Much like the financial systems around the world, organizations in the Australian financial system continually face cyber threats. In order to help organizations protect themselves, the Australian Prudential Regulation Authority (APRA) has created a new standard for managing security threats. The Prudential Standard, called CPS 234, is established with a list of standards to help organizations decrease the likelihood of a cybersecurity attack.
We studied the cybersecurity of the APRA-regulated institutions and offer in this report actionable recommendations for how they can improve. We also provide some key questions to ask for anyone doing business with these institutions. To avoid helping attackers, we have not named companies and we have redacted other identifying details.
