Ahead of the introduction of new reporting requirements for Australian critical infrastructure operators, McGrathNicol Advisory has released research finding that 89% of executives expect risk and security issues to worsen in the next 12 months.
New obligations introduced this month under the Security of Critical Infrastructure Act 2018 will require Australian organisations operating in certain sectors to submit a Critical Infrastructure Risk Management Program by 28 September. Covered industries include communications, defence, higher education and research, financial services, health care, energy and transport.
The report indicates that many organisations may be underprepared for the new obligations. A survey conducted for the report in collaboration with YouGov found that while 68% of Australian organisations name cyber risk as one of their top five concerns, 71% of respondents admitted to not conducting diligence on their key suppliers’ cybersecurity practices. In addition, 77% do not require mandatory reporting of any cyber or data breaches affecting their suppliers.
The report also found that although 87% of surveyed organisations were confident that their…
