Despite more frequent cyberattacks since the beginning of the COVID-19 pandemic, firms in Australia have remained resilient against cyber threats, according to the latest Australian Securities and Investments Commission (ASIC) report.
In October 2021, specialty insurer Allianz Global Corporate & Specialty (AGCS) warned of a “digital pandemic” driven by ransomware, particularly a growing number of different attack patterns, criminal business model around “ransomware as a service” and cryptocurrencies, skyrocketing ransom demands, and rise of supply chain attacks. During the same month, the 2021 Thales Global Cloud Security Study found a rise in cyberattacks targeting cloud data.
However, ASIC’s latest Report 716: Cyber resilience of firms in Australia’s financial markets: 2020–21 (REP 716) claimed that firms operating in the Australian market have remained resilient against a rapidly changing cyber threat environment.
“The COVID-19 pandemic has increased opportunities for threat actors to target remote workers and access remote infrastructure and supply chains critical to the delivery of products and services. However, the response from firms has been robust,” said ASIC Commissioner Cathie Armour.
The report also found that:
Read more: ASIC offers insurance tips on handling claims in summer
Although the report found a small, but steady, improvement in the cyber resilience of firms operating in the Australian financial markets, it explained that the 1.4% increase fell far short of the 14.9% improvement targeted for the period.
Organisations identified supply chain risk management as their main priority in the future. Still, ASIC calls on all firms to consider applying the good practices identified in the report for managing these risks because failing to invest in supply chain risk management could lead to significant consumer harm that might warrant ASIC investigation and action. It also encourages all financial markets firms to consider and discuss the information in the report as they develop or enhance their cyber resilience frameworks.
ASIC has committed to further monitoring, assessing, and measuring firms’ improvements by: