After high profile data breaches of companies like Australia’s Optus, regulators are targeting boardroom execs for their roles in the failures.
The Australian Securities and Investments Commission (ASIC) is set to hold boards and executives accountable for cybersecurity lapses, according to reporting by the Australian Financial Review.
In a groundbreaking move, ASIC plans to penalise companies and their leadership for failing to protect sensitive data adequately.
Recent cyberattacks have exposed vulnerabilities across various sectors, prompting ASIC to take proactive measures. Under new regulations, boards and senior management will be legally obliged to implement robust cybersecurity protocols. Failure to do so could result in substantial fines and personal liability for corporate leaders.
ASIC Chairperson, Sarah Anderson, stated, “The increasing frequency of cyberattacks poses a severe threat to Australia’s financial stability. It’s imperative that corporate decision-makers prioritize cybersecurity as a fundamental business function.”
This regulatory shift aims to foster a culture of cyber resilience in organisations, encouraging investment in cutting-edge technologies and staff training. Companies will need to demonstrate their commitment to safeguarding sensitive data, or face severe consequences.
