Australia’s wealth management market has some "concerning gaps" in its cybersecurity, revealed a report by the Australian Securities and Investments Commission (ASIC).
The report’s publication was also marked by a warning from ASIC chair Joe Longo that the regulator intends to adopt a stricter approach to cyber breaches, especially for firms that may have neglected their cybersecurity obligations.
The ‘Spotlight on Cyber’ report found that 29% of respondents failed to encrypt confidential information, while a similar number of firms lacked controls to prevent unauthorised information transmission.
Unsurprisingly, the gaps in cybersecurity were more prevalent among smaller firms. According to the survey, more than a third (34%) do not adhere to any cybersecurity standard, while 44% do not conduct adequate cybersecurity risk assessments on the third-party vendors they use.
The report added that more than two-thirds (69%) have minimal or no capabilities in managing risks associated with the supply chain. In contrast, more than half do not test their cybersecurity incident responses with third parties.
The report surveyed nearly 700 entities, including 64 fund managers,12 superannuation funds and 120 financial advisory firms.
©2023 funds global asia