ASIC has this week released a cyber risk and resilience guide to arm business owners with the vital information they require to combat cyber threats.
In recent times, we have seen a slate of cyber attacks target businesses and it seems that regardless of size, no one is safe.
Only a couple of months ago, hackers were able to compromise the internal systems of approximately 100 banks in 30 countries to steal an estimated $1 billion.
The ASIC Cyber Resilience: Health Check Report
As the risk of falling victim to a cyber attack becomes more likely, ASIC have developed a major report highlighting the importance of cyber resilience to ASIC’s regulated population, as well as Australian businesses as a whole.
According to ASIC the purpose of the report is to ‘help our regulated population improve their cyber resilience by increasing their awareness of cyber risks, encouraging collaboration between industry and government, and identifying opportunities for them to improve their cyber resilience’.
Furthermore, the report explores the way in which cyber risks should be addressed under the current legal and compliance obligations imposed by ASIC for their regulated population.
Whilst the report focuses primarily on the financial sector, the information provided within the report is extremely insightful and valuable for businesses across all industries.
What is Cyber Resilience?
According to the report, cyber resilience can be defined as ‘the ability to prepare for, respond to and recover from a cyber attack’.
In an age where an overwhelming majority of businesses conduct their activities online, the requirement for a cyber security strategy has become an absolute necessity as the risk of being targeted increases.
With that in mind, businesses are now encouraged to adopt a more resilience focused approach to cyber security which includes not only implementing strategies to prevent and recover from a cyber attack, but the ability to also continue to adapt and operate in the event of an attack – and learn from an incident should it occur.
Health Check Prompts
As a part of the report, ASIC has outlined a list of Health Check Prompts developed to ‘highlight issues to consider as part of general governance practices, and the specific ways you can identify, protect against, detect, respond to, and recover from, cyber risks’.
The prompts involve a number of questions which should assist businesses in identifying ‘action points’ to improve their cyber resilience.
As well as detailing prompts to help better protect your business, the report also provides a great deal of education including the current cyber security landscape, the types of risks and vulnerabilities you should be familiar with and the ways in which you can reduce your exposure to cyber threats.
Importantly, the report also discusses the role of cyber insurance as a part of your overall risk management strategy. In some instances, common business insurances may not provide coverage for a cyber attack which can be extremely costly.
If you are a business owner, it is well worth spending some time reading the Cyber Resilience report as it will assist you in identifying the ways in which you can improve your cyber resilience and avoid a cyber attack potentially destroying your business.
Find out more about Cyber Liability Insurance.