Cyber security is fundamentally important for all organisations and cyber attacks are a major risk for its regulated population.
ASIC (Australian Securities and Investments Commission) is Australia’s corporate, markets and financial services regulator and ensures that Australia has a sound financial market.
ASIC has stated that cyber security is fundamentally important for all organisations and cyber-attacks are a major risk for its regulated population. This is demonstrated by research that shows that over 60% of customers would stop using a company’s products or services if a cyber-attack resulted in a known security breach.
ASIC has produced Report 429 to assist organisations with improving their cyber resilience. The report draws on the lessons learned in the Australian market and from other information security standards such as the NIST Cybersecurity Framework.
Report 429 contains 26 “Health Check Prompts” that every organisation should ask itself to assess its level of cyber resilience. Some examples of health check prompts are:
Organisations also need to consider implementing the 14 action points to ensure they are prepared for cyber threats and can respond appropriately if an incident occurs. Example action points are:
Security Centric has consultants that help your organisation address the issues described in Report 429 and assist with gaining compliance with other information security frameworks including ISO27k, PCI DSS, ASD’s Information Security Manual and the Privacy Act.