sb-au logo
Story image

Australian govt at ‘serious’ risk from insiders, cyber security expert says

Australian Government departments are at serious risk of large-scale loss of sensitive and classified data, according to a senior U.S counterintelligence advisor.

Keith Lowry, who led the Edward Snowden counterintelligence damage assessment team and an executive at Nuix, says many departments within organisations are exposed to serious data security risks because they do not conduct ongoing insider threat assessments, despite strict vetting processes of new staff and contractors.

According to Lowry, the number of spies or insiders caught using background checks is minimal. In his professional opinion, the number is very likely close to zero.

“Governments need to understand insider threats are about tomorrow, not yesterday,” he states.

“It is one thing to vet personnel, but background investigations and security checks only verify past behaviors and activities - they are absolutely useless in predicting future behaviours.”

Lowry’s warning about insider threats follow the recent arrest of a former National Security Agency contractor Harold Martin in the U.S. Prosecutors have accused the former Booz Allen Hamilton contractor of illegally removing top-secret information that could cause ‘exceptionally grave danger’ to US national security if disclosed.

“Edward Snowden, Chelsea Manning, and Harold Martin would all have passed background checks and other screening devices like polygraph examinations but in the end, they and others all made choices after being screened to do the wrong thing,” Lowry explains.

“Regardless of their intentions, in the end, they each took data that did not belong to them.” 

Lowry is briefing senior government security, intelligence and business representatives in Australia this week to discuss insider threats.

The Nuix-led briefings involve Alastair MacGibbon, special adviser to the Prime Minister on Cybersecurity, David Irvine AO, former head of ASIO and chair at the Australian Cyber Security Research Institute, and Nuix’s CEO, Eddie Sheehy.

Sheehy says to counter insider threats, governments must first appreciate the insider threat issue is a people problem rather than a technical problem.

“Employees and contractors who jeopardise the protection of critical data, either with intent or not, represent one of the greatest cyber security threats to government and corporate organisations,” says Sheehy.

“When the threat is understood from a people perspective, organisations can start to build effective counter insider threat strategies to help them respond quickly to serious data breaches,” he explains.

"That’s why leaders need to create a culture of data security across their organisation so everyone is aware of the risks and responsibilities they have to protect important data,” Sheehy adds.

“They must also know exactly where their critical and sensitive data is held so it can be prioritised and protected.”

Lowry says insider threats take many forms.

“Unintentional insiders put an organisation’s data at risk through negligence, ignorance or by accident. Their actions can cause just as much damage as malicious insiders who for example may be planted by nation states, terrorist networks, crime syndicates or individuals who want to steal and use information for gain or to cause harm,” he explains.

“Because organisations usually view insider threats as a technology issue rather than a people problem, insider threats are often managed by IT departments instead of being a whole of organisation responsibility that should be driven by senior executives and board members.”

Story image
Video: 10 Minute IT Jams - Bitglass director on all things SASE
This is our second IT Jam with both Bitglass and Jonathan Andresen, who is the company's senior director of marketing. In this video, Jonathan discusses all things related to Secure Access Service Edge (SASE): its advantages over traditional security tech, what enterprises should look for, and how SASE relates to cloud-delivered secure web gateways.More
Story image
Ransomware attacks over SSL increase by 500%, Zscaler report shows
The research reveals the emerging techniques and impacted industries behind a 260% spike in attacks, using encrypted channels to bypass legacy security controls.More
Story image
DDoS attacks surge, becoming more sophisticated
After doubling from Q1 to Q2, the total number of network layer attacks observed in Q3 doubled again — resulting in a 4x increase in number compared to the pre-COVID levels in the first quarter. More
Story image
40% of free VPN apps found to leak data
81.4 million users who downloaded free VPNs could be putting themselves at risk.More
Story image
Forrester names Thycotic a Leader in privileged access management
Thycotic received the highest possible score in 11 of the 24 criteria in the study, including SaaS/cloud, innovation roadmap, and integrations, deployment, supporting products and services, commercial model, and PIM installed base.More
Story image
Ping Identity releases new offering to help Australian businesses with CDR
Ping Identity has launched a Consumer Data Right (CDR) Integration Kit, with the overall aim of supporting Australian organisations with banking and fintech compliance.More