Table of Contents
As we look to 2025, Australia’s business landscape remains challenging; driven by rapid technological change, shifting market conditions, economic uncertainty, and increasing cyber threats. In a complex world where, on the one hand, we are embracing “artificial,” leaders are desperately seeking trust – trusted solutions, trusted systems and trusted partners.
The turbulence of recent years continues to create both risks and opportunities for leaders. In this current environment, technology leaders’ roles continue to become more pivotal, and they must get even closer to the business to understand the challenges more intimately.
The good news is that there is evidence that Australian businesses are elevating the importance of IT. According to Gartner’s latest forecasts, IT spending in Australia will reach a staggering AU$147 billion in 2025, an 8.7 per cent increase from 2024. The biggest growth is expected in software, with a projected rise of 13.4 per cent and investments in cybersecurity, GenAI, and cloud technologies.
A further 88 per cent of Australian and New Zealand CIOs and technology executives revealed that cybersecurity will remain a top technology investment in 2025, followed by data analytics (84 per cent), cloud platforms (83 per cent) and GenAI (81 per cent).
Against this backdrop, what can CIOs expect in 2025? Here are our top trends to watch:
Trend 1 – CIOs will see an intensifying strategic leadership role
The role of technology leaders has been evolving for some time, and by 2025, this shift towards a more strategic function will intensify. As organisations face growing complexities in the business landscape, these leaders will play an increasingly pivotal role in shaping business strategy.
Their role is no longer isolated to IT management. It has expanded to ensure technology is aligned with broader business goals, which will become more critical as they work closely with CEOs and senior leaders to drive innovation, enhance operational efficiency and improve customer experiences. With unprecedented volumes of data to analyse, there is also a growing emphasis around data accountability, leading businesses, CIOs and CISOs to prioritise data protection, management, and use.
Trend 2 – The war against cyber attacks will be unyielding: financial services under siege
While cybersecurity has been high on the agenda for the last few years, in 2025, this will be even more of a critical priority. The ongoing threat of relentless and increasingly sophisticated cyber-attacks keeps CEOs and CISOs awake. Emerging technologies, while offering significant advantages, have also increased cyber threats. The rise of cloud computing and artificial intelligence (AI) has expanded the attack surface for cybercriminals, providing them with more entry points to exploit. These technologies have introduced new vulnerabilities.
In recent years, Australia’s financial sector has experienced several major cybersecurity breaches. According to the International Monetary Fund, the sector has been targeted by 20,000 cyber-attacks worldwide, resulting in $12 billion in losses over the past two decades. The serious risks of client data breaches can harm clients and the business’s reputation and ability to operate. CEOs and CISOs must confidently reassure boards that they have the necessary controls and safeguards to protect their clients’ data.
Trend 3 – Organisations must get used to increased regulatory scrutiny in 2025
As the financial sector faces increasing pressure to safeguard sensitive information, effective data governance has become essential for maintaining security and trust. When managed properly, data is a valuable asset, making strong governance crucial for accuracy, security, and ethical use. Without proper analysis, however, it can become a liability. Leaders must understand its properties to unlock meaningful insights.
As banks and Mutual ADIs ramp up their data governance and cybersecurity efforts, the Australian Prudential Regulatory Authority (APRA) has stepped in with new directives to strengthen defences across the financial sector. APRA, the independent body overseeing institutions in banking, insurance, and superannuation, has urged businesses to regularly assess their security practices against the APRA Prudential Guide CPG 234 (Information Security). Additionally, APRA recommends that organisations review their backup arrangements, addressing common issues that can undermine the effectiveness of data restoration following a cyber incident.
Further, governance frameworks and compliance standards, such as the NIST (National Institute of Standards and Technology) Cybersecurity Framework, ISO 27001, PCI DSS and the Essential 8 framework, will be critical in ensuring that organisations meet the necessary security and compliance requirements. These frameworks help establish a comprehensive approach to cybersecurity and data governance by setting clear guidelines for risk management, data protection, and operational security. These are crucial in building trust with stakeholders and mitigating potential security threats.
Trend 4 – Embracing agility in AI technology adoption
Technology leaders must cultivate an agile approach to leveraging AI technologies, enabling their organisations to adapt to emerging challenges and seize new opportunities swiftly. This agility involves understanding AI capabilities and integrating them into existing business processes to enhance efficiency and decision-making whilst ensuring data remains secure and governed.
To maintain a competitive edge, organisations should prioritise the development of a robust AI strategy that aligns with their broader business objectives. This includes investing in training programs that enhance employees’ AI literacy, equipping them with the skills to implement and manage AI solutions effectively. Further, collaboration with partners offers access to specialised expertise and resources, ensuring businesses remain agile despite rapid technological advancements.
Trend 5 – Trusted partners will be invaluable in helping to navigate challenges
As the disruptive impact of AI and other emerging technologies takes its toll on business models, technology leaders must have a clear plan for their IT priorities and collaborate with trusted partners that offer specialised expertise and are responsive to the business’s needs. Consequently, the growing reliance on managed service providers (MSPs) will continue to strengthen.
Gartner acknowledges that this trend is also driven by the ongoing skills shortage, particularly complex IT services such as AI, machine learning, and advanced cybersecurity solutions. Many sectors struggle to fully realise the potential of their IT investments due to the scarcity of skilled talent, prompting businesses to turn to MSPs for guidance and expertise in driving successful projects.
Technology leaders must exhibit strategic leadership in a growingly complex landscape
As we navigate the complexities of the business landscape in 2025, technology leaders must play a strategic role in steering their organisations through technological enhancements while safeguarding against evolving cyber threats. A strategic focus on cybersecurity and data governance will lead the technology agenda in 2025 and beyond and is essential to maintaining client trust and operational integrity. By putting data securely back in the hands of the business, organisations will be able to embrace AI technologies to help address business challenges and unlock new avenues for growth whilst making sure they are not left behind.
The increasing intricacy of IT environments, coupled with the dynamic nature of cyber threats and the accelerated adoption of AI, underscores the need for technology leaders to have a clear roadmap for their strategic priorities. By collaborating with trusted partners, businesses can effectively harness the potential of AI while ensuring robust security measures are in place. This dual focus will position organisations to survive and thrive in an ever-evolving landscape.