APRA Seeks a Replacement for Chief Information Security Officer
We independently review everything we recommend. When you buy through our links, we may earn a commission which is paid directly to our Australia-based writers, editors, and support staff. Thank you for your support!
APRA on the Quest for a New Chief Information Security Officer
Brief Overview
- APRA is in the active pursuit of a new Chief Information Security Officer (CISO) to enhance its cybersecurity framework.
- This CISO will oversee both strategic initiatives and ongoing security operations.
- The move follows a significant $130 million funding increase for cybersecurity projects, shared with ASIC.
- The previous CISO, Mikhail Lopushanski, exited APRA in May 2022 to take a position at Heritage Bank.
- The incoming CISO will collaborate closely with APRA’s CIO and Chief Data Officer.
- Key collaborators for this role will include the Australian Cyber Security Centre, the Department of Home Affairs, ASIC, and the Reserve Bank of Australia.
Background Information
The Australian Prudential Regulation Authority (APRA) has recently begun the search for a new Chief Information Security Officer (CISO). This essential position will be central to managing and strengthening cybersecurity practices at the regulatory body, addressing both strategic and operational objectives. This initiative highlights the growing significance of cybersecurity within the financial sector, especially as cyber threats evolve and increase in frequency.
APRA’s Cybersecurity Evolution
APRA, together with the Australian Securities and Investments Commission (ASIC), has recently secured around $130 million in funding to enhance its cybersecurity capacities over the next four years. This financial commitment reflects the increasing demand for strong cybersecurity systems within Australia’s financial regulatory environment.
Notably, this recruitment marks the first time APRA has sought a C-level security leader since May 2022, when the former Chief Security Officer (CSO) Mikhail Lopushanski moved on to Heritage Bank. During Lopushanski’s time, the CSO role was part of APRA’s organizational structure, but it has since been missing from recent organizational layouts. This absence raises concerns regarding the leadership and management of cybersecurity efforts during the interim.
Position and Duties
The new CISO will hold substantial responsibilities, including improving security governance, information security protocols, and staff vetting processes. This role also encompasses the monitoring and response to cybersecurity threats and incidents through APRA’s Security Operations Centre.
The CISO will collaborate closely with APRA’s Chief Information Officer (CIO) Rogier Roelofs and Chief Data Officer (CDO) Andy Robertson. The job listing specifies that the role requires “significant leadership capability to connect and collaborate with key stakeholders, driving transformational change and enhancing team and external capabilities.” These stakeholders include leading agencies such as the Australian Cyber Security Centre, the Department of Home Affairs, ASIC, and the Reserve Bank of Australia.
Importance of This Development
Cybersecurity remains a vital concern for financial regulators like APRA, given the sensitive data they manage. The recent $130 million funding indicates the Australian government’s dedication to protecting the financial sector from cyber threats. As cyberattacks grow more prevalent and complex, the role of the CISO will be essential in ensuring APRA’s defenses against potential breaches.
Additionally, the new CISO is expected to be instrumental in influencing the future of Australia’s cybersecurity environment. By working in tandem with various government agencies and financial institutions, the CISO will contribute to the establishment of best practices and protocols that may impact the broader industry.
Conclusion
APRA is actively in search of a new Chief Information Security Officer to oversee its cybersecurity strategies and processes. This initiative follows a significant $130 million investment into cybersecurity by APRA and ASIC, highlighting the increasing importance of effective cybersecurity measures in Australia’s financial ecosystem. The CISO will work alongside key stakeholders, including government entities, to maintain APRA’s resilience against cyber threats.
Q: Why is APRA looking for a new CISO at this time?
A: APRA is seeking a new CISO to strengthen its cybersecurity framework following a $130 million investment in cybersecurity projects. This decision also comes after a period without a C-level security leader since May 2022.
Q: What will be the new CISO’s responsibilities?
A: The new CISO will be charged with upholding and advancing APRA’s cybersecurity policies on both strategic and operational levels. This encompasses security governance, information protection, staff vetting processes, and monitoring/responding to security threats.
Q: With whom will the CISO collaborate?
A: The CISO will coordinate closely with APRA’s CIO Rogier Roelofs and Chief Data Officer Andy Robertson. Additionally, they will engage with key stakeholders such as the Australian Cyber Security Centre, the Department of Home Affairs, ASIC, and the Reserve Bank of Australia.
Q: What is the significance of the $130 million funding?
A: The $130 million funding obtained by APRA and ASIC represents a significant investment intended to strengthen cybersecurity capabilities over the next four years. This financial support emphasizes the critical role of cybersecurity in the financial sector and the government’s commitment to protecting it from evolving cyber threats.