POWERED BY MOMENTUM MEDIA
Super funds fortify cyber security amid growing digital threats
Superannuation funds are stepping up their cyber security efforts as reliance on digital infrastructure exposes them to growing risks of cyber attacks, according to new research from JP Morgan.
The evolving threat landscape includes sophisticated AI-driven scams, supply chain vulnerabilities, and the bypassing of traditional security measures like multifactor authentication.
John Livanas, CEO of State Super, said funds must prepare for the inevitability of cyber incidents.
“We believe that at some stage, there will be a cybersecurity incident. We can’t predict what this will be or how we should react to it. Therefore, like most, we play out some scenarios to get used to the cadence and rhythm of handling such incidents. In addition, we have created a playbook as a holistic guide,” Livanas said.
He highlighted proactive measures, such as implementing additional checks during the COVID-19 early release of super scheme, which thwarted fraudulent activity.
“During the COVID era, when people were withdrawing $10,000, we put an added check in there. You won’t believe how much that stopped people from trying to game the system,” Livanas said.
Adonis Polychronopoulos, APAC head of Cybersecurity & Technology Controls at JP Morgan, noted the increasing sophistication of cyber threats, including AI-generated deepfakes and advanced social engineering.
Automating controls and adopting technologies like Endpoint Detection and Response (EDR) and Zero Trust principles are essential, he said.
“Automate these controls as much as possible so you are not reliant on manual processes, use template configurations – for example, so that non-approved tools and configurations are automatically blocked in your technology environment,” said Polychronopoulos.
He also pointed to emerging solutions like password-less authentication and AI manipulation detection tools as critical defences for funds that rely on remote onboarding of members or employees.
“There are also interesting and rapid developments in identity and access management to include password-less authentication, which can be highly effective against credential phishing, and the ability to detect AI-manipulated video/audio/ images. The latter is key if funds rely on remotely onboarding members or employees,” Polychronopoulos said.
The broader industry is also taking action, JP Morgan said.
Namely, the Association of Superannuation Funds of Australia (ASFA) released a Better Practice Guidance on Minimum Fraud Controls in July and a Financial Crime Protection Initiative in September to enhance fraud prevention across the sector.
Recommended for you
Advice licensee Centrepoint Alliance has entered an agreement to acquire the comprehensive financial advice book of the super fund’s subsidiary firm.
A coalition of industry groups including the SMSF Association is demanding the government and the opposition “immediately and unequivocally rule out any move to tax unrealised investment gains in any part of the tax system”.
AMP’s new chair has used his inaugural AGM address to call for policy reform on the “decumulation” phase of superannuation and position AMP as a key player in addressing the challenge.
Reserve Bank governor Michele Bullock has quashed hopes of an out-of-schedule rate cut, telling an event in Sydney that it remains too early to determine the trajectory of interest rates as the RBA grapples with growing global economic volatility.
TOP PERFORMING FUNDS
ACS FIXED INT - AUSTRALIA/GLOBAL BOND
Fund name
3y(%)pa
1
DomaCom DFS Mortgage
90.28 3 y p.a(%)
2
GAM LSA Private Shares AU I
37.08 3 y p.a(%)
3
DomaCom Lot 21 Chellaston Road Munno Para West SA 5115 Australia
31.44 3 y p.a(%)
4
Fidante Credit Suisse Global Private Equity
31.12 3 y p.a(%)
5
Global X GlobalX FANG+ ETF
28.28 3 y p.a(%)
