{"id":1394,"date":"2020-08-02T09:31:00","date_gmt":"2020-08-02T09:31:00","guid":{"rendered":"https:\/\/contentsecurity.com.au\/?p=1394"},"modified":"2020-09-30T05:02:34","modified_gmt":"2020-09-30T05:02:34","slug":"how-to-comply-with-cps-234-steps-you-need-to-know","status":"publish","type":"post","link":"https:\/\/contentsecurity.com.au\/how-to-comply-with-cps-234-steps-you-need-to-know\/","title":{"rendered":"How to comply with CPS 234: steps you need to know"},"content":{"rendered":"\t\t<div data-elementor-type=\"wp-post\" data-elementor-id=\"1394\" class=\"elementor elementor-1394\">\n\t\t\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-d269d13 elementor-section-boxed elementor-section-height-default elementor-section-height-default parallax_section_no qode_elementor_container_no\" data-id=\"d269d13\" data-element_type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-50 elementor-top-column elementor-element elementor-element-6136ebe\" data-id=\"6136ebe\" data-element_type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-7e7226f elementor-widget elementor-widget-text-editor\" data-id=\"7e7226f\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<h3><span style=\"color: #3366ff;\">Financial services entities under APRA\u2019s supervision initially needed to comply with CPS 234 by June 1st 2020, but they have announced revised commencement dates across a number of industry proposals. <\/span><\/h3><h3>\u00a0<\/h3><h3><span style=\"color: #3366ff;\">APRA-regulated entities have now been given a six-month extension to comply with CPS 234 by January 1st 2021 (available on a case-by-case basis).<br \/><\/span><\/h3>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-6987aa2 elementor-widget elementor-widget-text-editor\" data-id=\"6987aa2\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<h2>What is CPS 234?<\/h2>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-678e871 elementor-widget elementor-widget-text-editor\" data-id=\"678e871\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p>The main objective of the standard is to minimise both the likelihood and the impact of information security (IS) incidents on information assets, including those managed by related parties or third parties.<\/p><p>As the financial services regulator, APRA is responsible for ensuring the financial system is stable. More specifically, it wants to make sure that promises are kept &#8211; meaning, it wants to give you assurance that:<\/p><ul><li>Your banked money is safe;<\/li><li>Insurers can satisfy your claims; and<\/li><li>Your super fund is well managed.<\/li><\/ul>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-6df82fa elementor-widget elementor-widget-text-editor\" data-id=\"6df82fa\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<h2>What effect does CPS 234 have on information security?<\/h2>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-bc6f13a elementor-widget elementor-widget-text-editor\" data-id=\"bc6f13a\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p>CPS 234 is very significant for Information Security (IS) in Australia.\u00a0<span style=\"background-color: #ffffff; color: var( --e-global-color-text );\">By obligating companies to comply with CPS 234, APRA explicitly recognises that for companies to act in a prudent manner in managing your money they must build resilience against IS incidents.<\/span><\/p><p>This is especially important when you consider that the average cost of a data breach in Australia is just over $2.5 million. Moreover, The Office of the Australian Information Commissioner\u2019s (OAIC) Notifiable Data Breaches Report: January &#8211; June 2020 identified that finance is the second highest reporting industry sector, comprising 14% of all breaches. Of that proportion, 59% resulted from malicious attack and 33% from human error.\u00a0<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-29c2def elementor-widget elementor-widget-text-editor\" data-id=\"29c2def\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<h4>Enforcement<\/h4>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-f9659cb elementor-widget elementor-widget-text-editor\" data-id=\"f9659cb\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\tWithin the CPS 234 objectives, it is explicitly stated that:\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-afbd8c3 elementor-widget elementor-widget-text-editor\" data-id=\"afbd8c3\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<h3>&#8220;The Board of an APRA-regulated entity is ultimately responsible for Information Security.&#8221;<\/h3>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-932eea9 elementor-widget elementor-widget-text-editor\" data-id=\"932eea9\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p>APRA addressed this by updating its enforcement strategy, prompted in part by the Royal Commission into misconduct in the Banking, Superannuation and Financial Services Industry. They have a range of formal and non-formal enforcement tools at their disposal.<\/p><p>Non-formal approaches include working in cooperation with companies to identify and rectify problems before they threaten the ability of that company to meet its promises. However, APRA is prepared to take enforcement action when appropriate \u2013 including court-based action or directing companies to take or cease particular actions.<\/p><p>They are willing to set public examples to deter unacceptable practices, but generally, their enforcement strategy favours a risk based, deterrence approach.<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-5963bcc elementor-widget elementor-widget-text-editor\" data-id=\"5963bcc\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<h2>5 Steps to complying with CPS 234\u00a0<\/h2>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-d59cd09 elementor-widget elementor-widget-text-editor\" data-id=\"d59cd09\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<h3>1. Align CPS 234 With Your Overall Information Security Strategy.<\/h3><p>First consider CPS 234 compliance in relation to their overall IS requirements and strategy. APRA has a number of standards and guidelines related to IS, so CPS 234 activities can be considered alongside CPS 220 &#8211; risk management requirements, CPS 231 &#8211; outsourcing, or CPG 235 &#8211; managing data risk.<\/p><p>Next look at your IS statutory, regulations, and contractual obligations. We worked with a financial services company who needed to comply with CPS 234. They were also processing credit card data, and therefore had PCI DSS obligations. In addition, they wanted to become ISO 27001 certified. In tackling these two standards, they could essentially comply with CPS 234. Ensure you consider your requirements, which could include:<\/p><ul><li>CPS 234.<\/li><li>The Privacy Act, including the Notifiable Data Breaches amendment.<\/li><li>SOC.<\/li><li>PCI DSS.<\/li><li>ISO 27001.<\/li><li>ACSC&#8217;s ISM (if you are working with Federal Government).<\/li><\/ul>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-73262bb elementor-widget elementor-widget-text-editor\" data-id=\"73262bb\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p>Don\u2019t segment your approach. Security is more than compliance. Consider all that is on your plate, and place CPS 234 activities within this overall context.<\/p><p>If you feel you do not have the necessary processes in place, you might want to conduct a Cybersecurity Review to gauge the scope of exactly what is needed to arrive at your desired state. We can assist you in conducting a Gap Analysis. For more information, please contact us.<\/p><h3>2. Ensure Good Governance and Communication of Roles and Responsibilities.<\/h3><p>IS governance guides, controls and as specifies an accountability and responsibility framework. Companies need an IS policy framework i.e. policies, standards, guidelines and procedures, to communicate board directives to all relevant parties.<\/p><h3>3. Information Asset Identification and Classification<\/h3><p>An information asset refers to information and information technology, including hardware, software and data. Assets should be classified by criticality and sensitivity. Classification is a pre-requisite for ensuring security spend is cost-effective and achieving a positive return on your security investment.<\/p><p>This can be a major undertaking. We certainly recommend organisations consider following the CPG 235 guidance in this area as earlier suggested. CPG 235 guidance provides a holistic, risk-based approach in governing how your data is managed.<\/p><h3>4. IS Capability; Implementation, Testing and Monitoring of Controls<\/h3>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-e26e865 elementor-widget elementor-widget-text-editor\" data-id=\"e26e865\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p>If you are the CISO of a company managing any of the information assets of a financial services company, expect an IS capability assessment to come your way:<\/p><p>\u201cAn APRA-regulated entity must maintain an IS capability commensurate with the size and extent of threats to its information assets. Where information assets are managed by a related party or third party, the APRA-regulated entity must assess the information security capability of that party&#8230;&#8221;<\/p><p>To actively maintain your IS capability within an evolving threat-landscape, you must implement protection controls and regularly test the ongoing effectiveness of these controls. Remember, you know the value, sensitivity and criticality of your information assets, and these controls will be commensurate with the vulnerabilities and threats to these assets.<\/p><p>Control effectiveness needs a systematic testing program, which itself must be reviewed for sufficiency at least annually. Now your internal auditors will review the design and operating effectiveness of controls, but make sure the necessary evidence can be provided.<\/p><h3>5. Incident Management<\/h3><p>IS was previously heavily focused on defence-in-depth strategies to &#8220;defend the perimeter&#8221;. This is still necessary, but no longer sufficient. There has been a change in mindset in recent years towards a greater emphasis on incident detection and response, and this is reflected in CPS 234.<\/p><p>The reality today is that a significant data breach at a financial services company is almost certainly a question of when, not if. Major breaches are forcing companies out of business and robust mechanisms must therefore be put in place to detect and respond in a timely manner.<\/p><p>Few organisations really understand their \u2018state of readiness\u2019 to respond to a cyber security incident, particularly a serious cyber security attack. CPS 234 states that companies must annually review and test its incident response plans to ensure they remain effective.<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-e827eef elementor-widget elementor-widget-text-editor\" data-id=\"e827eef\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<h3>We conduct Breach Readiness Assessments and have tiered Incident Response retainers that can be scaled to your business needs. For more information, get in contact with us.<\/h3>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-866ce40 elementor-widget elementor-widget-text-editor\" data-id=\"866ce40\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<h4>APRA Notification<\/h4><p>The notifiable data breaches extension to the privacy act came into force in February 2018, whereby companies subject to the Privacy Act are obligated to notify the Information Commissioner and impacted parties of a privacy breach. CPS 234 takes this a step further. Financial services companies must: &#8220;notify APRA as soon as possible and, in any case, no later than 72 hours, after becoming aware of an information security incident.\u201d<\/p><p>This is any incident that compromises the confidentiality, integrity or availability of information assets, not just privacy breaches.<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<section class=\"elementor-section elementor-inner-section elementor-element elementor-element-6985043 elementor-section-boxed elementor-section-height-default elementor-section-height-default parallax_section_no qode_elementor_container_no elementor-invisible\" data-id=\"6985043\" data-element_type=\"section\" data-settings=\"{&quot;animation&quot;:&quot;fadeInDown&quot;}\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-inner-column elementor-element elementor-element-be8add3\" data-id=\"be8add3\" data-element_type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-185f4ad9 elementor-widget elementor-widget-heading\" data-id=\"185f4ad9\" data-element_type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<h2 class=\"elementor-heading-title elementor-size-default\">For more information please  contact our cybersecurity professionals today. <\/h2>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-4d082d24 elementor-align-left elementor-icon-list--layout-inline elementor-list-item-link-inline elementor-mobile-align-left elementor-widget elementor-widget-icon-list\" data-id=\"4d082d24\" data-element_type=\"widget\" data-widget_type=\"icon-list.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<ul class=\"elementor-icon-list-items elementor-inline-items\">\n\t\t\t\t\t\t\t<li class=\"elementor-icon-list-item elementor-inline-item\">\n\t\t\t\t\t\t\t\t\t\t\t<a href=\"tel:1300659964\" target=\"_blank\">\n\n\t\t\t\t\t\t\t\t\t\t\t\t<span class=\"elementor-icon-list-icon\">\n\t\t\t\t\t\t\t<i aria-hidden=\"true\" class=\"fas fa-phone\"><\/i>\t\t\t\t\t\t<\/span>\n\t\t\t\t\t\t\t\t\t\t<span class=\"elementor-icon-list-text\"><h3>Call 1300 659 964<\/h3><\/span>\n\t\t\t\t\t\t\t\t\t\t\t<\/a>\n\t\t\t\t\t\t\t\t\t<\/li>\n\t\t\t\t\t\t\t\t<li class=\"elementor-icon-list-item elementor-inline-item\">\n\t\t\t\t\t\t\t\t\t\t\t<a href=\"https:\/\/www.contentsecurity.com.au\/contact\">\n\n\t\t\t\t\t\t\t\t\t\t\t\t<span class=\"elementor-icon-list-icon\">\n\t\t\t\t\t\t\t<i aria-hidden=\"true\" class=\"fas fa-mouse-pointer\"><\/i>\t\t\t\t\t\t<\/span>\n\t\t\t\t\t\t\t\t\t\t<span class=\"elementor-icon-list-text\"><h3>Send us a message<\/h3><\/span>\n\t\t\t\t\t\t\t\t\t\t\t<\/a>\n\t\t\t\t\t\t\t\t\t<\/li>\n\t\t\t\t\t\t<\/ul>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<div class=\"elementor-element elementor-element-3344212 elementor-widget-divider--view-line elementor-widget elementor-widget-divider\" data-id=\"3344212\" data-element_type=\"widget\" data-widget_type=\"divider.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<div class=\"elementor-divider\">\n\t\t\t<span class=\"elementor-divider-separator\">\n\t\t\t\t\t\t<\/span>\n\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-ebbce5f elementor-widget elementor-widget-heading\" data-id=\"ebbce5f\" data-element_type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<h4 class=\"elementor-heading-title elementor-size-default\">Recent news<\/h4>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-c76fd63 elementor-widget elementor-widget-bridge_latest_posts\" data-id=\"c76fd63\" data-element_type=\"widget\" data-widget_type=\"bridge_latest_posts.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\n<div class='latest_post_holder boxes three_columns one_row' >\n    <ul>\n    \n        <li class=\"clearfix\">\n            <div class=\"boxes_image\">\n                                <a itemprop=\"url\" href=\"https:\/\/contentsecurity.com.au\/enhancing-ot-security-strategies\/\"><img fetchpriority=\"high\" decoding=\"async\" width=\"539\" height=\"303\" src=\"https:\/\/contentsecurity.com.au\/wp-content\/uploads\/2024\/04\/CS-Web-banner-OT-Security-539x303.jpg\" class=\"attachment-latest_post_boxes size-latest_post_boxes wp-post-image\" alt=\"\" \/><\/a>\n            <\/div>\n            <div class=\"latest_post\"  >\n                <div class=\"latest_post_text\">\n                    <div class=\"latest_post_inner\">\n                        <div class=\"latest_post_text_inner\">\n                            <h5 itemprop=\"name\" class=\"latest_post_title entry_title\"><a itemprop=\"url\" href=\"https:\/\/contentsecurity.com.au\/enhancing-ot-security-strategies\/\">Key Strategies and Best Practices for Enhancing OT Security<\/a><\/h5>\n                            \n                            <span class=\"post_infos\">\n                                                                                                \n                                \n                                                            <\/span>\n                        <\/div>\n                    <\/div>\n                <\/div>\n            <\/div>\n        <\/li>\n    \n        <li class=\"clearfix\">\n            <div class=\"boxes_image\">\n                                <a itemprop=\"url\" href=\"https:\/\/contentsecurity.com.au\/shifting-from-detection-to-proactive-prevention-strategies-in-cybersecurity-risk-management\/\"><img decoding=\"async\" width=\"539\" height=\"303\" src=\"https:\/\/contentsecurity.com.au\/wp-content\/uploads\/2024\/03\/BlogBan-Shifting-from-Detection-to-Proactive-Prevention-Strategies-in-Cybersecurity-Risk-Management-539x303.png\" class=\"attachment-latest_post_boxes size-latest_post_boxes wp-post-image\" alt=\"\" \/><\/a>\n            <\/div>\n            <div class=\"latest_post\"  >\n                <div class=\"latest_post_text\">\n                    <div class=\"latest_post_inner\">\n                        <div class=\"latest_post_text_inner\">\n                            <h5 itemprop=\"name\" class=\"latest_post_title entry_title\"><a itemprop=\"url\" href=\"https:\/\/contentsecurity.com.au\/shifting-from-detection-to-proactive-prevention-strategies-in-cybersecurity-risk-management\/\">Shifting from Detection to Proactive Prevention Strategies in Cybersecurity Risk Management\u00a0\u00a0<\/a><\/h5>\n                            \n                            <span class=\"post_infos\">\n                                                                                                \n                                \n                                                            <\/span>\n                        <\/div>\n                    <\/div>\n                <\/div>\n            <\/div>\n        <\/li>\n    \n        <li class=\"clearfix\">\n            <div class=\"boxes_image\">\n                                <a itemprop=\"url\" href=\"https:\/\/contentsecurity.com.au\/a-comprehensive-guide-to-third-party-risk-management\/\"><img decoding=\"async\" width=\"539\" height=\"303\" src=\"https:\/\/contentsecurity.com.au\/wp-content\/uploads\/2024\/02\/a-comprehensive-guide-to-third-party-risk-management-539x303.jpg\" class=\"attachment-latest_post_boxes size-latest_post_boxes wp-post-image\" alt=\"\" \/><\/a>\n            <\/div>\n            <div class=\"latest_post\"  >\n                <div class=\"latest_post_text\">\n                    <div class=\"latest_post_inner\">\n                        <div class=\"latest_post_text_inner\">\n                            <h5 itemprop=\"name\" class=\"latest_post_title entry_title\"><a itemprop=\"url\" href=\"https:\/\/contentsecurity.com.au\/a-comprehensive-guide-to-third-party-risk-management\/\">A Comprehensive Guide to Third Party Risk Management (TPRM)<\/a><\/h5>\n                            \n                            <span class=\"post_infos\">\n                                                                                                \n                                \n                                                            <\/span>\n                        <\/div>\n                    <\/div>\n                <\/div>\n            <\/div>\n        <\/li>\n        <\/ul>\n<\/div>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t<div class=\"elementor-column elementor-col-50 elementor-top-column elementor-element elementor-element-05ff5b6\" data-id=\"05ff5b6\" data-element_type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-75e98c2 elementor-widget elementor-widget-sidebar\" data-id=\"75e98c2\" data-element_type=\"widget\" data-widget_type=\"sidebar.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<div id=\"search-2\" class=\"widget widget_search\"><form role=\"search\" method=\"get\" id=\"searchform\" action=\"https:\/\/contentsecurity.com.au\/\">\n    <div><label class=\"screen-reader-text\" for=\"s\">Search for:<\/label>\n        <input type=\"text\" value=\"\" placeholder=\"Search Here\" name=\"s\" id=\"s\" \/>\n        <input type=\"submit\" id=\"searchsubmit\" value=\"&#xf002\" \/>\n    <\/div>\n<\/form><\/div><div class=\"widget qode_latest_posts_widget\"><h5>Latest posts<\/h5>\n<div class='latest_post_holder image_in_box  ' >\n    <ul>\n    \n        <li class=\"clearfix\">\n            <div class=\"latest_post\"  >\n                <div class=\"latest_post_image clearfix\">\n                    <a itemprop=\"url\" href=\"https:\/\/contentsecurity.com.au\/enhancing-ot-security-strategies\/\">\n                                                <img decoding=\"async\" itemprop=\"image\" src=\"https:\/\/contentsecurity.com.au\/wp-content\/uploads\/2024\/04\/CS-Web-banner-OT-Security-150x150.jpg\" alt=\"\" \/>\n                    <\/a>\n                <\/div>\n\n\n                <div class=\"latest_post_text\">\n                    <div class=\"latest_post_inner\">\n                        <div class=\"latest_post_text_inner\">\n                            <h5 itemprop=\"name\" class=\"latest_post_title entry_title\"><a itemprop=\"url\" href=\"https:\/\/contentsecurity.com.au\/enhancing-ot-security-strategies\/\">Key Strategies and Best Practices for Enhancing OT Security<\/a><\/h5>\n                            \n                            <span class=\"post_infos\">\n                                                                    <span class=\"date_hour_holder\">\n                                        <span itemprop=\"dateCreated\" class=\"date entry_date updated\">05 April, 2024 <meta itemprop=\"interactionCount\" content=\"UserComments: 0\"\/><\/span>\n                                    <\/span>\n                                \n                                \n                                \n                                \n                                                            <\/span>\n                        <\/div>\n                    <\/div>\n                <\/div>\n            <\/div>\n        <\/li>\n        \n        <li class=\"clearfix\">\n            <div class=\"latest_post\"  >\n                <div class=\"latest_post_image clearfix\">\n                    <a itemprop=\"url\" href=\"https:\/\/contentsecurity.com.au\/shifting-from-detection-to-proactive-prevention-strategies-in-cybersecurity-risk-management\/\">\n                                                <img decoding=\"async\" itemprop=\"image\" src=\"https:\/\/contentsecurity.com.au\/wp-content\/uploads\/2024\/03\/BlogBan-Shifting-from-Detection-to-Proactive-Prevention-Strategies-in-Cybersecurity-Risk-Management-150x150.png\" alt=\"\" \/>\n                    <\/a>\n                <\/div>\n\n\n                <div class=\"latest_post_text\">\n                    <div class=\"latest_post_inner\">\n                        <div class=\"latest_post_text_inner\">\n                            <h5 itemprop=\"name\" class=\"latest_post_title entry_title\"><a itemprop=\"url\" href=\"https:\/\/contentsecurity.com.au\/shifting-from-detection-to-proactive-prevention-strategies-in-cybersecurity-risk-management\/\">Shifting from Detection to Proactive Prevention Strategies in Cybersecurity Risk Management\u00a0\u00a0<\/a><\/h5>\n                            \n                            <span class=\"post_infos\">\n                                                                    <span class=\"date_hour_holder\">\n                                        <span itemprop=\"dateCreated\" class=\"date entry_date updated\">15 March, 2024 <meta itemprop=\"interactionCount\" content=\"UserComments: 0\"\/><\/span>\n                                    <\/span>\n                                \n                                \n                                \n                                \n                                                            <\/span>\n                        <\/div>\n                    <\/div>\n                <\/div>\n            <\/div>\n        <\/li>\n        \n        <li class=\"clearfix\">\n            <div class=\"latest_post\"  >\n                <div class=\"latest_post_image clearfix\">\n                    <a itemprop=\"url\" href=\"https:\/\/contentsecurity.com.au\/a-comprehensive-guide-to-third-party-risk-management\/\">\n                                                <img decoding=\"async\" itemprop=\"image\" src=\"https:\/\/contentsecurity.com.au\/wp-content\/uploads\/2024\/02\/a-comprehensive-guide-to-third-party-risk-management-150x150.jpg\" alt=\"\" \/>\n                    <\/a>\n                <\/div>\n\n\n                <div class=\"latest_post_text\">\n                    <div class=\"latest_post_inner\">\n                        <div class=\"latest_post_text_inner\">\n                            <h5 itemprop=\"name\" class=\"latest_post_title entry_title\"><a itemprop=\"url\" href=\"https:\/\/contentsecurity.com.au\/a-comprehensive-guide-to-third-party-risk-management\/\">A Comprehensive Guide to Third Party Risk Management (TPRM)<\/a><\/h5>\n                            \n                            <span class=\"post_infos\">\n                                                                    <span class=\"date_hour_holder\">\n                                        <span itemprop=\"dateCreated\" class=\"date entry_date updated\">26 February, 2024 <meta itemprop=\"interactionCount\" content=\"UserComments: 0\"\/><\/span>\n                                    <\/span>\n                                \n                                \n                                \n                                \n                                                            <\/span>\n                        <\/div>\n                    <\/div>\n                <\/div>\n            <\/div>\n        <\/li>\n        \n        <li class=\"clearfix\">\n            <div class=\"latest_post\"  >\n                <div class=\"latest_post_image clearfix\">\n                    <a itemprop=\"url\" href=\"https:\/\/contentsecurity.com.au\/guide-to-securing-enterprises-from-deceptive-qr-codes\/\">\n                                                <img decoding=\"async\" itemprop=\"image\" src=\"https:\/\/contentsecurity.com.au\/wp-content\/uploads\/2024\/02\/CS_Web_banners_Qrishing-Guide-for-Enterprises-150x150.jpg\" alt=\"\" \/>\n                    <\/a>\n                <\/div>\n\n\n                <div class=\"latest_post_text\">\n                    <div class=\"latest_post_inner\">\n                        <div class=\"latest_post_text_inner\">\n                            <h5 itemprop=\"name\" class=\"latest_post_title entry_title\"><a itemprop=\"url\" href=\"https:\/\/contentsecurity.com.au\/guide-to-securing-enterprises-from-deceptive-qr-codes\/\">Understanding and Countering QRishing \u2013 A Guide to Securing Enterprises from Deceptive QR Codes\u00a0<\/a><\/h5>\n                            \n                            <span class=\"post_infos\">\n                                                                    <span class=\"date_hour_holder\">\n                                        <span itemprop=\"dateCreated\" class=\"date entry_date updated\">07 February, 2024 <meta itemprop=\"interactionCount\" content=\"UserComments: 0\"\/><\/span>\n                                    <\/span>\n                                \n                                \n                                \n                                \n                                                            <\/span>\n                        <\/div>\n                    <\/div>\n                <\/div>\n            <\/div>\n        <\/li>\n        \n        <li class=\"clearfix\">\n            <div class=\"latest_post\"  >\n                <div class=\"latest_post_image clearfix\">\n                    <a itemprop=\"url\" href=\"https:\/\/contentsecurity.com.au\/what-should-you-look-for-in-a-premium-soc-service\/\">\n                                                <img decoding=\"async\" itemprop=\"image\" src=\"https:\/\/contentsecurity.com.au\/wp-content\/uploads\/2024\/01\/CS_Web_banners_Premium_SOC_Service-150x150.jpg\" alt=\"\" \/>\n                    <\/a>\n                <\/div>\n\n\n                <div class=\"latest_post_text\">\n                    <div class=\"latest_post_inner\">\n                        <div class=\"latest_post_text_inner\">\n                            <h5 itemprop=\"name\" class=\"latest_post_title entry_title\"><a itemprop=\"url\" href=\"https:\/\/contentsecurity.com.au\/what-should-you-look-for-in-a-premium-soc-service\/\">Unveiling the Secrets: What Should You Look for in a Premium SOC Service?<\/a><\/h5>\n                            \n                            <span class=\"post_infos\">\n                                                                    <span class=\"date_hour_holder\">\n                                        <span itemprop=\"dateCreated\" class=\"date entry_date updated\">12 January, 2024 <meta itemprop=\"interactionCount\" content=\"UserComments: 0\"\/><\/span>\n                                    <\/span>\n                                \n                                \n                                \n                                \n                                                            <\/span>\n                        <\/div>\n                    <\/div>\n                <\/div>\n            <\/div>\n        <\/li>\n        \n    <\/ul>\n<\/div><\/div><div id=\"text-8\" class=\"widget widget_text\"><h5>Archives<\/h5>\t\t\t<div class=\"textwidget\"><p><a href=\"https:\/\/contentsecurity.com.au\/archive\">View the news archives<\/a><\/p>\n<\/div>\n\t\t<\/div>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>\n\t\t","protected":false},"excerpt":{"rendered":"<p>Financial services entities under APRA\u2019s supervision initially needed to comply with CPS 234 by June 1st 2020, but they have announced revised commencement dates across a number of industry proposals. &nbsp; APRA-regulated entities have now been given a six-month extension to comply with CPS 234&#8230;<\/p>\n","protected":false},"author":5,"featured_media":1395,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v20.10 (Yoast SEO v22.6) - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>How to comply with CPS 234: steps you need to know - contentsecurity.com.au<\/title>\n<meta name=\"description\" content=\"Financial service entities now have until January 1st 2021 to comply with the CPS 234 But what are the steps to compliance?\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/contentsecurity.com.au\/how-to-comply-with-cps-234-steps-you-need-to-know\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"How to comply with CPS 234: steps you need to know\" \/>\n<meta property=\"og:description\" content=\"Financial service entities now have until January 1st 2021 to comply with the CPS 234 But what are the steps to compliance?\" \/>\n<meta property=\"og:url\" content=\"https:\/\/contentsecurity.com.au\/how-to-comply-with-cps-234-steps-you-need-to-know\/\" \/>\n<meta property=\"og:site_name\" content=\"contentsecurity.com.au\" \/>\n<meta property=\"article:published_time\" content=\"2020-08-02T09:31:00+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2020-09-30T05:02:34+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/contentsecurity.com.au\/wp-content\/uploads\/2020\/09\/custom_resized_4f61b473-044f-43d2-a94a-6cafc025d2ae.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1024\" \/>\n\t<meta property=\"og:image:height\" content=\"683\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Mark Ratcliffe\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Mark Ratcliffe\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"6 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/contentsecurity.com.au\/how-to-comply-with-cps-234-steps-you-need-to-know\/\",\"url\":\"https:\/\/contentsecurity.com.au\/how-to-comply-with-cps-234-steps-you-need-to-know\/\",\"name\":\"How to comply with CPS 234: steps you need to know - contentsecurity.com.au\",\"isPartOf\":{\"@id\":\"https:\/\/contentsecurity.com.au\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/contentsecurity.com.au\/how-to-comply-with-cps-234-steps-you-need-to-know\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/contentsecurity.com.au\/how-to-comply-with-cps-234-steps-you-need-to-know\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/contentsecurity.com.au\/wp-content\/uploads\/2020\/09\/custom_resized_4f61b473-044f-43d2-a94a-6cafc025d2ae.jpg\",\"datePublished\":\"2020-08-02T09:31:00+00:00\",\"dateModified\":\"2020-09-30T05:02:34+00:00\",\"author\":{\"@id\":\"https:\/\/contentsecurity.com.au\/#\/schema\/person\/b6a7204ba0c576d69a5cc87576654bc1\"},\"description\":\"Financial service entities now have until January 1st 2021 to comply with the CPS 234 But what are the steps to compliance?\",\"breadcrumb\":{\"@id\":\"https:\/\/contentsecurity.com.au\/how-to-comply-with-cps-234-steps-you-need-to-know\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/contentsecurity.com.au\/how-to-comply-with-cps-234-steps-you-need-to-know\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/contentsecurity.com.au\/how-to-comply-with-cps-234-steps-you-need-to-know\/#primaryimage\",\"url\":\"https:\/\/contentsecurity.com.au\/wp-content\/uploads\/2020\/09\/custom_resized_4f61b473-044f-43d2-a94a-6cafc025d2ae.jpg\",\"contentUrl\":\"https:\/\/contentsecurity.com.au\/wp-content\/uploads\/2020\/09\/custom_resized_4f61b473-044f-43d2-a94a-6cafc025d2ae.jpg\",\"width\":1024,\"height\":683,\"caption\":\"comply with cps 234\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/contentsecurity.com.au\/how-to-comply-with-cps-234-steps-you-need-to-know\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/contentsecurity.com.au\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"How to comply with CPS 234: steps you need to know\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/contentsecurity.com.au\/#website\",\"url\":\"https:\/\/contentsecurity.com.au\/\",\"name\":\"contentsecurity.com.au\",\"description\":\"Strengthen your defences with our proven cyber security strategies\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/contentsecurity.com.au\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/contentsecurity.com.au\/#\/schema\/person\/b6a7204ba0c576d69a5cc87576654bc1\",\"name\":\"Mark Ratcliffe\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/contentsecurity.com.au\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/7de65d311e04df860a3d4771de92e70d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/7de65d311e04df860a3d4771de92e70d?s=96&d=mm&r=g\",\"caption\":\"Mark Ratcliffe\"},\"url\":\"https:\/\/contentsecurity.com.au\/author\/markratcliffe\/\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"How to comply with CPS 234: steps you need to know - contentsecurity.com.au","description":"Financial service entities now have until January 1st 2021 to comply with the CPS 234 But what are the steps to compliance?","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/contentsecurity.com.au\/how-to-comply-with-cps-234-steps-you-need-to-know\/","og_locale":"en_US","og_type":"article","og_title":"How to comply with CPS 234: steps you need to know","og_description":"Financial service entities now have until January 1st 2021 to comply with the CPS 234 But what are the steps to compliance?","og_url":"https:\/\/contentsecurity.com.au\/how-to-comply-with-cps-234-steps-you-need-to-know\/","og_site_name":"contentsecurity.com.au","article_published_time":"2020-08-02T09:31:00+00:00","article_modified_time":"2020-09-30T05:02:34+00:00","og_image":[{"width":1024,"height":683,"url":"https:\/\/contentsecurity.com.au\/wp-content\/uploads\/2020\/09\/custom_resized_4f61b473-044f-43d2-a94a-6cafc025d2ae.jpg","type":"image\/jpeg"}],"author":"Mark Ratcliffe","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Mark Ratcliffe","Est. reading time":"6 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/contentsecurity.com.au\/how-to-comply-with-cps-234-steps-you-need-to-know\/","url":"https:\/\/contentsecurity.com.au\/how-to-comply-with-cps-234-steps-you-need-to-know\/","name":"How to comply with CPS 234: steps you need to know - contentsecurity.com.au","isPartOf":{"@id":"https:\/\/contentsecurity.com.au\/#website"},"primaryImageOfPage":{"@id":"https:\/\/contentsecurity.com.au\/how-to-comply-with-cps-234-steps-you-need-to-know\/#primaryimage"},"image":{"@id":"https:\/\/contentsecurity.com.au\/how-to-comply-with-cps-234-steps-you-need-to-know\/#primaryimage"},"thumbnailUrl":"https:\/\/contentsecurity.com.au\/wp-content\/uploads\/2020\/09\/custom_resized_4f61b473-044f-43d2-a94a-6cafc025d2ae.jpg","datePublished":"2020-08-02T09:31:00+00:00","dateModified":"2020-09-30T05:02:34+00:00","author":{"@id":"https:\/\/contentsecurity.com.au\/#\/schema\/person\/b6a7204ba0c576d69a5cc87576654bc1"},"description":"Financial service entities now have until January 1st 2021 to comply with the CPS 234 But what are the steps to compliance?","breadcrumb":{"@id":"https:\/\/contentsecurity.com.au\/how-to-comply-with-cps-234-steps-you-need-to-know\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/contentsecurity.com.au\/how-to-comply-with-cps-234-steps-you-need-to-know\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/contentsecurity.com.au\/how-to-comply-with-cps-234-steps-you-need-to-know\/#primaryimage","url":"https:\/\/contentsecurity.com.au\/wp-content\/uploads\/2020\/09\/custom_resized_4f61b473-044f-43d2-a94a-6cafc025d2ae.jpg","contentUrl":"https:\/\/contentsecurity.com.au\/wp-content\/uploads\/2020\/09\/custom_resized_4f61b473-044f-43d2-a94a-6cafc025d2ae.jpg","width":1024,"height":683,"caption":"comply with cps 234"},{"@type":"BreadcrumbList","@id":"https:\/\/contentsecurity.com.au\/how-to-comply-with-cps-234-steps-you-need-to-know\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/contentsecurity.com.au\/"},{"@type":"ListItem","position":2,"name":"How to comply with CPS 234: steps you need to know"}]},{"@type":"WebSite","@id":"https:\/\/contentsecurity.com.au\/#website","url":"https:\/\/contentsecurity.com.au\/","name":"contentsecurity.com.au","description":"Strengthen your defences with our proven cyber security strategies","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/contentsecurity.com.au\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/contentsecurity.com.au\/#\/schema\/person\/b6a7204ba0c576d69a5cc87576654bc1","name":"Mark Ratcliffe","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/contentsecurity.com.au\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/7de65d311e04df860a3d4771de92e70d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/7de65d311e04df860a3d4771de92e70d?s=96&d=mm&r=g","caption":"Mark Ratcliffe"},"url":"https:\/\/contentsecurity.com.au\/author\/markratcliffe\/"}]}},"_links":{"self":[{"href":"https:\/\/contentsecurity.com.au\/wp-json\/wp\/v2\/posts\/1394"}],"collection":[{"href":"https:\/\/contentsecurity.com.au\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/contentsecurity.com.au\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/contentsecurity.com.au\/wp-json\/wp\/v2\/users\/5"}],"replies":[{"embeddable":true,"href":"https:\/\/contentsecurity.com.au\/wp-json\/wp\/v2\/comments?post=1394"}],"version-history":[{"count":0,"href":"https:\/\/contentsecurity.com.au\/wp-json\/wp\/v2\/posts\/1394\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/contentsecurity.com.au\/wp-json\/wp\/v2\/media\/1395"}],"wp:attachment":[{"href":"https:\/\/contentsecurity.com.au\/wp-json\/wp\/v2\/media?parent=1394"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/contentsecurity.com.au\/wp-json\/wp\/v2\/categories?post=1394"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/contentsecurity.com.au\/wp-json\/wp\/v2\/tags?post=1394"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}