What is the Australian AI Data-Governance Index 2026?

It is Areebi Research's synthesis of three verified Australian public datasets - the OAIC Notifiable Data Breaches Report for January to June 2025, the Australian Signals Directorate Annual Cyber Threat Report 2024-25, and the National AI Centre and Fifth Quadrant Responsible AI Index 2025 - read together to assess how ready Australia's regulated sectors are for AI data governance. It is a synthesis of public sources, not a primary survey.

How many notifiable data breaches did Australia record in the first half of 2025?

The Office of the Australian Information Commissioner (OAIC) recorded approximately 532 notifiable data breaches in the first half of 2025 (January to June), down around 10% on the previous half. Approximately 59% stemmed from malicious or criminal attack and around 37% from human error. The most-affected sectors were health (around 18%), finance (around 14%), and the Australian Government (around 13%).

What did the ASD Annual Cyber Threat Report 2024-25 find about the cost of cybercrime?

The Australian Signals Directorate logged over 84,700 cybercrime reports in 2024-25 (about one every six minutes) and responded to over 1,200 cyber security incidents, up approximately 11%. The average self-reported cost of cybercrime to business rose approximately 50% to about AUD 80,850, with small business around AUD 56,600, medium business around AUD 97,200, and large business losses up approximately 219% to about AUD 202,700.

Why does human error in data breaches matter for AI governance?

Approximately 37% of Australian notifiable breaches in the first half of 2025 stemmed from human error, per the OAIC. Generative-AI tools add new, high-bandwidth ways for that error to leak sensitive data, such as pasting customer or patient records into unsanctioned chatbots. This is the case for runtime AI data controls and data-loss prevention, which act at the point of failure rather than after it.

What Australian AI regulations are relevant to this Index?

The Privacy Act automated-decision-making transparency obligations commence on 10 December 2026, requiring disclosure where automated systems including AI make decisions that significantly affect individuals. For APRA-regulated entities, CPS 230 (Operational Risk Management) and CPS 234 (Information Security) impose obligations on operational resilience and information-security controls that extend to AI data flows.

Under what license is this Index released?

The Australian AI Data-Governance Index 2026 is released under the Creative Commons Attribution 4.0 International (CC BY 4.0) licence. You may quote it, link to it, and republish it with attribution to Areebi Research and a link back to the canonical page. The underlying figures belong to their original publishers (the OAIC, the Australian Signals Directorate, and the National AI Centre and Fifth Quadrant); please cite them directly where you reuse the data.

Australian AI Data-Governance Index 2026

Name: The Australian AI Data-Governance Index 2026
Creator: Areebi Research Team
Published: 2026-01-01
License: https://creativecommons.org/licenses/by/4.0/

Executive summary

This is Areebi's synthesis of verified Australian public data, not a primary survey. Three official datasets, read together, describe the gap between how fast Australia's regulated sectors are adopting AI and how slowly the governance around it is maturing. The Office of the Australian Information Commissioner (OAIC) recorded approximately 532 notifiable data breaches in the first half of 2025¹. The Australian Signals Directorate (ASD) logged over 84,700 cybercrime reports across 2024-25, about one every six minutes². And the National AI Centre's Responsible AI Index 2025 found only around 12% of Australian organisations are "leading" on responsible AI³. The sectors most exposed to breaches are precisely the regulated sectors adopting AI fastest.

The four headline findings of this 2026 release:

Finding 1Breaches concentrate in the sectors adopting AI fastest

The OAIC recorded approximately 532 notifiable breaches in H1 2025¹, with health (around 18%), finance (around 14%), and the Australian Government (around 13%) the most-affected sectors¹. These are the same regulated sectors moving fastest into AI.

Finding 2Human error is a major breach cause - the case for runtime controls

Approximately 37% of H1 2025 notifiable breaches stemmed from human error and around 59% from malicious or criminal attack¹. Human error is the failure mode runtime AI data controls and data-loss prevention are built to catch.

Finding 3Responsible-AI execution is not keeping pace with adoption

Only approximately 12% of Australian organisations are "leading" on responsible AI³, and the 2024 edition of the Index found organisations implement on average only about 12 of 38 responsible-AI practices³.

Finding 4The cost of getting this wrong is rising sharply

The average self-reported cost of cybercrime to Australian business rose approximately 50% to about AUD 80,850, and large business losses rose around 219% to about AUD 202,700². AU regulatory deadlines - the Privacy Act automated-decision transparency reforms and APRA CPS 230 - land into this environment.

Readers in a hurry can skip to the human-error and runtime-control case and what it means under AU regulation. Analysts and journalists should start with the methodology note and references.

Methodology note

What this report is. The Australian AI Data-Governance Index 2026 is a synthesis of public sources, not a primary survey. It triangulates three official, externally verifiable Australian datasets: the OAIC Notifiable Data Breaches Report for January to June 2025¹, the ASD Annual Cyber Threat Report 2024-25², and the National AI Centre and Fifth Quadrant Responsible AI Index 2025 (with the 2024 edition for the practice-adoption baseline)³. Every figure in this report traces to one of those three sources and is attributed inline.

What this report is not. Areebi did not field a primary survey for this release, and we have not modified any number from its original source. Where we connect a breach statistic to an AI-governance implication, that is our analysis, and we say so. We do not assert that any specific breach was caused by AI; rather, we observe that the sectors leading Australian breaches are the same regulated sectors adopting AI fastest, and that the responsible-AI execution data shows governance trailing adoption.

The analytical lens

We read the three datasets through a single question: is Australia's data-governance capability keeping pace with the speed of AI adoption in its most-regulated sectors? The OAIC data describes where Australian data is leaking and why. The ASD data describes the threat volume and the rising cost. The Responsible AI Index describes how mature the governance response is. Read together, they make the case for runtime AI data controls in regulated environments.

Caveats we hold honestly

Correlation, not causation. Breach concentration in health, finance, and government reflects the volume and sensitivity of data those sectors hold, not a proven AI link. We use the overlap with fast AI adoption to frame governance urgency, not to attribute any breach to AI.
Self-report bias. The ASD cost figures are self-reported by businesses² and the Responsible AI Index is a decision-maker survey³; both tend to skew optimistically on maturity and conservatively on cost. We surface the figures as the sources reported them.
Half-year versus annual windows. The OAIC figure covers the first half of 2025¹; the ASD figure covers the full 2024-25 financial year². We do not annualise or combine the windows.
Commercial incentive disclosure. Areebi sells a secure-AI-control-plane product whose data-loss-prevention layer is relevant to the human-error finding. We disclose this incentive up front; the underlying sources are linked so you can re-do the synthesis with different weights.

Finding 1

The Australian breach landscape

The OAIC's Notifiable Data Breaches Report for January to June 2025 recorded approximately 532 notifications, down around 10% on the previous half¹. The fall in volume is welcome, but the composition is the part that matters for AI governance: where the breaches land, and what causes them.

~532

Notifiable breaches, H1 2025

Down approximately 10% on the previous half¹

~59%

Malicious or criminal attack

Leading source of H1 2025 breaches¹

~37%

Human error

A major and persistent cause¹

Most-affected sectors, H1 2025 (OAIC)¹

Health service providers~18%
Finance~14%
Australian Government~13%

The three most-affected sectors - health at approximately 18%, finance at around 14%, and the Australian Government at around 13%¹ - are exactly the regulated sectors moving fastest into AI-assisted workflows: clinical documentation, claims and fraud triage, and citizen-service automation. The data those sectors hold is the most sensitive in the economy, and it is the same data that now flows toward AI systems. That overlap is the central governance concern of this Index.

The threat backdrop is intensifying. The ASD Annual Cyber Threat Report 2024-25 logged over 84,700 cybercrime reports - about one every six minutes - and responded to over 1,200 cyber security incidents, up approximately 11% on the prior year². A higher tempo of attack against the sectors holding the most sensitive data raises the stakes for every new AI data flow those sectors open.

For the regulatory treatment of breach obligations in Australia, see our Australian Privacy Act compliance brief and the companion Areebi Index Q2 2026 for the global governance-maturity picture.

Finding 2

The human-error and runtime-control case

Approximately 59% of H1 2025 notifiable breaches came from malicious or criminal attack and around 37% from human error¹. The human-error share is the single most important number in this report for AI data governance, because human error is the failure mode that AI adoption multiplies and that runtime controls are built to intercept.

Generative-AI tools change the shape of human error. The same well-meaning employee who once emailed a spreadsheet to the wrong recipient can now paste a customer dataset into a public chatbot, or upload a patient record to an unsanctioned summariser. The OAIC data does not isolate AI-channel human error, and we do not claim it does; the point is structural. Around 37% of Australian notifiable breaches already trace to human error¹ before AI tools become ubiquitous in the workflow, and AI adds new, high-bandwidth ways for that error to leak sensitive data.

Why this is the runtime-control argument

Policy and training reduce intent-driven error but do not stop the accidental paste in the moment it happens. Runtime AI data controls - data-loss prevention at the AI-egress layer, redaction of sensitive content before it leaves the organisation, and enforcement of sanctioned-tooling - act at the point of failure rather than after it. For a breach population where approximately 37% of incidents are human error¹, the control that intercepts the error at runtime addresses the cause directly.

The cost side reinforces the case. The ASD reported that the average self-reported cost of cybercrime to Australian business rose approximately 50% to about AUD 80,850, with small business at around AUD 56,600, medium business at around AUD 97,200, and large business losses rising approximately 219% to about AUD 202,700². Every human-error breach a runtime control prevents is a cost avoided against a baseline that is climbing fast.

For where runtime enforcement sits in a broader governance programme, see the Areebi platform and the global maturity framing in the Areebi Index Q2 2026.

Finding 3

The responsible-AI execution gap

If breaches describe the problem, the Responsible AI Index describes how far Australian governance has to go to meet it. The National AI Centre and Fifth Quadrant Responsible AI Index 2025 found only approximately 12% of Australian organisations are "leading" on responsible AI - up around four points on the prior edition - with about 17% "emerging"³. The improvement is real, but the level is low: roughly nine in ten organisations are not yet leading.

~12%

"Leading" on responsible AI

Up approximately four points; about 17% "emerging"³

~12 of 38

Responsible-AI practices implemented

2024 edition average, survey of 413 decision-makers³

The depth of the gap shows in practice adoption. The 2024 edition of the Index found that Australian organisations implement on average only about 12 of 38 responsible-AI practices, from a survey of 413 Australian decision-makers³. Implementing under a third of the recognised practices is not a governance programme; it is a partial one. When that partial posture meets the breach landscape of Finding 1 and the human-error exposure of Finding 2, the result is an execution gap: adoption is running ahead of the controls, inventory, and accountability that should accompany it.

The execution gap is the reason a runtime control plane matters more in Australia than a policy library alone. Closing the distance between roughly 12 of 38 practices³ and a defensible posture is tractable with the right platform; see the Areebi platform and the broader Areebi Index Q2 2026 for the maturity model that frames the same gap globally.

Finding 4

What it means under Australian regulation

The breach landscape, the human-error exposure, and the responsible-AI execution gap all land into a tightening Australian regulatory calendar. Two deadlines matter most for regulated organisations governing AI data flows. For the full calendar of Australian AI obligations and commencement dates, see our Australian AI Regulation Tracker.

Privacy Act automated-decision transparency, 10 December 2026

The Privacy Act reforms introduce automated-decision-making (ADM) transparency obligations that commence on 10 December 2026, requiring organisations to disclose in their privacy policies where automated systems - including AI - are used to make decisions that significantly affect individuals. For sectors already carrying the breach exposure documented in Finding 1¹, ADM transparency adds a documentation and inventory burden that a partial responsible-AI posture³ is not yet equipped to meet. For the detail, see our Privacy Act ADM transparency brief.

APRA CPS 230 and CPS 234

For APRA-regulated entities, CPS 230 (Operational Risk Management) and CPS 234 (Information Security) impose obligations on operational resilience and information-security controls that extend to AI data flows and the third parties that handle them. With finance the second-most-breached sector in H1 2025¹ and the average cybercrime cost to business up approximately 50%², the CPS 230 and CPS 234 control expectations and the runtime-control case of Finding 2 point in the same direction. See our APRA CPS 230 for AI brief and the broader compliance library.

The synthesis

Read together, the three datasets make one argument. Australia's most-regulated sectors are both the most-breached¹ and the fastest AI adopters; human error remains a leading breach cause at around 37%¹; the cost of failure is rising sharply²; and only approximately 12% of organisations are leading on responsible AI³. The regulatory deadlines arriving in 2026 do not create this gap; they make closing it non-optional. The most direct lever is a runtime AI data-control layer that intercepts human error and enforces sanctioned tooling, paired with the inventory and accountability the responsible-AI practices describe.

For the global maturity framing of the same execution gap, see the companion Areebi Index Q2 2026, and for the platform built to close it, see the Areebi platform.

References and dataset

The following primary sources underpin the analysis. Each is publicly accessible at the URL listed. We have not modified any number from its original source; every statistic in this report traces to one of the three datasets below.

1. Office of the Australian Information Commissioner, Notifiable Data Breaches Report: January to June 2025. Source for the approximately 532 notifications (down around 10% on the previous half), approximately 59% malicious or criminal attack, approximately 37% human error, and most-affected sectors (health around 18%, finance around 14%, Australian Government around 13%). oaic.gov.au (Notifiable Data Breaches publications) and the statistics dashboard.
2. Australian Signals Directorate, Annual Cyber Threat Report 2024-25. Source for the over 84,700 cybercrime reports (about one every six minutes), over 1,200 cyber security incidents responded to (up approximately 11%), average self-reported cost of cybercrime to business up approximately 50% to about AUD 80,850, large business average loss up approximately 219% to about AUD 202,700, small business about AUD 56,600, and medium business about AUD 97,200. cyber.gov.au (Annual Cyber Threat Report 2024-25)
3. National AI Centre and Fifth Quadrant, Australian Responsible AI Index 2025(with the 2024 edition for the practice-adoption baseline). Source for the approximately 12% of organisations "leading" on responsible AI (up around four points), approximately 17% "emerging", and the 2024 finding that organisations implement on average only about 12 of 38 responsible-AI practices (survey of 413 Australian decision-makers). industry.gov.au (National AI Centre) and Fifth Quadrant report

Dataset

The key metrics visualised in this Index - notifiable-breach volume and cause split, most-affected sectors, the rising cybercrime cost to business, and responsible-AI maturity - are drawn directly from the three cited public datasets. A machine-readable JSON version of the consolidated metric set is planned for a future release alongside the next refresh of the underlying sources. The current release defines the metric set and attributes each figure inline.

How to cite this report & license

Citation

Recommended citation:

Areebi Research Team. The Australian AI Data-Governance Index 2026. Areebi, 2026. https://www.areebi.com/resources/research/australian-ai-data-governance-2026

License

This report is released under the Creative Commons Attribution 4.0 International (CC BY 4.0) licence. You may copy, redistribute, remix, transform, and build upon the report for any purpose, including commercially, with attribution to Areebi Research and a link back to this page. The underlying figures belong to their original publishers (the OAIC, the Australian Signals Directorate, and the National AI Centre and Fifth Quadrant); please cite them directly where you reuse the data. Researchers wanting the consolidated analysis can email research@areebi.com.

Free Download

Unlock the full Index and print it to PDF

Drop your email to unlock a print-optimised version of the full Australian AI Data-Governance Index 2026, then use your browser's Print dialogue to save it as a branded PDF for board materials, regulator briefings, or analyst notes. The report stays free to read on this page.

By unlocking the PDF, you agree to our Privacy Policy. The report itself remains free to read on this page without an email.

Close the execution gap

See how a runtime AI data-control layer intercepts human error and enforces sanctioned tooling, or read the companion global-maturity Index.

Explore the platform Read the Areebi Index Q2 2026