APAC CIOOutlook

Advertise

with us

  • Technologies
      • Artificial Intelligence
      • Big Data
      • Blockchain
      • Cloud
      • Digital Transformation
      • Internet of Things
      • Low Code No Code
      • MarTech
      • Mobile Application
      • Security
      • Software Testing
      • Wireless
  • Industries
      • E-Commerce
      • Education
      • Logistics
      • Retail
      • Supply Chain
      • Travel and Hospitality
  • Platforms
      • Microsoft
      • Salesforce
      • SAP
  • Solutions
      • Business Intelligence
      • Cognitive
      • Contact Center
      • CRM
      • Cyber Security
      • Data Center
      • Gamification
      • Procurement
      • Smart City
      • Workflow
  • Home
  • CXO Insights
  • CIO Views
  • Vendors
  • News
  • Conferences
  • Whitepapers
  • Newsletter
  • Awards
Apac

  • Artificial Intelligence

    Big Data

    Blockchain

    Cloud

    Digital Transformation

    Internet of Things

    Low Code No Code

    MarTech

    Mobile Application

    Security

    Software Testing

    Wireless

  • E-Commerce

    Education

    Logistics

    Retail

    Supply Chain

    Travel and Hospitality

  • Microsoft

    Salesforce

    SAP

  • Business Intelligence

    Cognitive

    Contact Center

    CRM

    Cyber Security

    Data Center

    Gamification

    Procurement

    Smart City

    Workflow

Menu
    • Cyber Security
    • Hotel Management
    • Workflow
    • E-Commerce
    • Business Intelligence
    • MORE
    #

    Apac CIOOutlook Weekly Brief

    ×

    Be first to read the latest tech news, Industry Leader's Insights, and CIO interviews of medium and large enterprises exclusively from Apac CIOOutlook

    Subscribe

    loading

    THANK YOU FOR SUBSCRIBING

    • Home
    • Cyber Security
    Editor's Pick (1 - 4 of 8)
    left
    IAM May Help Secure Data, But It Needs to be Protected as Well

    Marc Ashworth, Chief Information Security Officer, First Bank

    The Changing Landscape of Cyber Security

    Scott Brandt, CIO & Director of IT, Texas Office of the Secretary of State

    Cyber Security - Integrated enterprise approach required to address the multifaceted challenges

    Sumit Puri, CIO, Max Healthcare

    Leadership Framework for Building Elite Teams

    Douglas Duncan, CIO, Columbia Insurance Group

    Four Cybersecurity Weak Spots You Should Care About When Others Don't

    Marc Probst, CIO & VP, Intermountain Healthcare

    Enterprise Security And The Elusive

    Andre' Allen, CISO, City of Houston

    Secure Text Messaging in an Academic Medical Center - Experience and Lessons

    Kari Cassel, SVP & CIO, UF Health

    It's Time to Turn Security Inside Out

    Gilad Raz, CIO, Varonis

    right

    Trusted Insider versus Insider Threat: A New Model at nbn

    Darren Kane, Chief Security Officer, nbn™ Australia

    Tweet
    Many modern mature organisations have an Insider Threat Program. But why call it that?

    Most organisations will readily acknowledge that people are their greatest asset. We invest time and resources finding them, completing due diligence on them, attracting them to our organisation and, ultimately, paying them. We train and nurture them. We trust them with building access, system access and corporate knowledge. They will be the basis of the success of our company.

    However, the irony is that while recognising the value of their people, most organisations readily bestow a title with such negative and untrustworthy connotations – Insider Threat – to a program designed to assist an organisation to perform better.

    At nbn, we have taken an inverse view of that philosophy with our ‘Trusted Insider Program’ that aims to protect employees and the company from external and internal threats.

    This approach allows our people to buy into the ‘Security is everybody’s responsibility’ mantra and affords our C-suite visibility on the added value the security group provides our organisation.

    These types of programs are largely misunderstood, and the ‘Insider Threat’ name does not help that cause. Our people are the lifeblood of any organisation, and nbn is no different. nbn has a talented workforce of around 6000 that is vital to our success in providing access to high-speed broadband for all Australian homes and businesses.

    Having established a ‘converged model’ in 2015, where a single role has remit for both cyber and physical threats, our job in security is to protect our people and the company itself from all reasonable threats. After all, these threats can materialise against any organisation in many forms.

    Internal threats come in different forms: Compromised staff can become victims of phishing attacks or social engineering, inadvertent events by staff who may have mistakenly sent valuable data outside an organisation, or even malicious activity by staff who steal or disseminate valuable intellectual property or customer records for the purposes of identity theft.

    Negating physical security threats requires absolute vigilance. There is no silver bullet, and maintaining physical security usually comes down to doing many little things well

    Negating physical security threats requires absolute vigilance. There is no silver bullet, and maintaining physical security usually comes down to doing many little things well. This can include vigilance about company information in public places, being aware of the risk of being ‘tail-gated’ through security checkpoints and mandating that all staff clearly display their security pass at all times.

    Our approach is to treat our staff as trustworthy but to have the appropriate systems, intelligence, and analytics in place across both our cyber and physical domains to ensure all incidents are detected and dealt with in a timely manner. This is why we do not believe in the title ‘insider threat’ but prefer the more positive notion of the Trusted Insider.

    nbn’s Trusted Insider Program focuses on cyber defence, intelligence and behavioural insights, and investigation teams. The program is the hub of the nbn security strategy and operations, but effective programs are far broader than just detection and protection. They must cover the entire employee lifecycle: suitable background checks, onboarding of staff and third-party contractors, to contract management and asset management, right through to off boarding of staff from the company.

    By taking this approach, nbn’s Trusted Insider Program is a business enabler. It provides a return on investment by providing insights into key areas of the company, such as reconciling redundant mobile phones in the fleet against billing data or providing true reflections of third-party software to ensure annual renewals are reflective of those that are actually required and approved for use.

    It is this broader remit of being a protector as well as a business enabler that gives our organisation’s leaders comfort and a true understanding of the value a progressive, proactive security group.

    tag

    Physical Security

    Weekly Brief

    loading
    Top 10 Cyber Security Companies in APAC - 2024
    ON THE DECK

    Cyber Security 2024

    I agree We use cookies on this website to enhance your user experience. By clicking any link on this page you are giving your consent for us to set cookies. More info

    Read Also

    Loading...
    Copyright © 2025 APAC CIOOutlook. All rights reserved. Registration on or use of this site constitutes acceptance of our Terms of Use and Privacy and Anti Spam Policy 

    Home |  CXO Insights |   Whitepapers |   Subscribe |   Conferences |   Sitemaps |   About us |   Advertise with us |   Editorial Policy |   Feedback Policy |  

    follow on linkedinfollow on twitter follow on rss
    This content is copyright protected

    However, if you would like to share the information in this article, you may use the link below:

    https://cyber-security.apacciooutlook.com/views/trusted-insider-versus-insider-threat-a-new-model-at-nbn-nwid-6704.html