Cyber Health Check Comparison Report: Comparing the ASX 100 listed companies to non-ASX 100 organisations
Cyber security is a critical aspect of conducting business safely within the digital age. Unfortunately, non-ASX 100 organisations (private and government) are significantly less prepared and governed in this area than ASX 100 companies. This is not primarily about money. It is about prioritising and managing risk in a smart and agile manner where many non-ASX 100 organisations are more active online and have more responsibility for critical national infrastructure than the ASX 100.
The ASX 100 Cyber Health Check Report provides a baseline upon which companies can measure their cyber security preparedness against their peers.
Protiviti has surveyed non-ASX 100 organisations to assist them to determine their cyber security preparedness and to provide a broader baseline and catalyst for action.
The comparison showed that non-ASX 100 organisations:
- do not engage with or report to their boards on cyber security to the extent of the ASX 100.
- are much less confident in their cyber security preparedness and risk management than the ASX 100.
- are not as well prepared as the ASX 100 for a breach of sensitive customer information.
- are not identifying the same growth rate in cyber security incidents as the ASX 100.
- have not allocated budget and have not acquired an appropriate level of expertise to test defences and to understand the extent of risk and occurrence of cyber attacks against them.