APRA has released the final version of its prudential standard aimed at combating the threat of cyber attacks.
The new standards developed by the Australian Prudential Regulation Authority will shore up regulated entities’ resilience against information security incidents including cyber attacks.
The standards, referred to as CPS 234 also enables entities to respond swiftly and effectively in the event of a security breach.
The standards require entities to clearly define information-security roles, maintain an information security capability, implement and test controls to protect assets and notify APRA of any incidents.
APRA released a discussion paper in March about the standards and the finalised standards include several amendments made after consultation with the industry around requirements of third parties and notification timelines.
APRA executive board member Geoff Summerhayes said that Australian financial services companies were increasingly under attack from cyber adversaries.
“A significant information security breach at an APRA-regulated entity is almost certainly a question of when – not if. In a worst-case scenario, a major breach could even force a company out of business. As a result, APRA is fast-tracking implementation of this standard, and expects all regulated entities to meet its requirements by 1 July next year,” he said.
Mr Summerhayes said the introduction of the new standards would ensure all entities were able to keep hold of the data and stop any threats.
“By introducing CPS 234, APRA aims to ensure all regulated entities develop and maintain information security capabilities that reflect the importance of the data they hold, and the significance of the threats they face.”
A longer-term rethink of the merits behind the Commonwealth Bank’s demerger of its wealth management business could see it retained under ...
Macquarie Group is well placed for growth in its wealth management, according to Morgan Stanley, which expects the bank’s gross infl...
Westpac has made changes to its wealth management and leadership, with it expecting to save around $73 million. ...