ASX and ASIC have invited the 100 largest ASX-listed companies to participate in the ASX 100 Cyber Health Check, a survey to benchmark the levels of cyber security awareness, capability and preparedness within Australian business. Participation by companies is voluntary, with responses sought by mid-December 2016. Companies that participate will receive a confidential report benchmarking their own cyber security practices. A public report on the themes emerging from the data is expected to be released in March 2017. The ASX 100 Cyber Health Check is an industry-led initiative that forms part of the Australian Government’s Cyber Security Strategy. ASX and ASIC worked with representatives from Government, business and audit firms KPMG, Deloitte, EY, and PwC, to develop a cyber health check survey for the Australian environment, based on a similar exercise in the UK with the FTSE 350.
Cyber security is a strategic risk management issue for Boards, not just IT departments. Effective governance on how business is addressing cyber risks and building resilience is a key enabler for the Australian economy.
Amanda Harkness, ASX Group Executive, said: “The ASX 100 Cyber Health Check has brought together Government, regulators and industry on an issue of critical importance to Australian business and the millions of investors who hold shares in Australian companies. The sharing of best practice, and increased awareness and engagement by directors of listed companies are important steps in building the cyber resilience of Australian business. “The better informed boards become, the more effectively they can assess their cyber security risks and opportunities, including identifying areas where improvement is required. Participation will reassure shareholders and the broader community that boards are actively engaged in addressing cyber issues. “