In an effort to respond to the growing threat of cyber-attacks, APRA has proposed its first cross-industry prudential standard on information security.

Whilst long overdue, it will have a significant impact going forward, with onerous requirements such as reporting within 24 hours. This will require a massive increase in cyber maturity and capability for financial services organisations as well as a continuing focus on culture, which has been a strong area of focus for APRA.  

Cyber security is far too important to be left to only the technology or compliance teams – it is a challenge that affects everyone across the business. You can read our latest Cyber Security report here on the new privacy laws that are now effective, including mandatory data breach notifications to inform when a data breach has occurred.

The proposed new standard, CPS 234, was released this week as part of a package of measures titled Information Security Management.