In 2018, with the growth in Cyber Crime globally reaching losses of US$ 1.4 Trillion annually it is important to recognise that Australian Company Directors must comply with their legal obligations under the Corporations Act 2001. This is the case even if the director appoints an agent to look after the company’s affairs.

There are numerous and important legal responsibilities imposed on all Directors of Companies (Private & Public) under the Corporations Act 2001 and other laws, including the General Law.

Of these duties, some of the most significant in relation to the Cyber Security threat are:

  1. To act in good faith in the best interests of the company and its shareholders for a proper purpose.

  2. To exercise due care and diligence in the management of the company.

  3. To inform themselves about the subject matter to the extent they reasonably believe to be appropriate;

  4. To rationally believe that their judgment is in the best interests of the corporation.

Due Care is doing what a reasonable person would do in a given situation.

Due Diligence means providing demonstrated assurance that management is exercising adequate protection

of corporate assets, such as information and compliance with legal and contractual obligations.


Each decision of a director can be scrutinised against what could have been done to most benefit the company by that Director. Breaches of this duty allow a company to sue the Director for damages suffered.


Failure to provide Due Care and Due Diligence in terms of mitigation of the risk of the well publicised Cyber Attack landscape could find Directors in breach of their legal duties under the Act.


Password Management with Staff Education and ongoing Password Monitoring, is a simple, inexpensive, risk mitigation strategy that demonstrates solid Corporate Governance practices by  CEO’s and Directors. These ‘Best Practices’ activities  are supported evidentially by monthly password status reports and annual staff cyber awareness certifications.  As an independent 3rd party provider,  Avantia Cyber Security is able to demonstrate active risk mitigation against cyber attacks by its Clients in these areas.

Want The Information  Cyber Criminal's  Don't Want You To Know?

Subscribe below to receive our weekly Threat Updates straight to your inbox.

Call (07) 3010 9711


Avantia Corporate Services Pty Ltd,                    Level 7, 320 Adelaide Street

Brisbane, Queensland 4000


  • LinkedIn Social Icon
  • Facebook Social Icon

DISCLAIMER*: Avantia Corporate Services Pty Ltd and Avantia Cyber Security provides the content in this publication to the reader for general information purposes only and has compiled the content from a number of sources in Australia, the USA, and up to 56 other countries who provide cyber breach and cybersecurity information to us in real-time. Given their international focus and experience in the cyberspace arena, we believe their data to be accurate and reliable, however, we give no warranty (implied or otherwise), as to the content's accuracy or fitness for use. No validation or investigation has been performed by Avantia Corporate Services or the Author as to its accuracy or reliability. Readers should conduct their own investigation and come to their own conclusions before taking any action.

*COPYRIGHT 2020* Avantia Corporate Services  PTY LTD - All Rights Reserved.