Under Australia’s Telecommunications Sector Security Reforms (TSSR), all carriers and nominated carriage service providers (C/NCSPs) are required to notify the Communications Access Coordinator (CAC) of proposed changes to their telecommunications systems or services if they become aware of any proposed changes that are likely to have a “material adverse effect” on their capacity to comply with security obligations.
As of 30 June 2020, the Department of Home Affairs has received a total of 66 notifications. It told the Parliamentary Joint Committee on Intelligence and Security (PJCIS) the notifications received from carriers to date represented the vast majority of the fixed-line and mobile telecommunications market in Australia.
In its submission [PDF] to the PJCIS, Home Affairs suggested additional types of notices “with more nuanced language” to reflect various levels and types of risk and the urgency of adopting further mitigations.
See also: The disappointment of Australia’s new cybersecurity strategy