Securing the future:

Protecting Australia's superannuation ecosystem against cybersecurity threats

How can Australia’s superannuation ecosystem protect itself against cybersecurity threats?

Understand the risks and challenges across the sector, along with the benefits of a coordinated approach to improve cyber resilience

In such extraordinary times, the Australian superannuation industry is currently navigating its way through some of the most significant and complex challenges ever faced. These include the remediation of historical issues, increasing regulation, implementing transformational reforms, managing business as usual and realigning strategy to focus on members. Additionally, the industry is now grappling with the wide-ranging implications of the COVID-19 pandemic which has caused widespread concern and hardship for economies, businesses and communities across the globe.

Even before the pandemic, funds were having to do everything they did before, just faster, better and to a much higher standard. Now, if possible, the pace has increased even further, bringing existing and new threats to the fore, including a multiplied nature and range of cybersecurity risks.

We’re pleased to announce the launch of a report commissioned by Gateway Network Governance Body Ltd (“GNGB”), co-authored by PwC Australia and GNGB, Securing the future: Protecting Australia’s superannuation ecosystem against cybersecurity threats, specifically aimed at understanding the risks and challenges presented within our ecosystem, and encouraging implementation of a coordinated capability to improve protection and cyber resilience across the industry.

With over 80 executives and leaders from across the industry contributing to the research, the white paper explores:

Elements that make the superannuation ecosystem particular vulnerable, including identification of cybersecurity risks and incidents within the sector
The set of challenges that the ecosystem needs to address, including a current lack of accountability and cyber risk leadership for end to end cyber resilience, the differing focus across regulators, and an inconsistent and uncoordinated approach to managing cyber risk.
How the superannuation ecosystem can collectively build an overarching strategy, including roles and responsibilities, a basic set of standards and a cyber-threat sharing platform among other recommendations

Though the risks of a cyber attack are not unique to the superannuation industry, with approximately $2.9 trillion in funds under management it is a lucrative target for cybersecurity-related activity. A failure to collectively address this threat as an industry will have far-reaching consequences for the sector, and the Australian nation as a whole. The time to act is now.