CANBERRA, AAP – Australia’s corporate cop has warned companies to heed cyber security warnings amid heightened global tensions.
The Australian Cyber Security Centre (ACSC) has urged all Australian organisations to boost cyber security, Australian Securities and Investments Commission Chair Joe Longo told a business summit on Thursday.
“We strongly encourage you to act on that advice and improve your cyber security resilience in light of the heightened threat environment,” he said.
He reminded companies at the Australian Institute of Company Directors (AICD) governance summit that they have an obligation to manage cyber risk and can face legal action over failures.
The corporate watchdog expects all boards, senior management, licensees and other regulated entities to pay heightened attention to their entity’s exposure and mitigate breaches.
Top Australian Brokers
- City Index - Aussie shares from $5 - Read our review
- Pepperstone - Trading education - Read our review
- IC Markets - Experienced and highly regulated - Read our review
- eToro - Social and copy trading platform - Read our review
An enhanced cyber security posture means reviewing and enhancing detection, mitigation, and response measures.
ASIC says entities should ensure that logging and detection systems in their environment are fully updated and functioning and increase monitoring of their networks.
Companies should also assess their preparedness to respond to any cyber security incidents, and should review incident response and business continuity plans.
Cyber governance and resilience failures were already on watchdog’s radar, as the “new frontier of market integrity”.
Proceedings have been brought by ASIC against RI Advice Group, alleging the company failed to have adequate policies, systems and resources to appropriately manage cyber risk
“We are not looking to prescribe technical standards or provide expert guidance on operational aspects of cyber security,” Mr Longo said.
“That is the role of Government and other agencies.”
But boards play a key role in recognising and managing risk, including cyber risk amid heightened global tensions, he said.
Other risks that will need to be assessed and managed by directors include the threat posed by the widespread use of open-source software and flexible working arrangements.