KnowBe4 Research Reveals Over Half of Australians Prioritise Work Accounts Over Personal Security

New study finds 76% of Australians feel confident spotting cyber threats, but risky habits like password reuse and credential sharing remain widespread

KnowBe4, the world-renowned platform that comprehensively addresses human and agentic AI risk management, today released new research "Australia's Cybersecurity Paradox: Strong Defences, Weak Habits," revealing a disconnect between Australians' cybersecurity confidence and their everyday online behaviours.

The report, based on a national survey conducted by YouGov, shows that while Australians believe they understand cyber threats, many continue to follow practices that increase their exposure to cyber risk. One of the most telling findings is that more than half of Australia's workforce admits to putting more thought into securing their work accounts than their personal ones, suggesting security behaviours are often driven by workplace policies rather than personal habits.

Key findings from the report include:

• 53% of employed Australians prioritise protecting work accounts over personal accounts
• More than one in five Australians share login credentials for sensitive accounts such as email or banking
• The tendency to prioritise work security over personal accounts is highest among younger generations, reaching 66% for Gen Z, 65% for Millennials and just 35% for Gen X.
• 24% take no action after hearing about a major data breach unless directly notified
• 66% reuse passwords across multiple online accounts

The research highlights a broader behavioural challenge for organisations: security behaviours often disappear outside the workplace.

"Many people are careful with their work accounts because policies require it, but those same habits don't always carry over into personal life," said Erich Kron, CISO advisor at KnowBe4. "Cybersecurity resilience improves when secure behaviour becomes second nature - not just something employees do to meet workplace requirements. That's where human risk management plays a critical role in turning awareness into lasting behaviour."

The research highlights a critical reality: technology alone cannot close the cybersecurity gap if everyday behaviours remain unchanged. As cybercriminals increasingly use AI to scale and personalise attacks, organisations must secure both the human layer and the AI agents that are becoming part of the modern workforce. A comprehensive human risk management approach helps reinforce secure behaviour and reduce risk where attacks most often begin - with people.

Download the full report "Australia's Cybersecurity Paradox: Strong Defences, Weak Habits" here.

Methodology

This report is based on an independent online survey conducted by YouGov between 17-20 October 2025 among 524 Australians aged 18 and over. Data was weighted by age, gender and region to reflect Australian Bureau of Statistics population estimates and conducted in accordance with ISO 20252:2019 standards.

About KnowBe4

KnowBe4 empowers workforces to make smarter security decisions every day. Trusted by more than 70,000 organisations worldwide, KnowBe4 builds security culture and helps teams manage both human and agent risk. The company delivers a comprehensive, agentic best-of-suite platform for Human Risk Management, creating an adaptive defence layer that reinforces secure behaviour against evolving cybersecurity threats. The HRM+ platform includes awareness training, integrated cloud email security, real-time coaching, crowdsourced anti-phishing, AI Defence Agents, and more. As AI becomes increasingly embedded in business operations, KnowBe4 prepares the modern workforce by training both humans and AI agents to recognise and respond to security risks. Through this unified approach, KnowBe4 leads workforce trust management and defence strategies. More info at knowbe4.com.

Follow KnowBe4 on LinkedIn and X.