2 Link To White Paper
Podcast: A recap on the Hackett Group’s Key Issues Study Future Made in Australia Office confirmed for PASA’s Canberra Big Breakfast event Procurement Professionals Switching Companies are Seeing 10-25% Salary Increases – Pragma Resourcing SA Government introduces “no brainer” changes to local procurement Podcast: Macro-economic trends, automation, and innovative procurement Procure To Pay or Source To Pay? UK supermarket chief accuses food suppliers of raising prices unnecessarily Supply chain expertise is in short supply across organisations, according to new UK report Brisbane 2032 searches for Director of Procurement to help deliver the largest sporting event in Queensland history Gartner survey identifies robust anti-fragile supply chains as enabler for growth Last chance for FREE webinar on Conquering the Travel Category Art of Procurement releases free whitepaper on Increasing Services Procurement Efficiency

ASIC chairman warns of ‘alarming’ gaps in cyber security including key supply chain risks

Cyber Security

Australian Securities and Investments Commission (ASIC) chairman Joe Longo has called on Australian businesses to fix “alarming” cybersecurity gaps, following a new report from ASIC which revealed a reactive rather than proactive approach, failures to protect confidential data and manage supply chain risks.

The report follows the recent Cyber Pulse Survey, which was developed to better understand the cyber maturity of regulated organisations in an ongoing heightened threat environment, exposing gaps in cyber security risk management of critical cyber capabilities.

The top cyber security threats were identified as phishing (26%) followed by ransomware (17%) and business email compromise (13%).

Overall, the report discovered that organisations are doing well in identity and access management, governance and risk management, and information asset management.

Of the 697 voluntary respondents, medium and large organisations consistently self-reported more mature cyber capabilities than small organisations, who are falling behind in supply chain risk management, data security and consequence management. 

These make up the top four areas for improvement alongside adoption of cyber security standards.

The survey also discovered that 44% do not manage third-party or supply chain risk, 58% have limited or no capability to protect confidential information adequately, 33% do not have a cyber incident response plan, and 20% have not adopted a cyber security standard.

Longo said: “For all organisations, cybersecurity and cyber resilience must be a top priority. 

“ASIC expects this to include oversight of cybersecurity risk throughout the organisation’s supply chain – it was alarming that 44% of participants are not managing third-party or supply chain risks.” 

He added: “There is a need to go beyond security alone and build up resilience, meaning the ability to respond to and recover from an incident. It’s not enough to have plans in place. They must be tested regularly alongside ongoing reassessment of cybersecurity risks.

“An effective cybersecurity strategy, and governance and risk framework, should help identify, manage and mitigate cyber risks to a level that is within the risk tolerance of senior leadership and boards.”

To hear more about the greatest area of cybersecurity weakness on the supply side, register now for ProcureTECH’ 24 on 20-21 March 2024 which will address identity and access rights management.

Share

Enable Pasa Ad 300x250

A leading provider of content and events to procurement and supply practitioners throughout Australia and New Zealand.

Linkedin Youtube Twitter

© PASA 2023 All Rights Reserved

Navigation

Get in Touch

Contact Us
Scroll to Top

Contact Us