November 21st, 2023 | Sterling

ASIC Adopts Tough Stance on Cybersecurity After Recent Cyberattacks

In a recent Cyber Summit, Australian Securities and Investments Commission (ASIC) chairman Joe Longo expressed that ASIC intends to take legal action if it is found that breached companies did not implement reasonable steps to protect their customers and infrastructure from cyber threats.

“For all boards, cybersecurity and cyber resilience have to be top priorities,” Joe Longo said in his speech to the Australian Financial Review Cyber Summit on Monday, 18th September 2023.

ASIC’s tough stance follows the concerning trend of cyberattack incidents becoming frequent, and resulting in data breaches affecting thousands of Australians.

Per data published in The Office of the Australian Information Commissioner (OAIC) website, in the first half of 2023, 21 of the 23 breaches that affected over 5,000 Australians in this period were caused by cyber incidents. Of these, seven were caused by ransomware, seven by compromised or stolen credentials (method unknown), four by hacking, and one each by brute-force attack, malware, and phishing (compromised credentials). The remaining two breaches that affected over 5,000 Australians in this period were caused by a rogue employee or insider threat, and theft of paperwork or a data storage device.

Government agency, Australia Cyber Security Centre (ACSC) has also published an information security manual for organisations to apply to protect their systems and data from cyber threats. The manual includes information on “Guidelines for Personnel Security” which recommends personnel to undergo appropriate employment screening checks.

Pre-employment screening checks to ensure your hires are fit and proper, can be considered as one of the effective steps to be carried out in the early stages of an employment lifecycle in order to curb any future threats to the business. Companies should also factor in the following:

  • Regularly review existing background screening policies and procedures to understand if they continue to meet the necessary requirements.
  • Companies should work towards using new resources, tools, and technology for screening purposes to assess an individual’s integrity, competency, and credentials.
  • Companies should consider conducting additional checks for certain job roles, especially if the individual will have access to sensitive data or confidential information.
  • Rescreening employees at regular intervals should also be considered as an effective measure to protect the business.

How Can Sterling Help?

Sterling is a leading provider of background checks in Australia, with operations located around the world. Our clients rely on our deep regional expertise, local service proficiency, and reliable global fulfilment capabilities.

Chat with our team today about our screening solutions, allowing your organisation to make an informed hiring decision to assess an individual’s integrity, competency, and credentials.

This publication is for informational purposes only and nothing contained in it should be construed as legal advice. We expressly disclaim any warranty or responsibility for damages arising out this information. We encourage you to consult with legal counsel regarding your specific needs. We do not undertake any duty to update previously posted materials.