grows.”  


For further comment or other information please contact: 

Selina Ife

Media Manager


About MYOB

MYOB is a leading business platform with a core purpose of helping more businesses in Australia and New Zealand start, survive and succeed. MYOB delivers end-to-end business, financial and accounting solutions direct to businesses employing between 0 and 1000 employees, alongside a network of accountants, bookkeepers and consultants. For more information visit or follow MYOB on LinkedIn.

About the research 

MYOB’s survey of the mid-market (with fieldwork conducted by Dynata) comprises a nationally representative sample of 593 business owners and senior decision makers in mid-sized businesses (employing 20 – 500 FTEs, $5m+ annual revenue) in Australia. The survey was conducted between 22 March and 15 April 2024. Respondents were sampled randomly from the Dynata online panel and screened to ensure they met the qualifying criteria. Quotas were maintained on industry sector to ensure a reliable and diverse cross section of mid-market opinions were obtained.