Australia launches Centre of Excellence to fight insider threats and espionage

Australia is pushing the needle forward for a national insider risk agenda to counter the growing threat of espionage and foreign interference.

In his Annual Threat Assessment, ASIO’s Mike Burgess has urged organisations to prioritise insider risk management and culture amid a “concerning uptick” of spies luring trusted insiders to steal sensitive information.

ASIO’s assessment has raised the alarm on Australia’s growing risk in the current geopolitical climate, with foreign intelligence services increasingly targeting doctors, journalists and officials across government and defence. 

The Australian Cyber Collaboration Centre (the Centre) commends ASIO’s hard work and tenacity in championing a whole-of-nation approach for identifying and countering insider threats.

“Australia is on the cusp of providing a national response that will ultimately empower organisations to create their own roadmaps for addressing insider risk,” said Matt Salier, CEO of the Australian Cyber Collaboration Centre. 

ASIO defines insiders as “current and former employees or contractors who enjoy legitimate access to information, techniques, activities, technology, assets, or facilities.”

Insiders become “insider threats” when they disclose sensitive information without authorisation, conduct espionage, foreign interference or sabotage, or help a third party conduct these activities.

The Countering the Insider Threat: A Security Manager’s Guide by ASIO is one of many powerful resources ASIO has produced for Australian practitioners to uplift their insider risk programs.

The Centre was especially pleased to see the inclusion of best practices and philosophies from leading insider risk experts, including but not limited to Dr Eric Shaw, Laura Sellers and Carnegie Mellon.

As ASIO notes, the insider threats facing Australia are far more serious and sophisticated than ever before.

Mohan Koo, a Founding Member of the Centre, said a collaborative, programmatic response is required to meet the challenge.

“Australia is now waking up to the severity of insider risk and the threats facing our nation. Thanks to ASIO and the new Security of Critical Infrastructure (SOCI) legislation, we’re now well poised to address these threats by focusing on human behaviour as the root cause of security breaches. Technologies have now reached a level of maturity and are advanced enough to proactively detect these threats – but that’s only half the equation. Our approach to insider risk must be programmatic – underpinned by an enterprise program which encompasses people, process, policy and technology – and it must be collaborative across all business units,” said Koo, who is also Co-founder and CTO at DTEX Systems.

The Centre is working closely with its partners – including DTEX and MITRE – to strengthen Australia’s security maturity by establishing a community of insider risk practitioners and facilitating best practice information sharing.

The Australian Insider Risk Centre of Excellence (AIR CoE), established in 2022 under the Australian Cyber Collaboration Centre, will be rolling out a number of initiatives in 2023, drawing together experts – and their research – to close the insider risk skills gap.

The inaugural AIR CoE masterclass will be held in March this year and will feature MITRE’s Dr. Deanna Caputo, drawing on decades of MITRE’s applied research on Insider Threats.

To learn more about what Australia is doing to address insider risk and to join our growing community, register your interest in the Australian Insider Risk Centre of Excellence.