Over the last couple of weeks many examples of breaches of security involving the Federal government have occurred, namely the Customs Department and the Department of Transport. These have been written off by government officials as random acts of equipment theft and they argue there are no consequences flowing to the community from these events.
The comments by government raise more issues than they address, it appears that they are attempting to fob off very serious issues of security by simplifying the disappearance of equipment as simple theft and of little consequence because of encryption and protection build into the systems. One has to ask though - why would a simple thief break into supposed high security areas to steal second hand computers of little commercial value when commercial premises with new machines abound. On the other hand the information or intellectual property contained on the hard discs if retrievable could be of immense value to certain segments of society.
It is not good enough for the government on one hand to say to us be aware but not afraid and on the other hand they refuse to look at a significant chain of events that seem at first glance too closely linked to be a mere coincidence. They are obviously not afraid and simply not aware. They may be in fact investigating the issue and just not telling us, this does not fill the community with confidence and indeed sends the wrong message.
Is it fraud, is it corruption within those departments or is it a direct theft of intellectual property or a simple theft. These questions need to be answered fully for the community to maintain a belief in the process of government. They are quick to blame others and make comment but very slow in accepting responsibility for their own actions. At the moment the issue is being managed at public service level but how long before an issue occurs that causes the government to become directly involved and potentially embarrassed.
A question needs to be asked, "Is it simple theft, or is it greater than that and does it involve fraud of the commonwealth by the theft of information and following that does it involve corruption at any level."
AS8001-2003 Fraud and Corruption Control from Australian Standards discusses some of these issues in a much broader setting. A quote from the forward is significant in this discussion.
"Recent events in Australia and globally have established a strong
nexus between fraud and corruption within entities on the one hand
and fundamental governance failure at the very senior levels on the
other."
The quote brings us full circle in the comments on the incidents involving two key government departments that are potentially linked to the security of the nation.
The off-handed way the events have been managed by the departments indicate a poor system of corporate governance and a fundamentally poor understanding of how events are to be handled. Perception here is the key to the management of the risks associated with these incidents.
As a community we deserve to be treated better than this by people who are charged with our welfare.
Home | Join Now | Courses | Providers | Locations | Certification | Stay Certified | Articles | My AAFM
Disclaimer | Cancellation Policy | Contact Us | About AAFM | Site Design by AAPM