ASIC targets cyber resilience with new report
Cyber resilience is now widely regarded as "one of the most significant concerns" for the financial services industry, according to a new report released by the Australian Securities and Investments Commission (ASIC).
The industry-wide report focuses on the cyber resilience of a sample of "important financial organisations" — including the Australian Securities Exchange (ASX) and Chi-X — and advocates for the enforcement of good practices in financial services institutions' management of their cyber-security obligations.
Given the central role that financial market infrastructure providers play in the Australian economy, ASIC commissioner, Cathie Amour, said that the cyber resilience of Australia's "regulated population" is a key focus moving forward.
"Because of the dynamic nature of the cyber threat landscape, a comprehensive and long-term commitment to cyber resilience is essential to assist all organisations and the Australian economy to manage this threat," Amour said.
ASIC's latest report includes aggregated data from self-assessments undertaken by organisations in the financial services sector, providing a snapshot of their current state of cyber resilience.
The report found that to date both ASX and Chi-X have met their statutory obligations to have "sufficient resources" for the management of cyber resilience, however ASIC argued that a "consistent industry-wide" approach to address developing cyber threats and improve overall practices.
Key recommendations from the report include:
- Recognition from the wider financial services sector of the growing threat to cyber security and the need to refine systems and processes to prevent and address critical issues;
- Greater focus on comprehensive and ongoing board engagement and responsive government practices that are clearly aligned with an organisation's wider strategy;
- Senior management executives in financial services organisations to closely manage cyber risk from both internal and third-party sources, establish robust collaboration and information-sharing networks to access the best defensive intelligence and technology; and
- The widespread organisational implementation of thorough cyber awareness training programs.
Recommended for you
Government has introduced a bill to Parliament to legislate the first stream of the QAR reforms.
ASIC now has a 1:1 ratio when it comes to court success in the enforcement of crypto activities and more action is expected as Treasury seeks to introduce a regulatory framework.
A leading governance body has hit out at “specialist interest groups proposing ad hoc law reform” when it comes to reforms of financial services legislation and believes an independent body is needed.
The release of ALRC’s final report into financial services legislation has highlighted financial advice as a “significant” focus as it seeks to reduce costs and help advisers understand their obligations, alongside the Quality of Advice Review.
