Jam Cyber Monthly Cyber Brief | January 2026

Welcome to our first edition of 2026, where we are beginning the year on a high!

We are very proud to share that Jam Cyber has reached 100 five-star Google reviews across our locations.

This milestone reflects the trust Australian small and mid-sized businesses place in us, and we're grateful to every client who has taken the time to share their experience.

This month's updates point to a clear shift for Australian small and mid-sized businesses. Artificial intelligence is now firmly part of day-to-day business tools, becoming cheaper, more capable, and easier to use. At the same time, cyber risks are increasing, with ransomware, AI-enabled scams, and supplier breaches continuing to affect organisations of all sizes.

For professional services firms and SMEs, the opportunity and the risk are moving together. Productivity gains from new technology are real, but they need to be balanced with stronger controls around data, third-party providers, and staff awareness.

The sections below highlight what has changed, why it matters, and what business owners should be paying attention to as the year gets underway.

IT & Cyber Trends We're Seeing Right Now

AI Tools Are Becoming More Affordable for SMEs

Microsoft has reduced the price of its Microsoft 365 Copilot AI assistant for small and mid-sized organisations, cutting the per-user cost and expanding access to AI features across Word, Excel, Outlook, and other core applications.

This move signals a broader effort to make AI productivity tools accessible to budget-conscious businesses. For small teams, it means tasks such as drafting documents, analysing spreadsheets, and managing email workloads can now be supported by AI without enterprise-level spend.

What to do next:

• Identify repetitive or time-consuming tasks across your team
• Check whether AI features are already included in your existing software licences
• Trial AI tools with a small group before wider rollout

If you have been thinking about Microsoft Copilot, now is a good time to act. Jam Cyber can help set it up properly, support your team with practical training, and make sure it is used safely and effectively.

Customer Support Automation Is Now Business As Usual

AI-driven chatbots are now widely accessible to small businesses, with platforms such as ManyChat, Leadie.ai, and Tidio seeing strong adoption.

These tools are less about experimentation and more about handling everyday customer enquiries reliably and consistently, helping small teams improve service without increasing staff numbers.

What to do next:

• Identify common customer questions suitable for automation
• Deploy chatbots first in low-risk, high-volume scenarios
• Regularly review responses to ensure accuracy and brand tone

Timing Matters More Than the Tools Themselves

The underlying technology behind today's AI tools continues to improve quickly with major advances in newer models such as Google's Gemini, including gains in reasoning speed and the ability to work across text, images, and data.

For small and mid-sized businesses, this is less about following every new release and more about judgement. The real challenge is deciding when improvements are practical, stable, and useful enough to justify change.

What to do next:

• Avoid reacting to every new AI announcement or product launch
• Focus on tools that solve a specific business problem, not just those with new features
• Review AI changes periodically as part of normal IT planning, rather than adhoc decisions

Current Cyber Threats for Australian SMEs

Ransomware Attacks Surge on Australian Businesses

Australia recorded the highest ransomware attack rate among surveyed countries in 2025. This report showed that 35% of all attacks on organisations involved ransomware. And for those that were affected, 95% paid the ransom. Despite paying the ransom, 23% of the impacted organisations still took more than 24 hours to recover from the attack.

These figures highlight how widespread and costly ransomware has become for Australian businesses, including SMEs. Security experts warn that paying ransoms only fuels criminal activity and does not guarantee full recovery.

What to do next:

• Review backup and recovery processes to ensure systems can be restored quickly
• Test incident response plans, including decision-making under pressure
• Focus investment on prevention and recovery rather than ransom payments

Hackers Target Law Firm Service Providers

In early December, a ransomware group claimed to have breached BarNet Networks, an Australian provider of network, hosting, and case-tracking services used by law firms.

The attackers threatened to release stolen data, highlighting how companies that support law firms are increasingly being targeted rather than individual firms alone. Providers that sit behind practice management systems, hosting platforms, and case-tracking tools have become attractive targets because a single breach can affect dozens or even hundreds of firms at once.

This incident reinforces a broader trend. Even where individual firms maintain strong internal security, weaknesses in the legal technology and services ecosystem can expose client data and disrupt operations across the sector.

What to do next:

• Maintain an up-to-date register of critical third-party and supply chain providers
• Ask suppliers how they protect data, manage access, and respond to cyber incidents
• Ensure contracts clearly address breach notification, liability, and shared responsibilities

AI-Generated Phishing and Scam Calls on the Rise

Cyber criminals are increasingly using generative AI to create convincing phishing emails, SMS messages, and scam phone calls. Recent reporting shows that these scams are becoming harder to distinguish from legitimate communications, particularly in Australia.

As language quality and tone improve, traditional warning signs such as spelling errors or awkward phrasing are no longer reliable indicators of fraud.

What to do next:

• Enforce multi-factor authentication across email, finance, and remote access systems
• Reinforce verification processes for payment or data requests
• Encourage staff to pause and confirm unusual or urgent requests

One of the most powerful ways to avoid AI scams is Cyber Security Awareness Training. Jam Cyber offers free baseline Cyber Security Awareness Training for Australian SMEs.

Things to Keep on Your Radar

Australia's National AI Plan and the Readiness Gap

The Australian Government has launched a National AI Plan aimed at accelerating AI innovation, adoption, and safe use. However, there are concerns from small business advocates that the plan focuses heavily on education while overlooking practical adoption barriers.

One report has highlighted that 23% of Australian small businesses say they lack the time to learn how to use AI tools, a significantly higher proportion than comparable markets. This underscores a growing gap between policy ambition and everyday business reality.

What this means for your business: Government direction is setting expectations that AI adoption will continue, but the practical burden still sits with business owners. The most sustainable path is to focus on tools that reduce workload immediately and fit naturally into existing systems, rather than treating AI as a separate transformation project.

In-Country Data Hosting for Microsoft 365 Copilot

Microsoft has announced it will offer in-country processing of Microsoft 365 Copilot data for Australian customers, allowing AI prompts and responses to be processed within Australia.

For law firms, accountants, and consultants handling sensitive client information, this is an important development. It addresses data sovereignty and privacy concerns and may reduce barriers to using AI tools in regulated or compliance-heavy environments.

What this means for your business: If data location and privacy obligations have been a barrier to using AI tools, this change may remove one of the key blockers. It gives professional services firms more confidence to assess Copilot in a compliant way, provided appropriate governance and controls are in place.

What's New at Jam Cyber

This month, we're proud to share a milestone made possible by our clients.

Jam Cyber has now reached 100 five-star Google reviews across our locations!

This reflects the trust small and mid-sized businesses place in us to support their IT and cyber needs — and for that we are truly grateful.

We'd like to thank our customers for taking the time to share their experiences. Your feedback helps other business owners find practical, reliable support and helps our team continue to improve how we work with Australian SMEs.

If you're already a Jam Cyber client, thank you for being with us. If you'd like to experience the service everyone is raving about, get in touch with our Jam Cyber team!

Final Thoughts

2026 is shaping up to be a year where technology decisions have a direct impact on day-to-day business performance. AI is becoming easier to access and more useful, while cyber risks continue to target small and mid-sized organisations through both direct attacks and trusted service providers.

For business owners, the challenge is not whether to engage with these changes, but how to do so in a way that is practical, secure, and aligned with how the business actually operates.

If you want a clear view of where your business stands, or you're considering tools like Microsoft Copilot but are unsure how to adopt them safely, Jam Cyber can help. Our team works with Australian SMEs to review systems, reduce risk, and put the right technology foundations in place. Get in touch to start the conversation today!