Govt offers security checks for ASX100 firms

The federal government will offer ASX100 companies cybersecurity ‘health checks’, to ensure they are resilient against cyber threats, as part of the new national cybersecurity strategy.

As announced by Prime Minister Malcolm Turnbull, the strategy’s action plan calls for the government to codesign voluntary health checks for ASX100 listed companies.

The government will aim to provide decision-makers within Australia’s largest publicly listed companies with tailored information on the impact of cyber risks to their businesses.

With the health checks, the government aims to ensure executives and boards better understand their organisations’ cybersecurity strengths and weaknesses.

As well as the ASX100 companies themselves, the government envisions Australia’s highest performing businesses leading a national effort towards adopting best practice cybersecurity.

“The governance ‘health checks’ will enable boards and senior management to better understand their cybersecurity status and how they compare to similar organisations. In time, these ‘health checks’ (similar to the United Kingdom’s FTSE 350 governance health checks) will be available for public and private organisations, tailored to size and sector,” the action plan states.

As part of this goal, the government will provide support for small businesses to have their cybersecurity tested by certified practitioners.

To improve the government’s own security capabilities, the plan calls for independent risk assessments for government agencies, as well as assessments into how well the agencies have implemented recommendations to mitigate targeted cyber intrusions developed by the Australian Signals Directorate.

Finally, the government will develop guidance for its agencies to consistently manage ICT supply chain security risks. This guidance will eventually be used to help inform the private sector as well.

Image courtesy of 24oranges.nl under CC