Powered by MOMENTUM MEDIA
cyber daily logo
Breaking news and updates daily. Subscribe to our Newsletter

New Scams Prevention Framework a ‘critical step’, but there’s more to be done, experts say

The Labor government calls its new scam-fighting legislation a “landmark” step in fighting cyber crime, but it’s only part of what needs to be done to protect Australian consumers.

user icon David Hollingworth
Mon, 18 Nov 2024
New Scams Prevention Framework a ‘critical step’, but there’s more to be done, experts say
expand image

Assistant Treasurer and Minister for Financial Services Stephen Jones revealed Labor’s latest effort in fighting the growing threat and cost of scams earlier this month when he announced the government’s new Scams Prevention Framework.

The legislation will give the Australian Competition and Consumer Commission sweeping new powers to directly take social media companies, banks, and telcos to task in order to protect consumers.

The Australian Financial Complaints Authority would also be given the power to resolve consumer claims regarding scams in those sectors.

============
============

“Over the last year, I’ve spoken to thousands of Australians in cities and towns around the country,” Minister Jones said on 7 November, when the framework was announced.

“They want tough action to protect their money and their information, and these laws deliver.”

But is the action tough enough? Scams are only costing Australians more in financial losses each year, and the scammers themselves are becoming ever more sophisticated.

Janine Morris, industry engagement and strategy lead at SaaS firm AvePoint, seems to think so – but it’s also far from a silver bullet.

“While Australia’s new Scams Prevention Framework is a critical step towards combating rising cyber crime incidents, it is equally important that we focus on data integrity as a key part of this effort,” Morris told Cyber Daily.

“The foundation of any effective fraud prevention strategy lies in initially safeguarding the integrity and security of data.

“Scams and fraud often rely on exploiting weak or compromised data. Whether it’s through phishing attacks, identity theft, or data breaches, ensuring sensitive data remains accurate, secure, and tamper-proof is essential in minimising these risks.”

According to Morris, regulatory measures simply aren’t enough. Organisations need to be more proactive in keeping their data infrastructure secure.

“This means implementing robust data governance practices, ensuring accurate data access controls, and training employees to recognise the signs of data manipulation,” Morris said.

“By reinforcing data integrity at all levels, we can better protect both individuals and businesses from the devastating effects of scams.”

For Simon Berglund, senior vice president and general manager for the APAC region at Diligent, the framework “highlights the need for industry collaboration and a holistic approach to cyber security”.

“By imposing clear obligations on banks, telecoms, and social media platforms, along with penalties for non-compliance, the government is laying the groundwork for a more accountable and secure digital ecosystem,” Berglund said.

However, Berglund agrees that businesses still need to do more work themselves.

“For businesses, now is an opportune time to enhance their cyber security governance programs,” Berglund said.

“This includes conducting regular risk assessments and vulnerability management, ensuring employees, management and board members are trained on the latest developments in cyber security and employing continuous monitoring and incident response capabilities to rethink their cyber risk management strategies.”

Whether businesses take the opportunity to boost their security rather than coast along until the next major data breach – the wave of scams that will inevitably follow – remains to be seen.

David Hollingworth

David Hollingworth

David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.

newsletter
cyber daily subscribe
Be the first to hear the latest developments in the cyber industry.