New research from Semperis reveals a troubling pattern: 52% of ransomware attacks in ANZ hit during weekends and holidays, while 81% follow major corporate events like mergers, acquisitions, or layoffs.

The kicker? 85% of organisations reduce their IT security staffing by at least half during these periods - and 35% cut coverage entirely because they didn't think they were a big enough target to attack.

Former PM Malcolm Turnbull puts it plainly: "Cyber resilience is not the sole responsibility of IT - it's a collective obligation across the entire organisation."

The entry point in nearly every major attack? Compromised usernames and passwords. Strengthening identity systems like Active Directory and Entra ID is now critical defence, not optional practice.

Key takeaway: Attackers exploit predictable gaps in staffing. If your security posture drops on weekends, holidays or during corporate disruption, you're giving them an open door, and they will take it, no matter the size of your organisation.

If you are concerned about your organisation's cybersecurity this holiday season, or you would just like a security check-up to find out if there are any areas that need improvement, get in touch with us today for a complementary security health check.

If you would like more information, the full 2025 holiday ransomware risk report is available here: Ransomware Risk Report