The importance of cyber resilience stressed by Australian Prudential Regulator
Contacts
Related
Practices
Sectors
Trending Topics
Regions
Countries
Offices
On 3 June 2024, the Australian Prudential Regulation Authority (APRA) wrote to all APRA-regulated entities to emphasise its expectations regarding cybersecurity, specifically relating to data backups and protection against data loss.
APRA called for businesses to promptly review and address gaps in any practices which could impede system restoration during the restoration phase of a cyber incident. Referring particularly to “common problems that can limit the usefulness of…backups in restoring systems during an incident”,
APRA has recommended businesses:
- periodically self-assess themselves against the security practices in APRA Prudential Guide CPG 234 (Information Security) (CPG 234);
- review their backup arrangements against the common problems which limit the usefulness of backups during the restoration phase following a cyber incident:
- insufficient segregation between production and backup environments;
- insufficient control testing coverage and rigour to ensure backups are protected from compromise; and …
Full article available on Disputes +
Latest insights
More Insights
Key Revisions and Compliance Recommendations of the PRC Cybersecurity Law
7 minutes Feb 09 2026
China Cybersecurity and Data Protection: Monthly Update – January 2026 Issue
20 minutes Feb 06 2026
Facial recognition and the Privacy Act: a clearer (but stricter) line for businesses
3 minutes Feb 06 2026