The ASX and the corporate regulator have launched a new initiative to improve the cyber security defences of Australia’s biggest companies, urging the exchange’s top 100 firms to have a Cyber Health Check.
The program forms part of the federal government’s cyber security strategy that was launched earlier this year and it has been developed alongside professional services firms KPMG, Deloitte, EY and PwC and CERT Australia and has been based on a similar initiative in the UK with the FTSE 350.
ASX group executive Amanda Harkness said the sharing of best practice approaches was critical to businesses.
“Increased awareness and engagement by directors of listed companies are important steps in building the cyber resilience of Australian businesses,” she said.
“The better informed boards become, the more effectively they can assess their cyber security risks and opportunities, identifying areas where improvement is required.”
The initiative comes as the government has introduced a bill to bring in the long-awaited mandatory data breach notification rules, which will mean companies that have been breached or have lost data will need to report the incident as well as notify customers that have been directly impacted.
If a company fails to do this, they will face fines of up to $1.8 million for organisations and $360,000 for individuals, but the laws only apply to companies turning over $3 million or more.
Ms Harkness said participation in the program would assure shareholders of the top 100 companies that cyber security was a board priority.
“We encourage Australia’s largest listed companies to play their part,” she said.
Participants in the health check program will respond to a series of multiple choice questions such as what risk factors apply to their company, if they have a clear understanding of their company’s data assets and key information, and if they receive high level intelligence from the chief information officer or head of security.
They will also be asked if the company engages external parties to perform penetration testing, if they use public cloud servers and how significant a risk cyber security is in their opinion.
Cyber security breaches have been estimated to cost local businesses $1 billion a year
Late last month the Australian Red Cross Blood Service was forced to apologise after the details of 550,000 blood donors was leaked online.
In August it was also revealed that Austrade and the Defence Department’s research division, the Defence Science Technology Group, had been attacked numerous times in the past five years by cyber criminals based in China.
By: Yolanda Redrup
Brisbane Hosting & Website Hosting’s products and services include Website Hosting, Domain Names, DNS Services, Website Development, Website Design, Website Revamps, Website Maintenance, Social Media Campaigns and more.