The ASX released the results of its ASX 100 Cyber Health Check Report, a voluntary survey of Australia’s largest companies about their readiness to deal with cyber attackers.
The report, which received responses from 76 of the largest Australian companies, found that 80 per cent of company directors expect cyber risk to increase in the short term.
Thirty-two per cent of ASX 100 directors surveyed said they assess their cyber security policy annually, and 45 per cent of directors said they are “very confident/confident in their organisation’s ability to detect, respond and manage a cyber intrusion”.
Three-quarters of directors have considered how they would notify customers/clients in the event of a data breach, now a legal obligation following the recent passage of the Privacy Amendment (Notifiable Data Breaches) Act 2017.
But there is still more to be done on the cyber risk front, with only 11 per cent of respondents saying they have a clear understanding of how their company’s key information or data assets are shared with third parties.
A majority (80 per cent) of ASX 100 directors surveyed said they believe they are doing enough to protect themselves against cyber threats, but admit they need to do more.
In his foreword to the report, Prime Minister Malcolm Turnbull said the study “shows that governance and management of cyber risk are being taken seriously in the boardrooms of Australia’s largest listed companies.”
“Prevention and mitigation of cyber threats can only be effective through increased awareness and understanding,” Mr Turnbull said.