The Market Online - At The Bell

Join our daily newsletter At The Bell to receive exclusive market insights

More than half of respondents to an ASIC cybersecurity survey have been flagged for lacking adequate information protections.

Fifty-eight per cent of respondents were considered to “have limited or no capability to protect confidential information adequately”.

A total of 697 companies took part in the cyber pulse survey for 2023.

The survey found that most Australian companies are reactive, and not proactive when it comes to cybersecurity management.

Third-party risk

Further, 44 per cent in the survey didn’t manage third-party cybersecurity risks, where access from outside workers was concerned.

“It was alarming that 44 per cent of participants are not managing third-party or supply chain risks,” ASIC Chair Joe Longo said.

Smaller companies were generally behind larger companies with more time and money to implement stronger cyber controls.

“It’s not enough to have plans in place. [Systems] must be tested regularly – alongside ongoing reassessment of cyber security risks,” Mr Longo added.

DP World incident

Coincidentally, ASIC’s report has hit the public only 72 hours after Australian port operators were hit with a cyberattack.

On Friday, DP World Australia was targeted by an unclear type of cybersecurity intrusion.

In turn, four major ports across Australia had to shut down operations where DP World was involved.

The company handles some 40 per cent of all container traffic in and out of Australia.

But the risk to shareholders from cyber criminals is very real.

Numerous ASXers at risk

In recent history, healthcare coverage provider Medibank (ASX:MPL) was hit by an attack that led to the release of confidential customer information.

Shareholders punished the company with Medibank’s share price falling for months in response.

The price plummeted in October of 2022 and didn’t make back those gains until April of 2023.

While its recovery could be considered relatively fast-paced, the chart makes clear just how badly a cyberattack can impact valuation.

A steep drop in Medibank’s price charts is evident at the October 2022 mark. Source: The Market Herald

Listed law group IPH Limited (ASX:IPH) also called a trading halt in early 2023 following a cyber-attack on third parties.

That same month, the University of Wollongong Professor Alex Frino released his findings that only a fraction of ASX companies hit by cyberattacks ever reported the breaches.

“25 of the cyber attacks were only reported in the press, while only 11 were made public via ASX announcements,” Mr Frino wrote in a report cited by iTnews.

More From The Market Online

Provaris Energy’s hydrogen tanker fabrication to recommence; shares up 6%

Provaris (ASX:PV1) has announced fabrication of its prototype hydrogen tanker is to recommence in 2025, pushing…
Image of a woman holding a bottle of hemp oil

Little Green Pharma jumps into distribution with acquisition

Little Green Pharma is aiming to make the strategic acquisition of HH (Australia) Pty Ltd to…
Market Update Graphic

ASX Market Update: Index sheds another 1% as Discretionary stocks lead broad selloff | December 20, 2024

The ASX200 has been down 1% at 8,084 points.
A rubbish truck dumping landfill

‘Meaningful step towards our target’: Cleanaway JV opens door to monetising landfill gas

Cleanaway Waste Management has entered a joint venture with LMS Energy Pty Ltd to enable landfill…