Blog › Cyber Insights

September Cyber Brief

8 September 2025 9 min read By jamcyber
September Cyber Brief

Jam Cyber Brief

September 2025 Edition

From the rise of quantum computing and AI-native graduates entering the workforce, through to the risks of shadow IT and looming hardware deadlines, Australian businesses are being asked to adapt quickly.

This month’s update brings together the key shifts we’re seeing right now: the opportunities, the risks, and the practical steps you can take to stay ahead. Whether it’s preparing for new encryption standards, setting clear policies around AI, or building resilience against ransomware and phishing, the trends here are a reminder that cyber security and technology planning are now part of everyday business.

Keen to jump ahead? See the topics covered this month:

Trends Happening Now

Quantum Computing in the Spotlight

Quantum computing is a new kind of powerful computer that works using the unusual rules of quantum physics. Imagine trying to find the right key for a lock. A regular computer tries the keys one by one. A quantum computer tries all the keys at once. That means it can solve very tough puzzles, like cracking the codes that protect your business data, very quickly.

This speed matters because the locks we use today to protect things like emails, contracts, and client records were built for slower, regular computers. A strong enough quantum computer could open those locks in minutes.

The 2025 Quantum Pulse Survey found that 61.4% of Australian organisations believe quantum will threaten encryption, yet only 8.5% have put quantum-safe protections in place and only 10.4% feel “extremely prepared.”

Australia is moving quickly on this. The Australian Signals Directorate says weak encryption algorithms that are easy targets for quantum attacks, such as RSA, ECDSA, ECDH and SHA-256, will be phased out by 2030.

Should I be worried right now?

No: don't panic! While quantum computing is advancing, there is no need to overhaul your systems today. What matters is being aware of the changes coming over the next decade so your firm can plan ahead and avoid last-minute pressure.

Three Easy Steps for Firm Owners Today

  1. Check with your IT provider – Ask if your systems use algorithms due to be phased out, and whether they’re moving toward quantum-resistant options. A simple cyber audit (internal or with a provider like Jam Cyber) can highlight both current and future risks.
  2. Know where your sensitive data lives – Identify long-term records such as client files or contracts, and review how securely they are stored now and how long they’ll need to remain secure.
  3. Plan gradual updates – Build quantum considerations into your future security planning. Prioritise high-value areas and aim to align with the 2030 transition, so you stay ahead without disruption.

Jam Cyber Tip:

Not sure where to start? We can help review your systems and prepare a practical roadmap for quantum-safe security.

Contact us now! Restricting USB

Former PM Calls Out Cyber Complacency


Former Prime Minister Malcolm Turnbull recently warned that Australian businesses are becoming complacent about cyber risk. He argued that too many boards and executives see ransomware and data breaches as an inevitable cost, rather than a preventable threat.

Reports highlighted that nearly half of cyberattacks now occur on weekends or holidays, when firms are least prepared. Turnbull’s point was clear: cyber security is not just an IT issue, it is a leadership responsibility. For professional services and legal firms, where client trust and confidentiality are central, the call to take ownership at the executive level has never been louder.

Three Ways to Act Now

  1. Put cyber risk on the board agenda at every meeting and assign clear accountability.
  2. Run regular cyber awareness training and simulated phishing tests for all staff.
  3. Ensure 24/7 monitoring or an incident response plan that covers weekends and holidays.

The Next Generation Are AI Natives


We’re increasingly hearing fears around employee AI use, particularly with a new wave of potential “AI Native” school levers.

School and university students are now growing up with AI tools at their fingertips. For them, using AI to draft an essay, summarise research, or brainstorm ideas is second nature. When these AI-native graduates enter the workforce, they will expect the same kind of digital assistance in their jobs.

But business owners need to recognise a key difference: while using AI for a university assignment carries limited risk, using AI for preparing confidential legal or client files raises privacy and security concerns. The challenge for SMEs is to harness the productivity benefits of AI while keeping sensitive information safe.

Three Ways to Prepare

  1. Create a clear AI use policy that sets boundaries on what staff can and cannot enter into public AI tools.
  2. Provide training on both the opportunities and risks of AI, with examples tailored to your industry.
  3. Explore secure or private AI platforms that can be deployed inside your firm without exposing client data.
Need a free AI policy? Contact our team.

Time to Review Your Hardware?

A reminder for business owners: Microsoft will end support for Windows 10 in October 2025. That means no more security updates, leaving any devices still running it exposed to risks. Some older laptops and desktops also cannot run Windows 11, so if you are holding onto ageing hardware, now is the time to plan.

A smooth hardware replacement cycle is about more than just speed. Updated devices keep staff productive, stay compatible with modern software, and reduce security gaps. Waiting until a computer fails often costs more in lost time and emergency fixes than replacing it on schedule.

If upgrading your fleet feels like a big expense, remember there are equipment finance options to spread the cost and make the transition manageable.

Jam Cyber Support:

We can assess what needs replacing, guide you on the right devices, and support your business through the change.

Contact us now! ACSC Essential 8 Framework

New Tech Everyone is Talking About

DIY AI – Exciting, But Leads to Shadow IT

Tools like Lovable and other no-code platforms are making it easy for staff to build their own AI tools. Think chatbots, report generators, or client self-service widgets. Innovation can happen naturally without waiting on your IT team.

This is known as “Shadow IT”, and it refers to the use of software, apps, or devices inside a business without the knowledge or approval of the IT team.

These actions may seem harmless, but any “shadow IT” carries risks. Proofpoint estimates that 97% of cloud apps used in businesses are unapproved and unknown to IT, and Gartner predicts that 75% of employees will be using tools outside IT’s control by 2027.

Similarly, Expert Market Research points out that while low-code and no-code platforms make innovation accessible, they also introduce weak controls and vulnerabilities when used without oversight.

Three Practical Steps to Keep It Safe

  1. Write a clear policy that explains which AI or no-code tools are allowed, and which ones aren’t.
  2. Offer approved options that let staff innovate safely under supervision.
  3. Regularly check for and secure new tools being used across your business.
Looking to develop your own AI playground? Speak to Jam Cyber about a secure AI Workplace for your team.

AI Agents Are Gaining Speed

AI agents are the next wave of automation. Unlike a simple chatbot, an agent can act on instructions, gather information, and sometimes even take steps on your behalf. They are still early in development, but experts agree they will continue to evolve quickly and become a bigger part of how businesses operate.

For business owners curious to try, a good first step is to experiment with safe, mainstream tools such as OpenAI’s ChatGPT agent or Microsoft’s Copilot. These give you a feel for how agents can summarise documents, draft responses, or manage routine tasks.

Before rolling out AI agents in your organisation, start by asking: what do we want the agent to actually do? Then map the workflow and only after that look for the right tool. Clear goals up front will help avoid wasted effort and ensure the technology adds real value.

Should my business use AI?

Cyber Threats We’re Seeing Right Now

Cyber crime is not slowing down. Here are three threats hitting Australian businesses right now:

Law Firms (still) in the Firing Line

A recent ransomware attack on an Adelaide law chambers showed how valuable client files are to criminals. Hackers claimed to have stolen sensitive court documents and correspondence before publishing them on the dark web. Professional services firms should treat this as a warning: confidential data is a prime target.

What to do: Review where client data is stored, keep regular offline backups, and have an incident response plan ready before you need it.

Deepfakes on the Rise

AI-driven scams are accelerating. Criminals now use fake voices and videos to impersonate executives and trick staff into transferring money. One overseas scam netted millions, and security experts warn these attacks are becoming common in Australia.

What to do: Require staff to verify unusual requests through a second channel, and tighten your payment approval processes.

Phishing and Human Error Still Dominate

Even as threats evolve, phishing remains the number one way attackers break in. Emails, texts, and links designed to trick staff into clicking or sharing passwords are still the main culprits behind breaches in Australia.

What to do: Deploy multi-factor authentication and spam filters, but most importantly, train staff regularly to recognise and report suspicious messages.

Build a Human Firewall – With Jam Cyber

Most cyber attacks succeed because of human error, not technology. A single click on a phishing email can open the door to serious damage. The best defence is to train your staff so they know how to spot and stop these attacks.

Jam Cyber provides free, practical employee training that gives your team the confidence to recognise threats and protect your business. Turn your staff into a human firewall and dramatically reduce your risk.

Sign up for Free Cyber Security Awareness Training Today!

Final Thoughts for the Month

The pace of change in technology and cyber security shows no signs of slowing. From AI and automation to new threats like deepfakes and ransomware, Australian businesses face both challenges and opportunities.

The message is clear: staying informed and taking small, proactive steps now can make a big difference in how resilient your business will be tomorrow.

At Jam Cyber, we work alongside professional services and SMEs to make that journey easier. From employee training and 24/7 monitoring through to practical advice on upgrading systems and staying compliant.

If you’re looking for support in turning these trends into a plan, we’re here to help you focus on what matters most: running your business with confidence.

// Need more help?

Contact our team today.



    This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

    Protect your business from cyber threats.

    Jam Cyber helps Australian businesses stay secure with practical, expert-led guidance and managed security services.

    Book a Free Strategy Session