ato logo

Cyber Security Stakeholder Group key messages 21 January 2021

Key topics discussed at the Cyber Security Stakeholder Group meeting 21 January 2021.

Last updated 22 March 2021

ATO update

2020 was a busy year with 2021 starting with the same momentum. It was acknowledged the ATO has a focus on strengthening the cyber security environment with significant investment committed to improving maturity across people, process and technology.

Last year saw an increase in ransomware which is again emphasising the importance of Patching as a key resilience measure to protecting systems.

Chartered Accountants, Australia and New Zealand update

It was revealed accounting professionals may be required to be accredited to access their client’s bank account details as part of their obligations associated with the Consumer Data Right BillExternal Link.

ATO Impersonation scams

The COVID-19 pandemic presented scammers with ample opportunity to exploit economic vulnerability and fear throughout 2020. The ATO noted a spike in scam reports related to the JobKeeper and Early Release of Super stimulus measures.

The ATO regularly attends an Interagency scams forum and it has been noted that instances of fake vaccine investment scams are already being reported. Whilst not tax related, it is important to see what’s happening as there will no doubt be other COVID-19 vaccine scams.

The Australian Communications and Media Authority registered the Reducing Scam Calls Code mandating reporting, trace and block requirements for fraudulent phone spoofing for all telcos. The Code sets out the processes for telcos to identify, trace and block scam calls. This is a result of the scam technology task force and leverages the successes of the ‘do not originate’ pilot that the ATO ran with telcos in 2019 and is a very encouraging step forward in scam disruption.

Australian Cyber Security Centre (ACSC)

ACSC has been working with Government and selected industry stakeholders to review the Essential Eight Maturity ModelExternal Link.

In 2020, the ACSC commissioned market research to measure levels of community awareness, understanding and behaviours in relation to the current cyber security threats in Australia. This will inform the development of cyber security communications to the Australian public to improve national cyber resilience. For more information refer:

Act Now, Stay Secure Campaign

The Australian Government has launched a new cyber security campaign to warn Australians about cybercrime and directs people to ACSC website as the one-stop shop for individuals, businesses and organisations to protect themselves against cyber threatsExternal Link.

The campaign will be ‘always on’ running on social media and other digital platforms such as popular websites and optimised search engines.

Expansion of the ACSC Partnership Program

The ACSC Partnership Program has been expanded to enable a wide range of organisations – including, but particularly small businesses to engage with the ACSC and fellow partners, drawing on collective understanding, experience, skills and capability to lift cyber resilience across the Australian economy.

The ACSC Partnership Program is delivered through the ACSC’s network of Joint Cyber Security Centres located in Sydney, Melbourne, Brisbane, Adelaide and Perth. For more information refer to: