Finder makes money from featured partners, but editorial opinions are our own.

Financial regulator wants stronger cyber security for the industry

shutterstock fingerprint security crypto 450x250

Australians are at risk as cyber criminals become savvier and bolder.

The Australian Prudential Regulation Authority (APRA) recently developed its first cyber-security standard, which would require APRA-regulated financial service providers to shore up their systems.

The new set of measures is titled Information Security Management and is designed to help regulated entities avoid data breaches and respond more swiftly when breaches do occur.

Specifically, the measures would require institutions to clearly define the security-related roles and responsibilities of key business stakeholders, maintain a level of security on par with the size of their risk, conduct regular testing to ensure their security is up-to-date, develop timely ways to respond to threats and notify APRA about any security incidents.

According to APRA executive board member Geoff Summerhayes, none of Australia’s regulated entities have yet to experience a significant cyber attack, but that it will happen eventually.

"Cyber security is generally well-handled across the financial sector, but with criminals constantly refining and expanding their tools and capabilities, complacency is not an option. Australian financial institutions are among the top targets of cyber criminals seeking money or customer data, and the threat is accelerating," Summerhayes said in a statement.

In May 2017, the United States experienced one of the largest financial data breaches in history when cyber criminals gained access to sensitive financial data from credit reporting agency Equifax. It affected 147 million people.

APRA doesn’t want that happening to Australians.

"Implementing legally binding minimum standards on information security is aimed at increasing the safety of the data Australians entrust to their financial institutions and enhance overall system stability," Summerhayes said.

APRA plans to finalise the standard by the end of the year and is taking submissions on the new standard until 7 June.

Business insurance feed

Picture: Shutterstock

Ask a Question

You are about to post a question on

  • Do not enter personal information (eg. surname, phone number, bank details) as your question will be made public
  • is a financial comparison and information service, not a bank or product provider
  • We cannot provide you with personal advice or recommendations
  • Your answer might already be waiting – check previous questions below to see if yours has already been asked

Finder only provides general advice and factual information, so consider your own circumstances, or seek advice before you decide to act on our content. By submitting a question, you're accepting our 1. Terms Of Service and 6. Finder Group Privacy & Cookies Policy.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Go to site