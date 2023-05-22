There are five different types of personas that could be an “insider” security threat, according to a guide from the Attorney-General’s Department.

The five types are broken into two categories: unintentional and intentional. The two unintentional types are the accidental insider and the negligent insider. The three intentional types are the self-motivated insider, the recruited insider, and the coerced insider.

According to the guide, you could be an accidental insider if you’ve been clicking on emails with malicious links, have inadequate oversight, or are dealing with an unrealistic workload.

If you have high error rates and an open disregard for attending training, as well as doing things like letting people “piggy-back” through a secure entrance at work, you could be a negligent insider.

If you sometimes bend the rules or steal data to advance your career, with red flags including financial hardship or unexplained wealth, you could be a self-motivated insider.

You could be a recruited insider if you express frustration in the workplace with an offer to split proceeds with someone in exchange for giving them system access.

If you work outside your normal hours without authorisation and have expressed interest in areas outside your scope of duty, with someone making threats either to yourself or others, you could be a coerced insider.

In the guide’s foreword, Attorney-General’s Department secretary Katherine Jones expressed the seriousness that an insider threat can be, saying it was an “immense risk” for both government and non-government entities.

“We often talk about how a positive organisational culture can produce better outcomes and enhance operational effectiveness,” Jones said.

“In the context of insider risk, this can be measured by the successful prevention, detection, deterrence and mitigation of the potential insider threat in all its manifestations.”

The guide itself contains tips for Australian government entities on the development of their approaches, prevention, recognition of an insider threat and response.

As for prevention, which it described as the most “common and cost-effective way” to stop insider threats, the guide outlined five areas:

A pro-integrity and transparent workplace cultivated by leadership Education and awareness programs, with initial training part of onboarding Understanding legal framework Both establishing and communicating reporting pathways if someone notices something concerning Protective security measures, including personnel, information and physical security

Attorney-general Mark Dreyfus said that while the “vast majority” of government employees act with integrity, “there have been a number of cases of unauthorised removal, dissemination or mishandling of sensitive material by trusted personnel”.

“Insider threat poses a significant risk to all entities due to the ability to bypass physical and electronic security measures through legitimate means,” Dreyfus said.

“It is an important risk consideration for both government and the private sector.”

READ MORE:

APS values and codes of conduct need a comprehensive review