Story image

Australian govt at ‘serious’ risk from insiders, cyber security expert says

20 Oct 2016

Australian Government departments are at serious risk of large-scale loss of sensitive and classified data, according to a senior U.S counterintelligence advisor.

Keith Lowry, who led the Edward Snowden counterintelligence damage assessment team and an executive at Nuix, says many departments within organisations are exposed to serious data security risks because they do not conduct ongoing insider threat assessments, despite strict vetting processes of new staff and contractors.

According to Lowry, the number of spies or insiders caught using background checks is minimal. In his professional opinion, the number is very likely close to zero.

“Governments need to understand insider threats are about tomorrow, not yesterday,” he states.

“It is one thing to vet personnel, but background investigations and security checks only verify past behaviors and activities - they are absolutely useless in predicting future behaviours.”

Lowry’s warning about insider threats follow the recent arrest of a former National Security Agency contractor Harold Martin in the U.S. Prosecutors have accused the former Booz Allen Hamilton contractor of illegally removing top-secret information that could cause ‘exceptionally grave danger’ to US national security if disclosed.

“Edward Snowden, Chelsea Manning, and Harold Martin would all have passed background checks and other screening devices like polygraph examinations but in the end, they and others all made choices after being screened to do the wrong thing,” Lowry explains.

“Regardless of their intentions, in the end, they each took data that did not belong to them.” 

Lowry is briefing senior government security, intelligence and business representatives in Australia this week to discuss insider threats.

The Nuix-led briefings involve Alastair MacGibbon, special adviser to the Prime Minister on Cybersecurity, David Irvine AO, former head of ASIO and chair at the Australian Cyber Security Research Institute, and Nuix’s CEO, Eddie Sheehy.

Sheehy says to counter insider threats, governments must first appreciate the insider threat issue is a people problem rather than a technical problem.

“Employees and contractors who jeopardise the protection of critical data, either with intent or not, represent one of the greatest cyber security threats to government and corporate organisations,” says Sheehy.

“When the threat is understood from a people perspective, organisations can start to build effective counter insider threat strategies to help them respond quickly to serious data breaches,” he explains.

"That’s why leaders need to create a culture of data security across their organisation so everyone is aware of the risks and responsibilities they have to protect important data,” Sheehy adds.

“They must also know exactly where their critical and sensitive data is held so it can be prioritised and protected.”

Lowry says insider threats take many forms.

“Unintentional insiders put an organisation’s data at risk through negligence, ignorance or by accident. Their actions can cause just as much damage as malicious insiders who for example may be planted by nation states, terrorist networks, crime syndicates or individuals who want to steal and use information for gain or to cause harm,” he explains.

“Because organisations usually view insider threats as a technology issue rather than a people problem, insider threats are often managed by IT departments instead of being a whole of organisation responsibility that should be driven by senior executives and board members.”

Seagate: Data trends, opportunities, and challenges at the edge
The development of edge technology and the rise of big data have brought many opportunities for data infrastructure companies to the fore.
Popular Android apps track users and violate Google's policies
Google has reportedly taken action against some of the violators.
How blockchain could help stop video piracy in its tracks
An Australian video tech firm has successfully tested a blockchain trial that could end up being a welcome relief for video creators and the fight against video piracy.
IBM X-Force Red & Qualys introduce automated patching
IBM X-Force Red and Qualys are declaring a war on unpatched systems, and they believe automation is the answer.
Micro Focus acquires Interset to improve predictive analytics
Interset utilises user and entity behavioural analytics (UEBA) and machine learning to give security professionals what they need to execute threat detection analysis.
Raising the stakes: McAfee’s predictions for cybersecurity
Security teams and solutions will have to contend with synergistic threats, increasingly backed by artificial intelligence to avoid detection.
Exclusive: Ping Identity on security risk mitigation
“Effective security controls are measured and defined by the direct mitigation of inherent and residual risk.”
CylancePROTECT now available on AWS Marketplace
Customers now have access to CylancePROTECT for AI-driven protection across all Windows, Mac, and Linux (including Amazon Linux) instances.