Still reeling from the coordinated cyberattack in April, superannuation funds will test their cybersecurity resilience and see what lessons they have learned under a drill provided by the Gateway Network Governance Body (GNGB).

Taking place on Thursday in Sydney, the exercise called Operation Honeybee II will challenge super funds' cybersecurity response across their entire ecosystem.

Super funds, including administrators, service providers, regulators and government agencies, will take part in the exercise that will simulate a coordinated response to a significant cyberattack, seeing how they identify strengths, uncover gaps and test communication and compliance procedures under pressure.

About 10 members of AustralianSuper collectively lost $750,000 from a cyberattack in April.

Cbus, Insignia Financial, Hostplus and Australian Retirement Trust also fell prey to the coordinated credential stuffing attempts - but ultimately came out unscathed.

GNGB chief executive Michelle Bower said: "Super funds and their service providers demonstrated mature capability when responding to these attacks, as individual organisations. However, as an industry, it was acknowledged that better communications between entities within the ecosystem, could have contributed to an even better outcome."

Monash University's Nigel Phair, a professor in the department of software systems and cybersecurity, recently told Financial Standard that super funds are still grappling with the basics of cybersecurity.

In his research, Phair calls out "cyberwashing" in the same way that some organisations are greenwashing.

Many organisations spout the standard lines of "how well they treat everyone's information carefully using military-grade security and data protection".

"This is an attempt to give some confidence to the public, yet we see data breach after data breach after data breach. They continue to say how seriously they take it all. And plainly, they don't," Phair said.

APRA is also on super funds' case, pushing for basic protections such as multi-factor authentication (MFA).

Off the back of the coordinated attacks, APRA forced trustees to carry out several actions to fix material IT security weaknesses by August 31, highlighting, in particular, the need to step up lax MFA measures.

Commenting on participating in the exercise, Association of Superannuation Funds of Australia (ASFA) chief executive Mary Delahunty said: "The initiative is designed to strengthen collective cyber resilience, test coordination capabilities and reinforce preparedness for increasingly complex and sophisticated cyber threats."

Bower added: "Cyber events unfold rapidly and can lead to a high-pressure environment, but with well-developed plans and regular collective response exercises, stakeholders across the ecosystem can be better prepared to respond, defend, and recover as one."