By Sean Aylmer
The banking regulator is getting tough on cybercrime. It has just introduced a new standard for all banks, insurers and superannuation funds, in a move which is likely to create more cyber security jobs in the sector.
The new standard, introduced by the Australia Prudential Regulation Authority, is part of a five year cyber strategy which eventually will influence third party suppliers, technology companies, fund managers and payments companies.
At the heart of it is shoring up the weakest link in any organisation.
“In an environment where an attack on one of us could be an attack on any of us, we are all – governments, regulators, organisations and individuals – links in a chain – and we are in this battle together.” said Geoff Summerhayes, deputy chair of APRA.
“By sharing information and expertise, pooling resources and taking prompt action to plug gaps and fix weak links, we create a community of cyber defenders that is greater than the sum of its parts. In doing so, we help to keep the chain as strong as possible and lock out those who would do us harm.”
The challenge, as Mr Summerhayes pointed out, was having people both within an organisation and externally, that know what do about cybercrime.
“Too many boards still lack visibility or understanding of the problems, while internal audit functions can lack the specialist skills to challenge boards and management to plug urgent gaps,” Mr Summerhayes said.
APRA overseas the financial services sector which is measured in the trillions of dollars. It is a honey pot for organised crime and the need for cyber security professionals is greater now than ever before.
The APRA standard means banks, insurers, superannuation funds and third parties to the sector will have to put greater focus on cybercrime, and that means putting more resources, including skilled people, into the area.
