Caution: JavaScript execution is disabled in your browser or for this website. You may not be able to answer all questions in this survey. Please, verify your browser parameters.

Cyber Security

Ai Group is conducting a survey on cyber security. It is an issue for everyone so we would like to hear from all businesses on this topic, we estimate it will take 10 minutes to complete.

We will use the results to inform a report on cyber capability and as an evidence base to advocate for business. The Australian Federal Government is developing a Cyber Security Strategy for 2023-2030 and Ai Group is deeply engaged with the Government process. We are doing this research to help sharpen our advocacy on behalf of industry.

We recognise that many of the questions in this survey are sensitive, and we’ve tried to make them as easy to answer as possible. All responses are confidential, and we will only report deidentified results in industry aggregates. All questions are optional (except the business demographics).

If you have any questions please email

Business details
(This question is mandatory)
Company name
(This question is mandatory)
What is the postcode of your primary business location (e.g. registered business address)?
(This question is mandatory)
In which industry does your business mainly operate?
How many full-time equivalent (FTE) people do you employ?
We use this to group business size by number of employees
What is your approximate annual revenue (financial year)? 
Cyber Security
How informed about cyber security do you consider your business?
How concerned about cyber security is your business?
How capable do you consider your business in assessing cyber risk?
How confident are you with your business's internal cyber security systems and practices?
How confident are you that the external security products you invest in are or will be effective? 
How do you make decisions about which security products to invest in?
Do you have policies to help guide your staff to work cyber-securely?
Do you have a documented cyber security incident response plan? 
If yes, do you plan to review and test within the next year?
If no, do you plan to develop one within the next year? 
Has your business been the victim of a deliberate cyber incident where your business operations were disrupted? 
If yes, to what level were your business operations disrupted? 
Have you changed your cyber security strategies/systems as a result of the incident?
If you were asked to pay a ransom did you pay it?
If yes, was it effective in recovering your operations?
Do you have a cyber security incident recovery strategy?
If yes, do you plan to update it in the next year?
If no, do you plan to develop one in the next year?
Are you insured for a cyber security incident?
Did you spend significant resources or change processes significantly to meet insurance compliance thresholds?
Are you aware of the Australian Cyber Security Centre's Essential Eight? Australian Cyber Security Centre - Essential Eight
Have you implemented the Essential Eight strategies? 
Application whitelisting (allowing an unknown application to run in your systems)
Patching applications (security updates of software)
Configuring Microsoft Office macro settings
(prevent macros from running unless specifically allowed)
Application hardening (strengthening software security)
Restricting administrative privileges
(limited staff able to install/uninstall software on computers)
Patching operating systems (security updates on Windows, Mac OS)
Multi-factor authentification (using SMS or authenticator apps)
Daily backups (of business critical data)
From where do you source your cyber support capabilities? 
If other please specify
Do you have a data lifecycle management strategy? (i.e. retention, minimisation)
If yes, will you update your strategy in the next year?
If no, will you develop a strategy in the next year? 
Do you know where to get information about cyber security?
This section asks about technology investment more broadly
What are your highest priorities for your business investment spending for 2023? (drag and drop to the right)
If other, please specify
What will influence your technology investment decisions? (drag and drop on the right)
If other, please specify
This section asks about general workforce technology skills
How comfortable are your staff with technology?
Technicians & trades
Community & personal service workers
Clerical & administrative workers
Sales workers
Machinery operators & drivers
Do you currently invest in staff technology skills training?
If yes, who are your priorities for staff technology skills training
Do you plan to change your investment in staff technology training over the next year? 
Closing survey questions
Closing survey questions
Would you like to receive a copy of the report on publication?
Would you be willing to be a confidential participant in our cyber security case studies? 
Would you like to talk to someone at Ai Group about cyber security or other issues affecting your business? 
Contact details