Financial Crime World

Here is the converted article in Markdown format:

Financial Institutions in Australia Step Up Cybersecurity Measures Amid Growing Threats

Australian financial institutions are taking a closer look at their approach to operational resilience in the wake of recent high-profile data breaches and cybersecurity attacks.

New Regulatory Standards

The Australian Prudential Regulation Authority (APRA) has introduced new Prudential Standards - CPS 230 - aimed at strengthening the country’s regulatory landscape and promoting effective risk management. The new standards, which will come into effect from July 2025, require financial institutions to implement enhanced cybersecurity measures, including mandatory data breach notification and third-party risk assessments.

Industry Experts Weigh In

According to Richard Bergman, Global Cyber Transformation Leader at Ernst & Young (EY), “CPS 230 has elevated the focus of leadership on managing cybersecurity risk. As a result, we have seen an increase in investment to meet those regulatory obligations.”

Rachel Riley, Co-Founder and Head of Strategic Operations at Ansarada, notes that operational resilience requires leaders to take an inside-out perspective, identifying processes critical to key products and operations.

The Evolving Threat Landscape

The threat landscape is also evolving rapidly, with business email compromise (BEC) and ransomware attacks becoming increasingly common. Bergman warns that the average size of ransomware payments will increase in 2024, as threat actors become more capable of disrupting business operations.

Prioritizing Cloud Security

As financial institutions navigate this changing environment, they must prioritize cloud security, given the increased adoption of cloud services. According to Bergman, “one-third of data breaches happen because of misconfiguration on cloud by human error.”

Industry Response

In response to these challenges, Australian financial institutions are stepping up their cybersecurity measures, investing in advanced technologies and training staff to stay ahead of emerging threats.

Keywords

  • Cybersecurity
  • Australia
  • APRA
  • CPS 230
  • EY
  • Ansarada
  • Operational Resilience
  • Cloud at Scale
  • Business Email Compromise
  • Ransomware
  • Governance Risk Compliance