Customers are increasingly using digital channels to manage their finances and our people rely on technology to manage the day-to-day operations of our business. Protecting and managing data is critical to maintaining the trust and confidence of our stakeholders, and building the resilience of our business.
Suncorp has a suite of security technologies and processes in place to protect our customers and our organisation from data security threats. These are designed by a dedicated Security function within our Chief Information Office. The Technology Risk Management Committee provides oversight and visibility of cyber risk and ensures alignment with our risk appetite and broader Enterprise Risk Management Framework (ERMF).
Suncorp implements measures including robust firewall protection, automatic security features and real-time fraud monitoring to detect threats, and works closely with the banking industry, the Australian High-Tech Crime Centre and the Australian Federal Police. Our Fraud Detection Team ensures we respond immediately to suspicious account activity and provides early detection of potential cases of fraud. We are members of the Australian Computer Emergency Response Team (CERT Australia), which notifies companies of online criminal activity globally.
Suncorp has an established incident management plan that includes disaster recovery and business continuity. A dedicated Critical Incident Management team responds to and mitigates against critical IT incidents and the Suncorp Incident Response Team coordinates communications and response activities.
Suncorp’s Internal Audit team regularly conducts information and cyber security audits across operational, policy, and governance aspects. The Suncorp Board has ultimate responsibility for cyber security and cyber risks are reported to them at least quarterly through the Board Risk Committee.