Cyber security is no longer just an IT problem—it’s a board-level responsibility. In this episode, Leigh Kefford breaks down APRA’s CPS 234 Information Security standard in plain English, explaining what it requires, why regulators care, and what happens when controls fail.

We unpack board accountability, third-party risk, security testing, and incident response obligations—and why CPS 234 is fast becoming the benchmark for all Australian businesses, not just banks and insurers.

If your organisation handles sensitive data, relies on cloud providers, or assumes “it won’t happen to us,” this episode is essential listening.

This podcast was produced by National PC, delivering expert cyber security services in Townsville and Cairns through our Empower Managed IT solutions—secure, reliable, and built for North Queensland businesses.

View Show Notes and full transcript here: https://sittingduck.com.au/podcast/cps-234-explained-why-cyber-security-is-a-board-issue/