Safeguarding valuable assets

4 min read
4 min read

The continued focus on improving member experience and engagement levels by enhancing digital channels and straight through processing may leave the future of many members’ retirement accounts at risk unless we learn from recent events.

Historically, the super industry has been slower to adapt to technological changes than other industries, including managing cyber risk. This potentially leaves it open and vulnerable given the funds under management, digital innovation and transformation required to move the industry forward into the future. Therefore, it is imperative that cybersecurity is now prioritised as a business risk and not just seen as an IT risk, especially as we shift our focus to decumulation to ensure the industry delivers on its promise to protect and grow the retirement savings of Australians.

It’s everyone’s responsibility to protect member data

Minimising the risk of cyberattacks and fraud for super fund members must work in parallel to building market-leading digital channels.

Staying ahead of potential threats is embedded into the culture at Link Group Retirement & Superannuation Solutions (RSS). Our Analytical Link Exception Reporting Tool (ALERT), developed in 2018, has helped mitigate and prevent well over $70 million in fraud from member balances since its inception. Our philosophy is that it’s everyone’s responsibility to ensure greater protection of member data from beginning to end.

At Link Group we have a unique position in the industry in that we manage 1 in 3 super accounts and therefore have an enormous responsibility to protect more than 38 per cent of Australians’ future retirement savings. We pride ourselves on ensuring fund and member data is available, accurate and kept safe and secure every day – it is one of the most valuable assets we hold.

To ensure its protection, we have implemented a robust control framework and attained an ISO27001 accreditation – a well-recognised international standard for information security upheld throughout our organisation since 2015. This is a set of policies, procedures, standards and guidelines (Information Security Management System) that provides a systematic risk framework to help manage information security risks.

By embedding security into the DNA of our business, it has become muscle memory and a natural part of the way our people work. We feel confident in managing our security risks because everyone in the organisation is aware of our information security policies and procedures and regularly undertake comprehensive and practical training and awareness to stay vigilant.

It is not just about the technology controls that help protect us, but equally the people and processes that all play an important part in keeping member information and financial assets safe. This same commitment should be displayed throughout our industry and beyond to successfully mitigate the risk of a cyberattack and ensure we all remain resilient.

Security risk – moving from a prevention to resilience mindset

Prevention is important but having your people and organisation ready to act in the event of a successful data breach or disruptive cyberattack should be next on your priority list.

Some would say a breach is inevitable due to the increasing number of cyberattacks occurring each day, which is why it is vital to stress test your response capabilities on a regular basis to ensure everyone understands their role in the recovery process.

We encourage all organisations to understand their respective risks, regulatory and compliance responsibilities as well aim higher than baseline standards which should be seen as a starting point and not the destination for effective risk management.

For more on how you can successfully manage and recover from a data breach, don’t miss cyber security expert Troy Hunt’s session ‘Operationalising & communicating during a cyber attack’ at the ASFA 2023 Inspiring Excellence conference.

Picture of By David Cowan

By David Cowan

Chief Information Security Officer

More Reading

Understanding the Division 296 super tax
In-Depth In-Depth

Understanding the Division 296 super tax

Rebuilding trust and embracing disruption: Lessons from banking for superannuation
In-Depth In-Depth

Rebuilding trust and embracing disruption: Lessons from banking for superannuation

The confidence gap: building pathways to support better retirement decisions 
In-Depth In-Depth

The confidence gap: building pathways to support better retirement decisions 

Daniel Mulino MP

Assistant Treasurer and Minister for Financial Services

Sessions

Keynote 8 – Navigating the energy transition: opportunities, investor strategies and policy needs

Born in Brindisi, Italy, Daniel was a young child when he moved with his family to Australia. He grew up in Canberra and completed his first degrees – arts and law – at the ANU. He then completed a Master of Economics (University of Sydney) and a PhD in economics from Yale.

He lectured at Monash University, was an economic adviser in the Gillard government and was a Victorian MP from 2014 to 2018. As Parliamentary Secretary to the Treasurer of Victoria, Daniel helped deliver major infrastructure projects and developed innovative financing structures for community projects.

In 2018 he was preselected for the new federal seat of Fraser and became its first MP at the 2019 election, re-elected in 2022 and 2025. From 2022 to 2025, Daniel was chair of the House of Representatives’ Standing Economics Committee in which he chaired inquiries; economic dynamism, competition and business formation and insurers’ responses to 2022 major floods claims.

In 2025, he became the Assistant Treasurer and Minister for Financial Services.

In August 2022, Daniel published ‘Safety Net: The Future of Welfare in Australia’, which aims to explore the ways in which an insurance approach can improve the effectiveness of government service delivery.