Who proactively asks their software stack providers about security?
The results are in from ASIC's Cyber Pulse Survey, and the report has been released (12th November 2023). So much to unpack!
One of the points they make is around supply chain risk.
Without looking at the survey, I'm interested to know your thoughts on the percentage of advice firms that have already asked their software stack providers about the levels of security they have in place and can provide the evidence to show they did their DD.
What percentage do you think have this on file?
- roccomusumeciExploring Newcomer
I'm glad ASIC is keeping cybersecurity top of mind. Regarding supply chain risk, my guess is fewer than 20% of firms have proactively vetted their software vendors' security. Many see it as the vendor's responsibility. But we must take ownership too. If we don't ask the tough questions, we may be caught unaware. I think framing security reviews as collaborative partnerships, not interrogations, can open doors. Protecting client data is a shared priority.
- siran.taylor
Iress Contributor
Foe those who are not aware, the Iress Community now has a self serve section in the Trust Centre Knowledge Base.
This is a great first port of call for locating any of the standard Due Diligence documentation regarding Xplan and Iress.
- deborah.kent
Advisely Index Top 10
Fraser, we have an external IT guy who has ensured that we have all the necessary programs in place for cyber security, he also provides us with due diligence on any providers doesn't mean he is always happy with the answers he gets, however having someone external is a good thing for us as we would not be looking at this all the time.
- anne.graham
Advisely Index Top 10
Good question and I'd agree with jenny.brown
- jenny.brown
Advisely Board
Great point Fraser.Jack something I know we need to be more diligent about gathering, I would think less than 10% would have any evidence on file, hopefully I'm wrong.
Recent Discussions
Secure messaging between Xplan users
I've been asked about activating a Xplan instant messaging between users feature on our site but I'm not aware of this feature and cannot locate anything on this in Community. Apparently, it was avai...dianne.preece.08 hours agoCurious Observer49Views3likes8CommentsStart here: Let's introduce ourselves!
Welcome - we're so glad you've joined the Advisely community! đ Let's play a fun game and get to know each other better! đšī¸ The rules are simple: Find the latest comment and hit Reply, then c...Advisely-Team7 hours agoAdvisely Team126Views3likes4CommentsWhat did the Government do to understand the cost of the CSLR?
The advice profession has every reason to be furious about the handling of the CSLR legislation. My latest article sets out one more reason why that is the case. The Government is required, when in...Phil.Anderson4 days agoAdvisely Partner40Views2likes1Comment