Dr Ivano Bongiovanni, General Manager, AUSCERT, one of Australia’s only computer emergency response team’s (CERT), and one of the oldest CERTs in the world, to the Federal Budget announcements to further bolster our nation’s cyber security defences, has commented on a raft of announcements to strengthen the nation’s cybersecurity defences. A comprehensive snapshot is below.
“This year’s budget maintains a traditional focus on equipping government departments and agencies with resources to strengthen their cyber-resilience. Government departments and agencies including the Australian Tax Office, Australian Prudential Regulatory Authority, Australian Securities and Investment Commission and the Department of Parliamentary Services and independent statutory agencies such as NDIS received significant budget allocations. While the 2023 budget contained more specific references to the protection of businesses, this budget’s ultimate beneficiaries appear to be citizens, including from more vulnerable groups,” says Dr Bongiovanni.
Among the key announcements,ย $288M has been allocated to strengthen the capabilities of Australia’s Digital ID program. $40M has been allocated to support national efforts to aid the safer use of AI. $50M have been allocated to improve myGov fraud detection capabilities. ASIC will receive funding over the next four years to combat scams and online fraud with a mandatory industry code to be introduced. Budget commitments to several government departments and agencies, including the Department of Foreign Affairs and Trade and the Australian Sports Foundation will extend over several years, highlighting an ongoing commitment to boosting Australia’s cyber security capability.
“The long-term commitments made in this budget reflect the reality that securing our nation’s information assets is an ongoing program and not a one-off project,” Dr Bongiovanni says. “With online fraud and identity theft a major issue for every citizen, the commitment to a Digital ID will boost protection for consumers and make it harder for criminals to commit identity-based crimes.”
Key summary of announcements relating to cybersecurity in the Federal Budget 2024:
- A $39.9 million fund (over 5 years) will see Australia seek “safe and responsible” ways to adopt AI technology. This will include a new advisory body and blocking national security risks.
- $206.4 million will be provided over four years and $7.2 million per year ongoing to improve ASIC and APRA’s data capability and cybersecurity, and to continue the stabilisation of business registers and modernisation of legacy systems. This will be partially funded by the ASIC and APRA industry levies.
- The Australian Taxation Office (ATO) will receive $187 million over four years to strengthen its ability to detect, prevent, and mitigate fraud against the tax and superannuation systems. Funding includes:
- $78.7 million for upgrades to information and communications technologies to enable the ATO to identify and block suspicious activity in real time.
- $83.5 million for a new compliance taskforce to recover lost revenue and intervene when attempts to obtain fraudulent refunds are made.
- $24.8 million to improve the ATO’s management and governance of its counter-fraud activities, including improving how the ATO assists individuals harmed by fraud.
- $187.8 million over four years from 2024-25 (and $11.1 million per year ongoing) to upgrade ICT and security at the Department of Foreign Affairs and Tradeย premises.
- $50.0 million over four years from 2024-25 (and $5.2 million per year ongoing) for enhancements to the myGov platform to continue to respond to the findings of the Critical National Infrastructure myGov User Audit and advice from the independent advisory board, including enhancements to the myGov support tool, strengthening myGov fraud detection capabilities, improving the myGov inbox and other communication tools and supporting users to better secure their myGov accounts.
- The ten-year budget to deliver the 2024ย National Defence Strategyย is $50.3 billion, includes national defence in the cyber domain.
- $288.1 million over four years has been provided for Digital ID, to strengthen privacy and protect consumers with stronger mitigations for fraud and identity theft.
- $8 million over three years from 2024-25 to support the Australian Sports Foundation to complete technology upgrades, including enhancement of cyber security for the fundraising platform.
- $12.8 million over four years from 2024-25 (and $2.3 million per year ongoing) to the Department of Parliamentary Services to enhance information technology to support business productivity and cybersecurity.
- $160.7 million over four years from 2024-25 (and $24.6 million per year ongoing) to upgrade the National Disability Insurance Scheme (NDIS) Quality and Safeguards Commission’s information technology systems, to better protect the safety of NDIS participants, reduce regulatory burden on NDIS providers, and improve cybersecurity.
- $206.4 million over four years from 2024-25 (and $7.2 million per year ongoing) to improve the data capability and cybersecurity of the Australian Prudential Regulation Authority (APRA) and the Australian Securities and Investments Commission (ASIC) and to continue the stabilisation of business registers and modernisation of legacy systems.
- The Government will provide $67.5 million over four years from 2024-25 (and $8.6 million per year ongoing) to continue to combat scams and online fraud through the introduction of mandatory industry codes to be established under a Scams Code Framework and increased use of the secure eInvoicing network. This funding includes:
- ย $37.3 million over four years from 2024-25 (and $8.6 million per year ongoing) for the Australian Competition and Consumer Commission (ACCC), the Australian Securities and Investments Commission (ASIC) and the Australian Communications and Media Authority (ACMA) to administer and enforce mandatory industry codes for regulated businesses to address scams on their platforms and services, initially targeting telecommunications, banks and digital platforms services relating to social media, paid search engine advertising and direct messaging.
- $23.3 million over four years from 2024-25 for the Australian Taxation Office to continue to oversee and operate the secure eInvoicing network.
- $6.3 million in 2024-25 for the ACCC to improve public awareness of scams and help the public to identify, avoid and report scams.
- $1.6 million over two years from 2024-25 for the Treasury to develop and legislate the overarching Scams Code Framework.
About AUSCERT
AUSCERT is a not-for-profit, member funded organisation based at The University of Queensland. It provides support to businesses during cyber security incidents, threat intelligence services and ongoing education and development programs.
AUSCERT’s passionate team of leading cyber security experts deliver 24/7 service to more than 500 members spanning education and training, financial and insurance services, information, media and telecommunications and other key sectorsย alongside a range of comprehensive tools to strengthen cyber security strategic defences.