Who proactively asks their software stack providers about security?
The results are in from ASIC's Cyber Pulse Survey, and the report has been released (12th November 2023). So much to unpack!
One of the points they make is around supply chain risk.
Without looking at the survey, I'm interested to know your thoughts on the percentage of advice firms that have already asked their software stack providers about the levels of security they have in place and can provide the evidence to show they did their DD.
What percentage do you think have this on file?
5 Replies
- jenny.brown
Advisely Board
Great point Fraser.Jack something I know we need to be more diligent about gathering, I would think less than 10% would have any evidence on file, hopefully I'm wrong.
- anne.graham
Advisely Board
Good question and I'd agree with jenny.brown
- deborah.kent
Advisely Board
Fraser, we have an external IT guy who has ensured that we have all the necessary programs in place for cyber security, he also provides us with due diligence on any providers doesn't mean he is always happy with the answers he gets, however having someone external is a good thing for us as we would not be looking at this all the time.
- siran.taylor
Iress Contributor
Foe those who are not aware, the Iress Community now has a self serve section in the Trust Centre Knowledge Base.
This is a great first port of call for locating any of the standard Due Diligence documentation regarding Xplan and Iress.
- roccomusumeciExploring Newcomer
I'm glad ASIC is keeping cybersecurity top of mind. Regarding supply chain risk, my guess is fewer than 20% of firms have proactively vetted their software vendors' security. Many see it as the vendor's responsibility. But we must take ownership too. If we don't ask the tough questions, we may be caught unaware. I think framing security reviews as collaborative partnerships, not interrogations, can open doors. Protecting client data is a shared priority.
Recent Discussions
🤓Xplan Hint: Speed up with Xtools+ scenario templates
Did you know you can create your own Xtools+ scenario templates—complete with assumptions, strategies, and even custom labels—ready to apply to multiple clients in seconds? If you find yourself bui...andrew.wilson12 days agoIress Contributor75Views3likes3Comments🤓 Xplan Hint: Shortcut your favourite menu items
Did you know you can add shortcuts to your favourite / most frequently used menu items to the navigation menu in Xplan? We know some menus in Xplan require several clicks to get to - you can create...courtney.youngblutt12 days agoIress Contributor36Views1like0CommentsAbility to make API calls using a Planner Central license
Hello All, I am currently working on a small internal improvement project with a paraplanning company accessing Xplan using a Planner Central license. We are contemplating making API calls to Xpl...michael.jacquin16 days agoValued Supporter106Views2likes8Comments