Close
Login to MyACC
ACC Members


Not a Member?

The Association of Corporate Counsel (ACC) is the world's largest organization serving the professional and business interests of attorneys who practice in the legal departments of corporations, associations, nonprofits and other private-sector organizations around the globe.

Join ACC

ACC Member Portal and Web Services are back online
ACC's member portal and web services are available following a scheduled upgrade. However, our team is monitoring and resolving issues promptly. Please be sure to reset your password here.
Thank you for your patience. Please contact our team with any questions.


Our Perspectives on Cyber Risk 2025 Report explores changes in privacy, data protection and cyber security laws over the last 10 years.

Between February and March 2025, we conducted our 10th annual Perspectives on Cyber Risk survey. More than 150 participants — including Australian business leaders, senior executives, directors, legal counsel, and risk professionals — shared their views on the evolving threat landscape. Drawing on a decade of survey data, this year’s report tracks how organisational perspectives have shifted alongside changes in cyber threats, defences, and regulatory expectations.

Over the past ten years, one constant has emerged:

awareness of cyber risk is rising, but readiness continues to lag behind.

Organisations are increasingly aware of the strategic importance of cybersecurity, yet persistent capability gaps remain — particularly in data governance, incident response, and Board-level oversight.
 


These results highlight a critical need for uplift in governance, strategy, and accountability. Without stronger capability at Board and executive levels, organisations risk overestimating their resilience, underinvesting in uplift, and misjudging their regulatory exposure.

Evolution of AI and cyber risks

Organisations are becoming increasingly ready to adopt AI — and rapidly so. In our 2025 survey, 70% of respondents said they are at least somewhat confident in their organisation’s preparedness to adopt Generative AI (GenAI) platforms. This marks a significant shift from 2018, when fewer than 15% reported any active use of AI solutions.

However, alongside this growing confidence is a sharp awareness of risk. 84% of respondents cite privacy risks, particularly data compromise, as their top concern when it comes to AI adoption.

As GenAI moves from experimentation to enterprise integration, the security, privacy, and governance implications are becoming increasingly complex — and increasingly urgent.

“Organisations must continuously evolve and adapt their security strategy to an increasingly complex environment – especially in the face of AI and its benefits and risks.

This means continuously investing in the fundamentals: timely patching, comprehensive asset and data visibility, rehearsed incident response, supply chain assurance, robust access controls, user awareness training, and reliable backup procedures.

Cyber considerations must be embedded into strategic planning and boardroom dialogue, not just compliance checklists.”

Paul Kallenbach, Partner, Technology, Digital & Data

Perspectives on Cyber Risk 2025 Report

To mark the release of the 10th Anniversary Edition of the Cyber Risk Report, we sat down for a ‘fireside’ chat with Carly Kind, Privacy Commissioner, Office of the Australian Information Commissioner, and Paul Kallenbach, MinterEllison’s National Legal Cyber Leader, to discuss the rapidly evolving cyber risk and regulatory environment. 

View the Chat Here

 

ACC
ACC Global Headquarters
1001 G Street NW
Suite 300W
Washington, D.C. 20001 USA

Contact Directory

Explore ACC
Privacy & Other Policies © 1998-2025, Association of Corporate Counsel. All Rights Reserved.