The Australian Prudential Regulation Authority (APRA) has written to all regulated entities to provide further insights and guidance on common cyber control weaknesses. This letter is part of APRA's ongoing commitment to supervising cyber resilience across industry, and follows the previous letter on the security and adequacy of back-ups.
The letter details the common issues observed in terms of security in configuration management, privileged access management and security testing. APRA expects regulated entities to review their control environment against these common weaknesses and address any identified gaps promptly.
The letter is available on the APRA website at: Additional insights on common cyber resilience weaknesses.
/Public Release. This material from the originating organization/author(s) might be of the point-in-time nature, and edited for clarity, style and length. Mirage.News does not take institutional positions or sides, and all views, positions, and conclusions expressed herein are solely those of the author(s).View in full here.