Show download pdf controls
  • Cyber Security Stakeholder Group key messages 21 January 2021

    ATO update

    2020 was a busy year with 2021 starting with the same momentum. It was acknowledged the ATO has a focus on strengthening the cyber security environment with significant investment committed to improving maturity across people, process and technology.

    Last year saw an increase in ransomware which is again emphasising the importance of Patching as a key resilience measure to protecting systems.

    Chartered Accountants, Australia and New Zealand update

    It was revealed accounting professionals may be required to be accredited to access their client’s bank account details as part of their obligations associated with the Consumer Data Right BillExternal Link.

    ATO Impersonation scams

    The COVID-19 pandemic presented scammers with ample opportunity to exploit economic vulnerability and fear throughout 2020. The ATO noted a spike in scam reports related to the JobKeeper and Early Release of Super stimulus measures.

    The ATO regularly attends an Interagency scams forum and it has been noted that instances of fake vaccine investment scams are already being reported. Whilst not tax related, it is important to see what’s happening as there will no doubt be other COVID-19 vaccine scams.

    The Australian Communications and Media Authority registered the Reducing Scam Calls Code mandating reporting, trace and block requirements for fraudulent phone spoofing for all telcos. The Code sets out the processes for telcos to identify, trace and block scam calls. This is a result of the scam technology task force and leverages the successes of the ‘do not originate’ pilot that the ATO ran with telcos in 2019 and is a very encouraging step forward in scam disruption.

    Australian Cyber Security Centre (ACSC)

    ACSC has been working with Government and selected industry stakeholders to review the Essential Eight Maturity ModelExternal Link.

    In 2020, the ACSC commissioned market research to measure levels of community awareness, understanding and behaviours in relation to the current cyber security threats in Australia. This will inform the development of cyber security communications to the Australian public to improve national cyber resilience. For more information refer:

    Act Now, Stay Secure Campaign

    The Australian Government has launched a new cyber security campaign to warn Australians about cybercrime and directs people to ACSC website as the one-stop shop for individuals, businesses and organisations to protect themselves against cyber threatsExternal Link.

    The campaign will be ‘always on’ running on social media and other digital platforms such as popular websites and optimised search engines.

    Expansion of the ACSC Partnership Program

    The ACSC Partnership Program has been expanded to enable a wide range of organisations – including, but particularly small businesses to engage with the ACSC and fellow partners, drawing on collective understanding, experience, skills and capability to lift cyber resilience across the Australian economy.

    The ACSC Partnership Program is delivered through the ACSC’s network of Joint Cyber Security Centres located in Sydney, Melbourne, Brisbane, Adelaide and Perth. For more information refer to:

      Last modified: 23 Mar 2021QC 65137