Course Overview
This course equips participants with knowledge and insights about foreign interference. This course will enable participants to identify, assess, and respond to insider threat activity stemming from foreign interference entities targeting people in Australia’s critical infrastructure sectors.
Drawing on the latest publicly available threat intelligence and advice from the Australian Security Intelligence Organisation (ASIO), and on analysis from the Australian Institute of Criminology (AIC) and other sources, the course examines how foreign interference may manifest in workplaces, the tactics used to exploit people and systems, and the obligations of organisations and individuals under Australian law and regulatory frameworks, such as the Security of Critical Infrastructure (SOCI) Act 2018 and the Security of Critical Infrastructure (Critical Infrastructure Risk Management Program) Rules 2023 (CIRMP Rules), with respect to insider threat mitigation.
Through examples and real-world case studies, participants will learn how to recognise vulnerabilities, implement protective measures, and integrate insider threat considerations into organisational security culture and risk management processes.
The course also highlights the role of a structured Insider Threat Program in countering foreign interference and provides a practical Quick Reference Guide for ongoing insider threat awareness and action.
Learning objectives
By the end of this course, participants will be able to:
1. Understand Australia’s relevant legislation and guidance: Identify and explain key legislation and policy relevant to foreign interference.
2. Define and distinguish key threat types: Explain the differences between foreign interference, foreign influence, espionage, and insider threats.
3. Assess relevance to critical infrastructure: Consider how these foreign interference threats might interact with critical infrastructure assets.
4. Identify organisational vulnerabilities: Recognise how adversaries target people, processes, and systems to achieve specific outcomes.
5. Recognise associated risks: Identify national security, organisational, asset, and individual risks arising from foreign interference and insider threats.
6. Identify protective measures and their role in ‘defence-in-depth’: Integrate workforce screening, conflict-of-interest declarations, information access controls, and continuous evaluation into organisational processes.
7. Promote individual vigilance: Adopt individual behaviours and shape workplace culture to protect personal and professional information, detect suspicious approaches, and use reporting channels effectively.
8. Integrate insider threat management into security culture: Incorporate governance, early intervention, and multidisciplinary collaboration to counter foreign interference.
Learning outcomes
After completing this course, participants will be able to:
1. Describe how foreign interference and insider threats operate in the critical infrastructure context, using definitions, real-world examples, and legislative references.
2. Analyse organisational exposure to foreign interference vectors such as insider recruitment, cyber access, and high-risk partnerships.
3. Map and apply compliance requirements from the SOCI Act, CIRMP Rules, and other relevant legislation to insider threat and foreign interference mitigation.
4. Explain the value of implementing protective controls across recruitment, workforce management, information handling, and reporting practices.
5. Support a strong security culture that reduces susceptibility to foreign interference by integrating awareness, training, and governance into everyday operations.
