There has never been more consumer or media attention on cyber security in Australian history than there is right now.
Following recent high-profile data breaches, the government and other regulatory agencies have put Australian businesses on notice to take cyber security more seriously. Companies need to demonstrate that they have taken all reasonable steps in the circumstances to ensure that the people, processes, and technologies they employ to protect the security of information are robust and fit for purpose.
In addition to brand and reputational damage, companies face potential fines and prosecution for non-compliance. It has never been more critical to ensure you have robust systems and controls in place to manage your organisation’s cyber security risks. Only by doing so can you minimise the risk of breaching ASIC’s regulations, incurring significant fines and facing possible prosecution.
ASIC's cracking down on cyber failures: what does this mean for you?
ASIC’s commitment to enforcement was recently demonstrated in their prosecution of RI Advice, where ASIC sought legal action against them for cyber security non-compliance.
ASIC were successful in their prosecution, describing the Federal Court finding as an “Australian first”, with RI Advice ordered to pay $750,000 towards the regulator’s costs after both parties agreed to resolve the proceedings. This cost pales in comparison to the costs associated with the fallout for RI Advice’s relating to tarnished brand reputation, client attrition (and potential private prosecutions) and attrition following the lengthy trial.
Australian businesses must educate themselves on the significant differences between IT security and cyber security, whilst reducing their overconfidence in basic IT security solutions. ASIC stated, “managing cyber security risks falls within the realm of general directors’ duties. Directors can no longer take their cyber security responsibilities lightly. Without appropriate controls and mechanisms firmly in place, the likelihood of a cyber incident is almost inevitable, thereby exposing them personally to legal liability.”
Click here to understand what this means for CEOs and directors, together with what steps you can take to mitigate your risk, protect brand reputation and ensure regulatory compliance.
Contact Cyber Audit Team today for a confidential, obligation-free discussion on enhancing your company’s cyber security posture.
Book your confidential discussion:
To book an obligation free consultation, you can book a meeting directly with a member of our Leadership Team for a time that suits you or simply phone us on 1300 077 022. Alternatively, complete the form below and one of our cyber security specialists will get back to you promptly.