APRA CPS 234 is a standard for information security management designed to help APRA regulated entities increase their overall resilience towards information security incidents that can affect the confidentiality, integrity or availability of information assets.
CPS 234 applies to all APRA-regulated entities. These include:
It is important to note that from July 1, 2020, onwards all third parties that handle information assets from the above-listed organisations will also have to comply with CPS 234.
CPS 234 also applies to certain foreign entities. These include:
Organisations in the finance industry have become especially lucrative targets for these criminals due to the high amount of financial reward and access to personally identifiable information (PII) and protected health information (PHI) that these organisations hold.
This trend has been helped by lacklustre information security and an overreliance on the use of technology and third party vendors by superannuation, banking and insurance companies, in an attempt to increase customer satisfaction and operational efficiency. In consequence, internal and external stakeholders have increased their expectations when it comes to securing information assets.
CPS 234 can help APRA regulated entities to reduce cyber risk and increase their overall cyber security posture by ensuring that their information security takes into account their vulnerabilities and threats. The CPS 234 also ensures that organisations give more attention to vendor risk management so that incidents involving third parties are reduced.
The StickmanCyber team can review your current cybersecurity framework against the requirements of APRA 234, identify and compliance issues and provide recommendations for remediation. We follow a standard 5-step methodology to define compliance goals, plan and execute the steps required, share relevant reports with the right stakeholders, and continuously monitor the scene to ensure compliance.
Arm yourself with up-to-date information and insights into building a successful cybersecurity strategy, with blogs and webinars from the StickmanCyber team, and industry experts.
In this exclusive live webinar, Ajay will be sharing key insights, learnings and takeaways from the 100’s of projects run and executed by StickmanCyber’s and industry knowledge from the last 12 months culminating in the Top 10 investment focus areas organisation’s need to have in place for 2021-2022 when it comes to improving and uplifting their cybersecurity posture.
Know your exact challenge and want a solution partner? Just starting out on the cybersecurity journey? The StickmanCyber team can help.