Super funds urged to hire cyber literate board members

3 August 2023
| By Rhea Nath |
expand image

The superannuation sector is not exempt from the risks that arise from emerging technology, according to experts, who urge funds to raise the bar on cyber security and literacy. 

Speaking at AIST’s 2023 Conference of Major Superannuation Funds, Sandeep Kohli, managing director, APAC CISO, State Street, said fund leaders should look for like-minded people to discuss opportunities and challenges in cyber.

“You must have someone on the board that is cyber literate,” Kohli said.

“Business leaders around the world say there is a 43 per cent chance of an organisation to be hit with a cyber incident.” 

The panel noted that mitigating risk meant more than just hiring a cyber risk consultant; rather it required super fund leaders to push for cyber literacy that extends across the entire board. 

In order to avoid compromising their operational integrity, they need to drive the importance of cyber security from the top down.

Recently, the Australian Prudential Regulation Authority (APRA) wrote to its regulated entities to reinforce the importance of multifactor authentication to protect sensitive data from cyber attacks.It informed APRA-regulated entities that it is a “material security control weakness” if firms fail to comply.

“As a sector, super is fortunate that APRA had the foresight to consider cyber, so it’s ahead of other sectors,” said Anna Leibel, director of cyber security education platform The Secure Board. “The opportunity for super is that you have those foundations in place.” 

According to Leibel, organisations like super funds need more cyber expertise, not just a token cyber security specialist.

“The ultimate responsibility will come back to you [the director] no matter how far you delegate [cyber security],” she said. “[Leaders] have the responsibility to upskill and increase literacy in cyber security.”

The panel highlighted that a solid cyber security strategy is one of the best investments a super fund can make and that investment in this area is worth every cent. 

Leibel explained: “Every dollar you spend in cyber is still for the member and the protection for their future. You can help the member to understand the purpose of that spend.” 

Earlier this year, industry super fund NGS Super fell victim to a cyber attack that resulted in limited data being taken from its systems although no super savings were taken. 

Speaking to Super Review, the fund’s chief executive and former chief risk officer, Natalie Previtera, said a cyber attack was the biggest risk that had kept her up at night. 

“In this day and age, it was a matter of when, unfortunately, and not if,” she said. 

Read more about:


Add new comment

The content of this field is kept private and will not be shown publicly.

Recommended for you

sidebar subscription

Never miss the latest developments in Super Review! Anytime, Anywhere!

Grant Banner

From my perspective, 40- 50% of people are likely going to be deeply unhappy about how long they actually live. ...

4 months ago
Kevin Gorman

Super director remuneration ...

4 months ago
Anthony Asher

No doubt true, but most of it is still because over 45’s have been upgrading their houses with 30 year mortgages. Money ...

4 months 1 week ago

The Association of Superannuation Funds of Australia has appointed a new director representing industry funds, among a number of other appointments in recent months....

1 day 20 hours ago

The asset manager is bolstering its investments in the global energy transition and climate opportunities....

1 day 1 hour hence

The ethical investment manager has reported record FUM as its growth trajectory continues apace....

2 days 21 hours ago