Super funds urged to hire cyber literate board members

3 August 2023
| By Rhea Nath |
image
image
expand image

The superannuation sector is not exempt from the risks that arise from emerging technology, according to experts, who urge funds to raise the bar on cyber security and literacy. 

Speaking at AIST’s 2023 Conference of Major Superannuation Funds, Sandeep Kohli, managing director, APAC CISO, State Street, said fund leaders should look for like-minded people to discuss opportunities and challenges in cyber.

“You must have someone on the board that is cyber literate,” Kohli said.

“Business leaders around the world say there is a 43 per cent chance of an organisation to be hit with a cyber incident.” 

The panel noted that mitigating risk meant more than just hiring a cyber risk consultant; rather it required super fund leaders to push for cyber literacy that extends across the entire board. 

In order to avoid compromising their operational integrity, they need to drive the importance of cyber security from the top down.

Recently, the Australian Prudential Regulation Authority (APRA) wrote to its regulated entities to reinforce the importance of multifactor authentication to protect sensitive data from cyber attacks.It informed APRA-regulated entities that it is a “material security control weakness” if firms fail to comply.

“As a sector, super is fortunate that APRA had the foresight to consider cyber, so it’s ahead of other sectors,” said Anna Leibel, director of cyber security education platform The Secure Board. “The opportunity for super is that you have those foundations in place.” 

According to Leibel, organisations like super funds need more cyber expertise, not just a token cyber security specialist.

“The ultimate responsibility will come back to you [the director] no matter how far you delegate [cyber security],” she said. “[Leaders] have the responsibility to upskill and increase literacy in cyber security.”

The panel highlighted that a solid cyber security strategy is one of the best investments a super fund can make and that investment in this area is worth every cent. 

Leibel explained: “Every dollar you spend in cyber is still for the member and the protection for their future. You can help the member to understand the purpose of that spend.” 

Earlier this year, industry super fund NGS Super fell victim to a cyber attack that resulted in limited data being taken from its systems although no super savings were taken. 

Speaking to Super Review, the fund’s chief executive and former chief risk officer, Natalie Previtera, said a cyber attack was the biggest risk that had kept her up at night. 

“In this day and age, it was a matter of when, unfortunately, and not if,” she said. 
 

Read more about:

AUTHOR

Recommended for you

sub-bgsidebar subscription

Never miss the latest developments in Super Review! Anytime, Anywhere!

Grant Banner

From my perspective, 40- 50% of people are likely going to be deeply unhappy about how long they actually live. ...

11 months ago
Kevin Gorman

Super director remuneration ...

11 months 1 week ago
Anthony Asher

No doubt true, but most of it is still because over 45’s have been upgrading their houses with 30 year mortgages. Money ...

11 months 1 week ago

Jim Chalmers has defended changes to the Future Fund’s mandate, referring to himself as a “big supporter” of the sovereign wealth fund, amid fierce opposition from the Co...

3 days 6 hours ago

Demand from institutional investors was the main driver of growth in Australia’s responsible investment (RI) market in 2023, as the industry continued to gain momentum....

3 days 6 hours ago

In a new review of the country’s largest fund, a research house says it’s well placed to deliver attractive returns despite challenges....

3 days 7 hours ago