.png)
ASIC Chair Joe Longo said, "This matter should serve as a wake-up call to all companies on the dangers of neglecting your cyber security systems."
ASIC vs FIIG Securities
The Australian Securities and Investments Commission (ASIC) has taken legal action against FIIG Securities Limited for systemic and prolonged cyber security failures. According to ASIC, FIIG failed to implement adequate cyber security measures over a period of more than four years, which led to the theft of approximately 385GB of confidential data, affecting around 18,000 clients.
ASIC allege that FIIG, an AFSL holder, failed to:
• Have appropriately configured and monitored firewalls to protect against cyber-attacks,
• Update and patch software and operating systems to address security vulnerabilities,
• Provide mandatory training to staff on cyber security awareness, and
• Have adequate human, technological and financial resources to manage cyber security.
ASIC is seeking declarations of contraventions, civil penalties and compliance orders against FIIG. This is not the first, and we should expect more of these cases.If you hold any Financial data, PII data or Sensitive client information, avoid the regulator's knock by pro-actively and regularly checking the adequacy of your cyber security measures.
