ASIC sets sights on cyber resilience with new report

Cyber resilience is "one of the most significant concerns" for the financial services industry, according to a new report released by ASIC.

Cyber resilience is now widely regarded as "one of the most significant concerns" for the financial services industry, according to a new report released by the Australian Securities and Investments Commission (ASIC).

The industry-wide report focuses on the cyber resilience of a sample of "important financial organisations" — including the Australian Securities Exchange (ASX) and Chi-X — and advocates for the enforcement of good practices in financial services institutions' management of their cyber-security obligations.

Given the central role that financial market infrastructure providers play in the Australian economy, ASIC commissioner, Cathie Amour, said that the cyber resilience of Australia's "regulated population" is a key focus moving forward.

"Because of the dynamic nature of the cyber threat landscape, a comprehensive and long-term commitment to cyber resilience is essential to assist all organisations and the Australian economy to manage this threat," Amour said.

ASIC's latest report includes aggregated data from self-assessments undertaken by organisations in the financial services sector, providing a snapshot of their current state of cyber resilience.

The report found that to date both ASX and Chi-X have met their statutory obligations to have "sufficient resources" for the management of cyber resilience, however ASIC argued that a "consistent industry-wide" approach to address developing cyber threats and improve overall practices.

Key recommendations from the report include:

  • Recognition from the wider financial services sector of the growing threat to cyber security and the need to refine systems and processes to prevent and address critical issues;
  • Greater focus on comprehensive and ongoing board engagement and responsive government practices that are clearly aligned with an organisation's wider strategy;
  • Senior management executives in financial services organisations to closely manage cyber risk from both internal and third-party sources, establish robust collaboration and information-sharing networks to access the best defensive intelligence and technology; and
  • The widespread organisational implementation of thorough cyber awareness training programs.

Related Stories

CISCO and Flinders University launch cybercrime degree
Cisco Academy’s new online program will allow students to comprehend the role networked systems... Read More
Australia inks fintech cooperation deal with Dubai
The DFSA-ASIC pact marks the ninth fintech referral agreement secured by the Australian regulator... Read More
ASIC inks fintech cooperation deal with Switzerland
Under the agreement, ASIC and FINMA will exchange fintech-relevant information on regulatory and... Read More
Trans-Tasman regulators strengthen bilateral commitment to fintech
The commitment bolsters an existing Memorandum of Understanding (MOU) signed between the regulators... Read More