Australian Government agencies will be required to vet their staff on an ongoing basis in order to protect sensitive government data against the kind of \"insider threat\" posed by the likes of Edward Snowden and Bradley Manning. <\/p>\n
Attorney-General George Brandis this morning unveiled revised mandatory requirements for how agencies should screen employees, which could potentially see periodic staff security assessments replaced by dynamically pushed information, to keep tabs on staff on an ongoing basis. <\/p>\n
Brandis recently directed his department to review the existing personnel security policy under the Australian Governments protective security policy framework (PSPF), which sets out the controls government agencies are expected to take to protect their people, information and assets. <\/p>\n
The changes to the personnel security policy aim to reduce the risk of loss, damage or compromise of Commonwealth resources by providing assurance about the suitability of personnel authority to access those resources in response to risks posed by insider threats such as Edward Snowden and Bradley (now Chelsea) Manning, Brandis said. <\/p>\n
They aim to minimise the potential for misuse of those resources either by inadvertent or deliberate disclosure, he told delegates at the Security in Government Conference today. <\/p>\n
To address the risks that could arise from a trusted insider, the importance of security vetting, contact reporting and ongoing monitoring of our employees suitability to access information should never be underestimated. <\/p>\n
Brandis also asked the Attorney-Generals department to explore vetting in a paradigm of evolving threat, specifically dynamic vetting in which information about an employee requiring clearance is pushed to the vetting agency, rather than being provided by the employee themselves. <\/p>\n
There is a need to change our focus from point-in-time suitability assessments to continuous monitoring and assessments of each persons ongoing suitability, Brandis said. <\/p>\n
The new and emerging threats we face require Government to constantly revisit and revise our approach to national security. This should be extended to personnel security and vetting, where it is not enough to simply tick and flick an application every few years. <\/p>\n
We must take a dynamic, not a static approach, to the assessment of suitability.\" <\/p>\n
<\/p>\n