• / Blog
  • / ASIC to Target Boards and Execs for Cyber Failures

ASIC to Target Boards and Execs for Cyber Failures

  • Adroit Insurance and Risk
  • October 16, 2023

The Government stated that the hacks of telco giant Optus and health insurer Medibank last year were a wake-up call, and that cyber security was critical to Australia, the economy, government and people.

ASIC, the companies regulator, will be looking to make an example of board directors and executives who are recklessly ill-prepared for cyberattacks by taking legal action against compromised companies that did not take sufficient steps to protect their customers and infrastructure from hackers.

Preparedness must not just be aimed at cyber security; it must also involve resilience, meaning the ability to respond and weather a significant cybersecurity incident, which is increasing.

The Home Affairs Minister will also look to take action against Software developers and IT Companies to be held responsible for selling Cyber Insecure products.

Home Affairs Minister Clare O’Neil outlines her aspiration to stop companies selling products they know to be cyber insecure, one of six planks in a platform that will form the bedrock of the government’s Cybersecurity Strategy. Latitude Financials’ hugely damaging data breach in March originated through an external provider, similar to the Crown Resorts cyber breach.

Cyber insurance

This type of insurance has been developed to assist management in responding to cyber-attacks and managing the financial impact.

It’s important to note that standard, Business Packages, ISR, Public & Product Liability or Management Liability insurance policies have very limited cover or do not cover cyber-related losses. So, Cyber insurance is a key part of how you manage and respond to cyber incidents and attacks.

Cyber insurance is usually sold in a package and you can choose a number of sections, for example:

Incident response – specialists to identify the issue and repair;

  • Lost income and additional costs related to the incident;
  • Data recovery and restoration;
  • Consumer notification costs and ongoing monitoring costs;
  • Legal defence costs;
  • Cyber extortion management and fees;
  • Crisis and PR management of the incident; and
  • Management of communications with regulators

Latest Free Resources to help your Family and Business stay Cyber Secure

There are lots of resources available to assist in minimising the likelihood of a successful attack, including Australian Cyber Security Centre.

ACSC has refreshed the free Small Business Cyber Security Guide and released an accompanying video and checklist on cyber security for small businesses, to help you protect against common cyber security threats, such as phishing attacks, business email compromise, malware and ransomware.

Updated Guide & video include:

  1. Securing your accounts;
  2. Protecting your devices and information, and
  3. Preparing your staff to avoid and reduce the impact of cyber-crime

Updated Learning Resources include:

  1. Information to keep your small business secure from common cyber threats;
  2. A new Cyber Security Tips for Small Business video
  3. Cyber security checklist for small business. After completing the checklist, we recommend small businesses implement Maturity Level One of the Essential Eight.
  4. Read the refreshed Small Business Cyber Security Guide
  5. Test your business’s emergency plan with the ACSC’s Exercise in a Box.

Talk to your insurance professional, who can also discuss the use of Cyber insurance to manage the incident, assist in restoration and reduce the financial impact on the business.

The views expressed in this publication are solely those of the author; they are not reflective or indicative of M3’s position and are not to be attributed to M3. They cannot be reproduced in any form without the express written consent of the author.

Leave a Reply

Your email address will not be published. Required fields are marked *