IT Brief Australia - Technology news for CIOs & IT decision-makers
Australia

Guides

#
artificial intelligence
#
digital transformation
#
disaster recovery
#
hybrid & remote work
#
internet of things

Search

Commercial airplane digital padlocks shield icons abstract australia map cybersecurity aviation
#
Advanced Persistent Threat Protection
#
Partner Programmes
#
Physical Security

Shockwaves from Qantas cyber breach being felt across Australian business

Wed, 2nd Jul 2025
Author image
By Sean Mitchell, Publisher

The recent cyber attack on Qantas has sent shockwaves across the Australian business community, underscoring the intensifying threat landscape confronting even the country's most prominent organisations. Industry leaders and cybersecurity experts are warning that the incident is emblematic of larger trends: growing risks within supply chains, increasing attacks on identity and endpoints, and the vital importance of having robust, adaptive security measures in place.

Mark Holden, Technical Operations Lead at Precision IT, commented on the incident's broader implications for both mid-sized and large enterprises. "The breach shows how attackers exploit weak links in the supply chain. Even if your systems are sound, you're only as secure as your vendors," he said. Holden stressed that modern enterprise security must extend beyond organisational boundaries, encompassing all third-party partners. "Zero trust, segmentation and vendor monitoring are essential. So is knowing where your data lives and who can access it."

Holden also emphasised that cybersecurity resilience is not simply a technology problem but one that requires continuous engagement from every employee. "Cyber resilience means every staff member understands their role. It's not set-and-forget – it's a continuous cycle of vigilance and response," he said.

Lisa Fortey, general manager of Logicalis Australia, echoed similar concerns following the Qantas breach. "The Qantas breach is a stark reminder that no organisation is immune to cyber threats. Logicalis has witnessed a rise in attacks targeting identity, endpoints, and supply chains in particular," Fortey noted. She advocated for a proactive approach to cybersecurity, arguing that, "Customers can stay ahead with proactive threat detection, rapid response, and continuous security posture improvement, and ensure that cyber resilience is embedded at every level of the business."

Fortey urged organisations not to become complacent in the face of escalating threats. "Now is the time for organisations to review their defences, assess gaps, and act decisively, before they become the next headline," she warned.

From a technical perspective, Gareth Cox, Vice President, Sales – APJ, at Exabeam, highlighted the changing nature of attacks and the increasing role of artificial intelligence in dealing with credential-based threats. "Today's cybersecurity landscape is continuously changing but for the past 10 years stolen credential-based attacks have been the number one attacked vector," Cox explained. He added, "Now that we have companies opening up access for legitimate business purposes via credentials, it is easier for adversaries to steal third-party credentials to gain access through a trusted partner."

Cox called into question the adequacy of traditional security tools, which, he noted, often do not flag suspicious behaviour following a legitimate login attempt. "Traditional security controls don't detect risk when someone or something logs in nor do they understand users and behaviour. This is where AI and machine learning security controls excel on Mean Time to Detect and Gen AI / Agentic AI helps with Mean Time to Respond."

He described a scenario where advanced technology could automatically flag and investigate abnormal behaviour after a breach, providing security teams with rapid, actionable intelligence. "For example, AI and machine learning would flag the abnormal behaviour once the attacker logged into the environment with the stolen credentials. They would track the activity, ask hundreds of questions and flag a security case based on the behaviour so that the security operations team can respond quickly. Deploying AI & machine learning is a quick win and incredibly effective in detecting what is normal or abnormal."

The Qantas incident has reinforced the urgent need for businesses at every scale to review their security postures, scrutinise supply chain partners and embed a culture of continuous cyber vigilance. As cyber threats become more sophisticated and persistent, Australian organisations are being pressed to not only invest in advanced defences but also to foster widespread cyber awareness among all staff to stay resilient in the face of evolving dangers.

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X
Related stories
Asia Pacific faces trust gap as AI adoption outpaces governance
AI now integral to workplace routines & software decisions
AI and the future of supply chains: Moving from predictive to adaptive
How AI Can Help You Land Your Next Role - Faster, Smarter and With More Confidence
Armis expands integration programme to boost cyber resilience

Top stories

Stack Overflow launches Stack Internal to unify workplace knowledge
AI & digital alignment drive business gains in sustainability
Dell & Microsoft expand Azure partnership for hybrid cloud
Australian tech wages rise as job growth & hours diverge
TEG & Google Cloud launch AI assistant to personalise live events