SEARCH
Why advisers need to urgently tackle the cyber threat challenge
Why advisers need to urgently tackle the cyber threat challenge
“Advisers should be banking in security from the very get-go of their digital journey,” Major General Dr Marcus Thompson AM said at the Adviser Innovation Summit in Melbourne.
Speaking at this year’s Adviser Innovation Summit, Dr Thompson, former head of information warfare for the Australian Defence Force (ADF), warned that cyber security complacency has no place in advice, noting that the threat is very real.
“We need to accept upfront that in the cyber space there is a threat, the threat is real, it is active, it is incredibly capable, and it wishes you harm,” Dr Thompson told a room full of advisers on Wednesday.
“You might not be interested in cyber security, but the cyber threat is definitely interested in you,” he said.
“You are all now legislatively obliged to be interested in cyber security,” Dr Thompson added, referencing recent legislative changes that have extended the reach of the Security of Critical Infrastructure Act 2018 (SOCI Act), which requires owners and operators of Australia’s critical infrastructure to take steps to protect that infrastructure.
Among the newly captured sectors is the financial services sector.
Dr Thompson explained that the Australian-first RI Advice ruling best portrays just how culpable advice businesses are to holes in cyber risk management strategies.
On 5 May, the Federal Court ruled that AFS licensee RI Advice breached the law by failing to protect confidential client information from numerous cyber attacks between June 2014 and May 2020, “that allowed third parties to gain unauthorised access to sensitive personal information”.
The court heard that nine incidents occurred where hackers infiltrated the servers of RI Advice using methods such as hacked web servers, ransomware, brute force and phishing emails.
“It is imperative for all entities, including licensees, to have adequate cyber security systems in place to protect against unauthorised access,” ASIC deputy chair Sarah Court said at the time.
According to Dr Thompson, businesses need to learn from RI Advice and prioritise the enhancement of their cyber security posture.
“If you have any assets, any information that a criminal might be able to monetise, then you need to be thinking about its security,” Dr Thompson said.
As for practical steps advisers can take today, Dr Thompson swears by an approach that addresses three crucial pillars of cyber security - self-defence, passive defence and active defence.
“It’s a conceptional framework to help you order your thinking and under each heading you can ask those questions of yourself, your team and your third-party providers. It’s everyone’s responsibility," he said.
“Self-defence is don’t be that person that clicks on the link in phishing email, don’t be the person that finds a USB stick in the carpark and out of curiosity plugs it into your system. What are you posting on social media?
“Passive defence is questions to ask of your technical staff if you have them in-house or your third-party providers if you’re contracting it out,” Dr Thompson explained.
This pillar of defence also includes dusting off your business continuity plan and rehearsing crisis management procedures.
“Active defence is the smaller numbers of highly trained people that are sitting on or near your infrastructure, actively seeking out and countering threat activity,” Dr Thompson noted.
And according to him, staying on top of one's cyber security is "actually not that complex", but not doing so is profusely dangerous.
About the author
Subscribe to our Newsletter
We Translate Complicated Financial Jargon Into Easy-To-Understand Information For Australians
Your email address will be shared with nestegg and subject to our Privacy Policy
latest articles
OUR PLATFORMS AND BRANDS
- Accountants Daily
- Accounting Times
- Adviser Innovation
- Australian Aviation
- Cyber Daily
- Defence Connect
- Fintech Business
- HR Leader
- Independent Financial Adviser
- Investment Center
- Investor Daily
- Lawyers Weekly
- Money Management
- Mortgage Business
- Nestegg
- Property Buzz
- Real Estate Business
- Smart Property Investment
- SMSF Adviser
- Space Connect
- Super Review
- The Adviser
- Wellness Daily
- Which Investment Property
- World of Aviation
EVENTS AND SUMMITS
- Accountants Daily 30 Under 30 Awards
- Adviser Innovation Summit
- Australian Accounting Awards
- Australian Aviation Awards
- Australian Broking Awards
- Australian Defence Industry Awards
- Australian Law Awards
- Australian Space Awards
- Australian Space Summit
- Better Business Summit & Awards
- Corporate Counsel Summit & Awards
- Cyber Security Summit & Awards
- Defence Connect Budget Lunch
- Defence Connect DSR Summit
- Fund Manager of the Year Awards
- ifa Excellence Awards
- ifa Future Forum
- Investor Daily ESG Summit
- Lawyers Weekly 30 Under 30 Awards
- Lawyers Weekly Women in Law Forum
- Mortgage Business Awards
- New Broker Academy
- Partner of the Year Awards
- REB Awards
- Reinnovate
- SME Broker Bootcamp
- SMSF Adviser Technical Day
- Super Fund of the Year Awards
- Women in Finance Awards
- Women in Law Awards
- Accountants Daily Podcast Network
- The Adviser Podcast Network
- Australian Aviation Podcast Network
- Defence Connect Podcast Network
- HR Leader Podcast Network
- The ifa Show
- The Lawyers Weekly Show
- Mortgage Business Podcast Network
- REB Podcast Network
- Relative Return
- The Smart Property Investment Show
- Space Connect Podcast
PODCASTS
LEARNING AND EDUCATION
MOMENTUM MARKETS NETWORK
LINKS
STAY CONNECTED
Subscribe to the Adviser Innovation eNewsletter.
