ASX 100 asked to undergo cyber security health check

Australia's stock exchange and corporate regulator have jointly asked the boards of the country's 100 largest listed companies to assess their cyber security posture through a voluntary survey.

The ASX 100 cyber health check initiative was first unveiled in the government's new national cyber security strategy, published in April.

The ASX and ASIC today formally asked directors of the ASX 100 to assess and disclose the level of cyber security awareness, capability, and preparedness within their organisations.

The assessment process includes an online questionnaire and interviews to be carried out by big four audit firms KPMG, Deloitte, EY, and PwC.

After the survey and analysis is completed in mid-December, participating companies will be given a confidential document benchmarking their progress, with anonymised data to be published in a public report scheduled for release next March.

Participation in the survey is voluntary. The process has been modelled on a similar exercise in the UK with the FTSE 350.

“The ASX 100 cyber health check has brought together government, regulators and industry on an issue of critical importance to Australian business and the millions of investors who hold shares in Australian companies,” ASX group executive Amanda Harkness said in a statement.

“The better informed boards become, the more effectively they can assess their cyber security risks and opportunities, including identifying areas where improvement is required. Participation will reassure shareholders and the broader community that boards are actively engaged in addressing cyber issues.”