The Australian Cyber Security Centre (ACSC) has alerted Australian organisations to “act now and improve” their cybersecurity resilience in light of the heightened threat environment.
“As a matter of priority, all ASIC-regulated entities should adopt an enhanced cybersecurity posture,” ACSC said. “This should include reviewing and enhancing detection, mitigation, and response measures. Entities should ensure that logging and detection systems in their environment are fully updated and functioning and apply additional monitoring of their networks where required. Entities should also assess their preparedness to respond to any cybersecurity incidents, and should review incident response and business continuity plans.”
Amidst this serious situation, ASIC said it expects all boards, senior management, licensees, and other regulated entities to pay heightened attention to their entity’s exposure to the environment and progress on timely mitigation.
ASIC said regulated entities should also consider where they have an obligation to report breaches to the regulator or other government agencies, including ACSC and the Office of the Australian Information Commissioner, and when disclosure to the market or in financial reports may be necessary.