ASIC Calls for Prioritisation of Cybersecurity among Company Boards

December 1, 2023

Directors should be aware of and prepared for cybersecurity threats

Australian Securities and Investments Commission (ASIC) Chair Joe Longo delivered a recent address at the Australian Financial Review Cyber Summit warning directors to prioritise cyber security or face potential enforcement action.

Failure to prepare for and mitigate against cyber threats exposes a company to a foreseeable risk of harm, resulting in directors potentially breaching their duty of exercising reasonable care and diligence. ASIC has emphasised that companies must take an “active” approach when managing cyber threats, particularly threats created through engagement with third parties, and ASIC are prepared to take action against companies and directors who fail to or are inadequately prepared for cyber-attacks.

The changing landscape of cyber security threats

Projections from Cybersecurity Ventures reveal a concerning trend—an expected 15 percent annual increase in damages resulting from cyber-crime, which is projected to reach an alarming US$10.5 trillion by 2025. In his address, Mr Longo stated that 62 percent of businesses have already experienced incidents impacting their security resilience.

How to reduce cybersecurity threats

There are a number of steps companies can take to reduce the risk and impact of cyber-attacks, including:

  • Third-party risk management: Companies should ensure that third-parties are vetted and monitored to ensure their cybersecurity policies are up to standard.
  • Incident Response Plan: Companies should develop a comprehensive incident response plan to reduce the potential impact of cyber-attacks and test this regularly.
  • Regular Cyber Security Audits: Companies should engage in routine cybersecurity audits to identify and address vulnerabilities.
  • Employee Training: Companies should conduct regular cybersecurity awareness training for all employees, including phishing awareness and data handling courses, as well as implementing social media guidelines and emphasising the importance of keeping devices up to date.

This article includes general information only and is not specific to your situation.

If you require assistance in relation to anything contained within this article, please contact us.

Return To All Posts

James Groom

Founder & Director

View Bio

Related Knowledge and Insights

Consider the context before terminating for repudiation

Knowledge

Consider the context before terminating for repudiation

The Victorian Supreme Court has recently highlighted some key issues related to repudiation of contract, by refusing to find that a party had repudiated its contract despite admissions that it was ‘in the process of winding down’, ‘unable to continue operating’ and ‘[would] not be in a position to settle’.

3/12/2024

Read More →
Decarbonisation of the Nation

Knowledge

Decarbonisation of the Nation

What are the practical steps being taken towards net-zero in Australia?

16/5/2024

Read More →
Upcoming changes to Competition Law

Knowledge

Upcoming changes to Competition Law

The ACCC will soon have the power to review a broader range of transactions

18/4/2024

Read More →

Get in Touch

How can our team assist you?

Contact Us