Financial markets resilient to cyber threats
The resiliency of financial markets from cyber threats has continued to improve despite the increase of vulnerabilities due to remote work because of the COVID-19 pandemic, however, it still falls short of necessary targets.
The Australian Securities and Investments Commission (ASIC) released ‘Report 716 Cyber resilience of firms in Australia’s financial markets: 2020–21’ which updated on organisations’ cyber resilience – the first report since the start of the pandemic.
Participants were asked to self-assess their firm’s resilience against the National Institute of Standards in Technology (NIST) Cybersecurity Framework.
ASIC found the small improvement was an increase of 1.4%, which fell short of the 14.9% improvement targeted for the period, which had been surpassed in previous assessment periods.
The shortfall was attributed to overly ambitious targets, and the escalation in the cyber threat environment and disruptions caused by COVID-19.
“Results indicated that, while management of cybersecurity risk was steadily improving overall, there was still opportunity for improvement across the entire sector,” the report said.
“The COVID-19 pandemic had a detrimental impact on planned improvements and investment was reprioritised to mitigate other emerging cyber risks.”
Cathie Armour, ASIC commissioner, said firms that operated in Australia’s markets continued to be resilient against a rapidly changing cyber threat environment and the response from the firms was “robust”.
“The COVID-19 pandemic has increased opportunities for threat actors to target remote workers, and access remote infrastructure and supply chains critical to the delivery of products and services,” Armour said.
AUTHOR
Chris Dastoor
Recommended for you
Financial Services Minister Stephen Jones has shared further details on the second tranche of the Delivering Better Financial Outcomes reforms including modernising best interests duty and reforming Statements of Advice.
The Federal Court has found a company director guilty of operating unregistered managed investment schemes and carrying on a financial services business without holding an AFSL.
The Governance Institute has said ASIC’s governance arrangements are no longer “fit for purpose” in a time when financial markets are quickly innovating and cyber crime becomes a threat.
Compliance professionals working in financial services are facing burnout risk as higher workloads, coupled with the ever-changing regulation, place notable strain on staff.
