ASIC to prioritise cyber resilience

ASIC to prioritise cyber resilience

ASIC to prioritise cyber resilience As cyber-attacks are becoming an ever-increasing risk for businesses, the Australian Securities and Investments Commission (ASIC) has identified cyber resilience as a key priority for ensuring that Australia’s financial markets are fair, orderly, transparent, and efficient.

“With the risk and sophistication of cyber-attacks growing faster than the traditional firewall and antivirus technology can keep up, organisations need strategies to prevent, detect cyber risks,” said ASIC Chairman Greg Medcraft during the Annual Stockbrokers Conference held last week.

“We acknowledge that complete cyber-security can never be achieved, but a comprehensive and long-term commitment to cyber resilience is essential to retain investor and financial consumer trust and confidence,” said Medcraft.

The ASIC chairman also revealed that they have established a markets cyber risk taskforce which will be collaborating with stakeholders, local and international peer regulators, and the government in implementing its recently launched cyber strategy.   

ASIC released a report in March this year, entitled Cyber Resilience Assessment Report, which sets out several good practices for cyber resilience, and identifies key questions that directors and board members should seek to ask their executives.

The independent Australian government body recognises cyber risk as a key threat in their strategic policies, and aims to assist their regulated population in improving cyber resilience. In March 2015, ASIC published Cyber Resilience Health Check which cites measures on how to improve cyber resilience by:
  • Increasing awareness of the risks;
  • Encouraging collaboration between industry and the government;
  • Providing health check prompts to help businesses consider their cyber resilience, and
  • Identifying how to address cyber risks in the regulatory context, including considering board oversight of cyber risks.