A recent survey by the Australian Securities and Investments Commission (
ASIC) has revealed an increasing awareness of cyber risks, though there is still some work to do.
ASIC's report involved self-assessments of more than 100 firms. It found that large organisations are better at managing risks than small- and medium- enterprises (SMEs) – some of which are just starting to develop their cyber resilience.
In a statement, ASIC explained that access to highly specialised skills and resources and the period of time cyber security has been an investment priority account for the disparity between large firms and SMEs.
“Cyber resilience is now widely regarded as one of the most significant concerns for the financial-markets sector and the economy at large,” said ASIC Commissioner Cathie Armour. “Given the central role financial markets firms play in our economy, the cyber resilience of our regulated population is a key focus for ASIC. While our report shows greater engagement by firms on the issue, there is disparity between firms and insufficient investment in cyber resilience measures.”
Armour reiterated that cyber resilience is “not just an IT issue, but one that requires a whole-of-organisation response.”
“The dynamic nature of cyber threats requires a comprehensive and long-term commitment to cyber resilience by all organisations operating in the Australian economy,” she said.
The regulator is urging all financial-markets firms to consider the report findings as they develop or enhance their cyber-resilience frameworks.
Access the report
here.
Related stories:
Kaplan launches cyber education library
Survey reveals top cyber concerns