Powered by MOMENTUM MEDIA
cyber daily logo
Breaking news and updates daily. Subscribe to our Newsletter

Improving cyber risk management a key part of APRA’s 2024–25 Corporate Plan

Australia’s financial services regulator has outlined its priorities for the coming four years, and cyber security and risk management are top of mind.

user icon David Hollingworth
Wed, 28 Aug 2024
Improving cyber risk management a key part of APRA’s 2024–25 Corporate Plan
expand image

The Australian Prudential Regulation Authority (APRA) has released its 2024–25 Corporate Plan, which lays out the regulator’s priorities for keeping the banking and financial sector stable and strong over the next four years.

While many of the goals speak to strengthening the sector’s key challenges, such as boosting capital, securing superannuation, and educating financial institutions about the intersection of climate risk and decision making, cyber security and data analysis are key planks.

APRA currently considers the industry to be under “increased risk of cyber attacks” from both highly organised threat actors and opportunistic actors alike. At the same time, community expectations around data privacy and security are rising – people want banks to do more to protect their data.

============
============

With that in mind, APRA aims to improve cyber risk management practices across the sector in order to reduce cyber attacks and reduce the impact of those that do occur. APRA also wants financial institutions to partner with peer agencies on a “whole-of-government approach to minimise cyber risk”.

APRA will require stress testing of industry preparedness for cyber attacks and that entities act on the findings of independent reviews on information security. APRA will also release “industry letters” on a range of cyber topics, from backup management to security configurations, for the sector to follow.

“At a time of considerable geopolitical volatility and with an uncertain economic outlook, it’s vital that banks, insurers and superannuation trustees are prepared for whatever potential challenges could arise,” APRA chair John Lonsdale said in a statement.

“Over the coming four years, APRA will step up its focus on operational and cyber resilience to ensure our regulated entities are equipped to maintain critical financial services in a world that is becoming more interconnected and dependent on digital technologies. We will delve more deeply into that interconnection by examining the links between banking and superannuation and the possible contagion risks that arise from that relationship.”

David Hollingworth

David Hollingworth

David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.

newsletter
cyber daily subscribe
Be the first to hear the latest developments in the cyber industry.