In response to the exponentially rising cyber threats, Australia's banking giants - Bendigo Bank, CBA, ANZ, and Westpac - are fortifying their cybersecurity measures, ensuring the safety of their clientele. Bendigo Bank, in particular, has been proactive, flagging prominent scams that emerged in 2023, which include counterfeit emails and falsified caller ID tactics. To combat this, they've offered a set of safety guidelines for their users, emphasising the importance of never sharing personal banking PINs, passwords, or 6-digit security codes, among other protective measures.
March 2023 saw Westpac launch its advanced anti-scam security feature, "Westpac Verify," aiming to shield its customers from fraudulent activities. It primarily alerts users to potential account mismatches in transactions and prompts them to review suspicious transfers. Simultaneously, the Commonwealth Bank of Australia (CBA) celebrated the inception of the National Anti-Scams Centre's fusion cell, marking a collaborative effort with ASIC, ACCC, and various stakeholders, focusing particularly on combating high-value investment scams.
Following the surge in national cyber threats last year, the urgency for reinforced cyber resilience is palpable. Regulatory agencies like ACMA have announced their heightened priorities for 2023-2024, notably emphasising the combat of phone scams and allocating enhanced resources for corporate enforcement. Their efforts have led to significant sanctions, with companies like Commonwealth Bank Australia and mycar Tyre & Auto being penalised for breaches in compliance.
In the regulatory forefront, APRA's decision to release a tripartite assessment underlines the prevailing cyber threats casting a shadow on Australia's financial sector. Their research, encompassing over 300 financial entities, showcased the industry's vulnerabilities. Alarmingly, initial findings from these assessments pointed out critical gaps, including the inconsistent reporting of major incidents and inadequacies in third-party security capability assessments. APRA’s findings, as part of their 2020–2024 CPS 234 Information Security (CPS 234), Cyber Security Strategy, signal the pressing need to address these shortcomings.
Government agencies, notably APRA and ACMA, are doubling down on their oversight, striving to enhance industry awareness and adherence to the latest cybersecurity frameworks. These endeavours underscore the collaborative commitment to fortify Australia's cyber landscape, pushing institutions to uphold the highest standards of cyber resilience.