The Market Online - At The Bell

Join our daily newsletter At The Bell to receive exclusive market insights

More than half of respondents to an ASIC cybersecurity survey have been flagged for lacking adequate information protections.

Fifty-eight per cent of respondents were considered to “have limited or no capability to protect confidential information adequately”.

A total of 697 companies took part in the cyber pulse survey for 2023.

The survey found that most Australian companies are reactive, and not proactive when it comes to cybersecurity management.

Third-party risk

Further, 44 per cent in the survey didn’t manage third-party cybersecurity risks, where access from outside workers was concerned.

“It was alarming that 44 per cent of participants are not managing third-party or supply chain risks,” ASIC Chair Joe Longo said.

Smaller companies were generally behind larger companies with more time and money to implement stronger cyber controls.

“It’s not enough to have plans in place. [Systems] must be tested regularly – alongside ongoing reassessment of cyber security risks,” Mr Longo added.

DP World incident

Coincidentally, ASIC’s report has hit the public only 72 hours after Australian port operators were hit with a cyberattack.

On Friday, DP World Australia was targeted by an unclear type of cybersecurity intrusion.

In turn, four major ports across Australia had to shut down operations where DP World was involved.

The company handles some 40 per cent of all container traffic in and out of Australia.

But the risk to shareholders from cyber criminals is very real.

Numerous ASXers at risk

In recent history, healthcare coverage provider Medibank (ASX:MPL) was hit by an attack that led to the release of confidential customer information.

Shareholders punished the company with Medibank’s share price falling for months in response.

The price plummeted in October of 2022 and didn’t make back those gains until April of 2023.

While its recovery could be considered relatively fast-paced, the chart makes clear just how badly a cyberattack can impact valuation.

A steep drop in Medibank’s price charts is evident at the October 2022 mark. Source: The Market Herald

Listed law group IPH Limited (ASX:IPH) also called a trading halt in early 2023 following a cyber-attack on third parties.

That same month, the University of Wollongong Professor Alex Frino released his findings that only a fraction of ASX companies hit by cyberattacks ever reported the breaches.

“25 of the cyber attacks were only reported in the press, while only 11 were made public via ASX announcements,” Mr Frino wrote in a report cited by iTnews.

More From The Market Online
The Market Online Video

Market Close: ASX Ltd drops on ASIC $150M raise request; iron ore offsets gold bounceback

Good Afternoon and welcome to Market Close for Monday of Week 51, I’m Jon Davidson.
HotCopper Daily Market Trends Graphic

Monday’s HotCopper trends: Winsome, 4D Medical, and other daily topics | Dec 15

With more than seven million users on the HotCopper forums, every discussion and speculation can move Australian markets, which is why getting out in front
A dirt road running through the Antimony Canyon project in Utah.

American Tungsten and Antimony leaves ‘Trigg’ name behind to start next era (and set fresh focus)

American Tungsten and Antimony has entered a new era, leaving the name "Trigg Minerals" behind to…
The Market Online Video

How to manage money on the average Aussie income

This week on Money and Investing, Mitch Olarenshaw and I break down how to manage money on the average Australian income, using practical