The State of Startup
Cybersecurity
:2026
A founder-level view of cyber risk from Australia's fastest-growing tech companies.
An honest read of how Australia's startups and scale-ups actually think about and manage cyber risk. Built from conversations with founders and operators at all stages of growth.
It exists because most reports focus on enterprise cybersecurity but startups can't approach cyber the way enterprises do. We want to uncover the reality of building a secure startup: the challenges, success stories, and lessons learned.
No sponsors, no vendor logos, no paid placements, no ads, no marketing funnel.
By contributing to this research, you not only get a chance to validate your approach. You also get access to insights from your peers.
Get a personalised ranking against your peers before the report is released.
Get a behind-the-curtain view of how other founders are handling cyber risk.
Learn what is working for other founders at your stage.
Get ahead with AI-specific security insights from our team.
Founder or Operator?
I'm speaking with founders and operators to create this report. If you want to contribute a view, get in touch.
Part of the ecosystem?
Follow along as we dig into the state of cybersecurity in Aussie startups and be the first to receive the report when it's released. Estimated delivery June 2026.
BRACE CYBER is a Melbourne-based attacker-led cyber advisory for startups and scale-ups. We find gaps in your security before attackers do through app pentesting, AI red-teaming, and social engineering simulations. This report is intended to supplement that work to better understand the constraints and levers for building a secure startup.