Medcraft calls for united front on cyber crime
Cyber crime is a growing problem that requires a global solution, according to regulatory chief Greg Medcraft.
He says bodies such as the International Organisation of Securities Commissions (IOSCO) and the Australian Securities and Investments Commission (ASIC) – both of which Mr Medcraft chairs – are co-operating on a range of projects.
“An example of the sobering effect of cyber crime occurred earlier this year when 76 million household and 7 million small business accounts were reported to be compromised in a cyber attack on JPMorgan Chase in the US.”
Mr Medcraft’s comments came during his Bloomberg address in Sydney last Thursday.
He says ASIC is working with IOSCO on guidance to improve the way financial markets’ infrastructure handles cyber risk.
IOSCO’s policy committees are considering guidance on managing cyber risks, disclosure on how risks are managed, and enforcement – how members co-operate in investigating and responding to attacks. Members can share information under IOSCO’s multilateral memorandum of understanding.
IOSCO members include more than 120 regulators that control more than 95% of world securities markets.
Mr Medcraft says Australian company boards should read the Preliminary Cybersecurity Framework, developed by the US National Institute of Standards and Technology.
It helps organisations manage cyber risk and assess resilience.
“It is all about cyber resilience through risk management. Risk management systems must be granular enough to ensure a good level of resilience in an organisation.
“Boards should also be alive to the risk of a cyber attack as part of their risk oversight role.”
Mr Medcraft says technology advances have led to the rise of cyber crime.
Links between market players and infrastructure mean the impact can spread quickly, threatening the integrity of global markets, the protection of investors and confidence in the financial system.
In the digital age, industry and regulators must work together to harvest opportunities while mitigating risks, Mr Medcraft says. “To be successful, we must be agile and always have an eye on the future, otherwise we will be left behind.”