Website Notifications

Get notifications in real-time for staying up to date with content that matters to you.

Financial cyber resilience improving: ASIC

asic ta  asic ta
reporter 4 minute read

Australian firms are more cyber resilient than ever, according to a report from ASIC.

In 2017, ASIC surveyed the cyber resilience of firms operating in Australia’s financial markets, with participants providing answers to the National Institute of Standards in Technology (NIST) Cybersecurity Framework.

While awareness and management of cyber security risks were improving, there was still room for improvements.

But in 2019, Australian financial firms are now more cyber resilient than ever. 

Firms assigned themselves ratings from “partial” (“policies and procedures are not formalised, responses are reactive”) to “adaptive” (“policies and procedures evolve in response to changes in cyber security threats”). 


Large firms showed steady improvement from the last time the survey was conducted, with substantial progress in the areas of staff awareness and training. 

“The two areas that showed the most improvement (16 per cent improvement on cycle 1) include awareness and training programs (77 per cent ‘repeatable’ or ‘adaptive’) and user access management (91 per cent ‘repeatable’ or ‘adaptive’),” the report read.

“However, given the importance of employees as a line of defence against cyber security events, there is still room for improvement in user awareness and training.”

However, there were some pitfalls. 

“Due to the complexity of large firms and the breadth of services they offer, asset management (20 per cent ‘partial’ or ‘risk informed’) and supply chain risk management (22 per cent ‘partial’ or ‘risk informed’) have been identified as areas of improvement,” the report stated. 


But the cyber resilience of Australian firms has still increased 15 per cent between the first and second surveys. 

“Organisations are alert to cyber security threats to their business and have focused their resources and efforts on improving their cyber security governance, risk management, and response and recovery capabilities,” the report read.

[Related: ASIC approves banking code changes]

Financial cyber resilience improving: ASIC
asic ta
TheAdviser logo

asic ta


more from the adviser
Alex Brgudac Prospa head of partnerships sets up consultancy business

Alex Brgudac, the head of partnerships at SME lender Prospa, is t...

mortgage payments money FBAA flags home ownership scheme risks

The association has warned brokers about the risks of home owners...

Karlee Butcher Former Westpac banking manager joins AFG

AFG has welcomed a former Westpac business banking manager to its...