About the Cyber Risk Working Group
The group supports actuaries working in roles requiring assessment of, or provision of guidance on, cyber products or cyber-related risk.
Given the broad nature of cyber-related issues, this is a cross practice working group formed with representatives from both the General Insurance Practice Committee and the Risk Management Practice Committee.
Members include:
Chair
Susie Amos
Secretary
Wen Liu
Members
Adam Searle
Adele Foster
Anthony Wall
Mary Poon
Win-Li Toh
Sonia Tripolitano
Peter Yeates
Institute Liaison
Clare Marshall
External Resources
The below sections provide links to various articles that may be of interest to members. Actuaries are encouraged to think critically about the assumptions underlying the material they are reading and producing.
External Resources
for cyber risk
This report summarises and details key statistics on data breaches across the world from an independent survey of companies who have experienced a data breach over the last year.
This report provides a deep-dive analysis on data breaches reported under their VERIS framework.
View the report.
Provides surveys on what businesses are most concerned about regarding risks and monitors trends to see potential risks.
The Office of the Australian Information Commissioner (OAIC) releases notified data breach information.
Following the release of the Privacy Act Review Report, the Government undertook public consultation to inform the Government response. On 28 September 2023, the Australian Government released its response to the Privacy Act Review Report.
The Australian Signals Directorate’s (ASD) Annual Cyber Threat report explores Australia’s cyber threat landscape.
Cyber Protection Gap Widens for SMEs
A Dialogue Paper which provides a temperature check on cyber risk and calls out the risk to SMEs being left behind.
External Resources
for insurance
This webinar from Marsh which shares insights on the cyber risk landscape.
This report from AON share trends on market conditions, cyber claims trends and policy development.
An annual report on the outcomes of the global monitoring exercise of trends and cyber resilience.
A report based on a summary statistical analysis of over 9,000 cyber claims for incidences.
External Resources
for compliance and risk management
An APRA Prudential Standard that defines information security roles and responsibilities at all levels (from Board to individuals), maintain security capabilities proportionate to their size and threat landscape, implement and regularly test controls based on asset criticality and sensitivity, and promptly report any material security incidents to APRA.
Includes all news and articles published by the AICD in regard to cyber security risk and management.
Key findings from ASIC cyber pulse survey.
A dedicated hub of resources relating to cyber risk.
This handbook created by the Australian Information Security Association (AISA) and Australian Institute of Company Directors (AICD) outlines key risk management areas for Directors to consider and incident response planning.
These principles provide a practical framework to help directors, governance professionals and their organisations proactively tackle oversight and management of cyber risk. The purpose of the principles is to illustrate what constitutes better practice oversight at the board level.
Join the profession that makes a world of difference.
See your impact. Join the Institute.
