• Home
  • Insights
  • The importance of cyber resilience stressed by Australian Prudential Regulator

The importance of cyber resilience stressed by Australian Prudential Regulator

Published

Jun 06 2024

Written By

evelyn park Module
Evelyn Park

Associate
Australia

I am an associate in our Dispute Resolution Group in Sydney

Related

Practices

Sectors

Trending Topics

Regions

Countries

Offices

On 3 June 2024, the Australian Prudential Regulation Authority (APRA) wrote to all APRA-regulated entities to emphasise its expectations regarding cybersecurity, specifically relating to data backups and protection against data loss.

APRA called for businesses to promptly review and address gaps in any practices which could impede system restoration during the restoration phase of a cyber incident. Referring particularly to “common problems that can limit the usefulness of…backups in restoring systems during an incident”,

APRA has recommended businesses:

  • periodically self-assess themselves against the security practices in APRA Prudential Guide CPG 234 (Information Security) (CPG 234);
  • review their backup arrangements against the common problems which limit the usefulness of backups during the restoration phase following a cyber incident:
    • insufficient segregation between production and backup environments;
    • insufficient control testing coverage and rigour to ensure backups are protected from compromise; and

Full article available on Disputes +

Read More

Latest insights

More Insights
Curiosity line green background

An In-depth Analysis of China’s Network Data Security Regime Part III: Cross-Border Data Transfer and Platform Data Protection

Aug 14 2025

Read More
Curiosity line blue background

EBA consults on Draft Guidelines on third-party risk management with regard to non-ICT related services

4 minutes Aug 13 2025

Read More
Curiosity line teal background

ASIC Takes Action Against Fortnum Private Wealth Over Cybersecurity Failures

Aug 11 2025

Read More
More Insights