The Market Online - At The Bell

Join our daily newsletter At The Bell to receive exclusive market insights

More than half of respondents to an ASIC cybersecurity survey have been flagged for lacking adequate information protections.

Fifty-eight per cent of respondents were considered to “have limited or no capability to protect confidential information adequately”.

A total of 697 companies took part in the cyber pulse survey for 2023.

The survey found that most Australian companies are reactive, and not proactive when it comes to cybersecurity management.

Third-party risk

Further, 44 per cent in the survey didn’t manage third-party cybersecurity risks, where access from outside workers was concerned.

“It was alarming that 44 per cent of participants are not managing third-party or supply chain risks,” ASIC Chair Joe Longo said.

Smaller companies were generally behind larger companies with more time and money to implement stronger cyber controls.

“It’s not enough to have plans in place. [Systems] must be tested regularly – alongside ongoing reassessment of cyber security risks,” Mr Longo added.

DP World incident

Coincidentally, ASIC’s report has hit the public only 72 hours after Australian port operators were hit with a cyberattack.

On Friday, DP World Australia was targeted by an unclear type of cybersecurity intrusion.

In turn, four major ports across Australia had to shut down operations where DP World was involved.

The company handles some 40 per cent of all container traffic in and out of Australia.

But the risk to shareholders from cyber criminals is very real.

Numerous ASXers at risk

In recent history, healthcare coverage provider Medibank (ASX:MPL) was hit by an attack that led to the release of confidential customer information.

Shareholders punished the company with Medibank’s share price falling for months in response.

The price plummeted in October of 2022 and didn’t make back those gains until April of 2023.

While its recovery could be considered relatively fast-paced, the chart makes clear just how badly a cyberattack can impact valuation.

A steep drop in Medibank’s price charts is evident at the October 2022 mark. Source: The Market Herald

Listed law group IPH Limited (ASX:IPH) also called a trading halt in early 2023 following a cyber-attack on third parties.

That same month, the University of Wollongong Professor Alex Frino released his findings that only a fraction of ASX companies hit by cyberattacks ever reported the breaches.

“25 of the cyber attacks were only reported in the press, while only 11 were made public via ASX announcements,” Mr Frino wrote in a report cited by iTnews.

More From The Market Online

Weekly Wrap-up: The Headlines That Matter

A list of headlines and economic data that moved markets this week – and what's next.
The Market Online Video

Market Close: ASX200 wraps up the week on a high

The ASX200 closed up nearly half a per cent. Most sectors finished in the green.
The Market Online Video

Webinar: Australia’s Uranium Awakening: Investing in a Glowing Future

Uranium's regained serious value after an extended price depression that resulted from plentiful supplies coupled with…