What happens when someone inside the system, entrusted with national secrets, begins to see another country as their true allegiance? This is the dilemma posed by insider threats – trusted individuals who, whether by intent or negligence, cause harm to the organisations that trust them and rely on them.
Within the Australian federal government exists a highly refined formal process of trust-granting in the form of a security clearance vetting process and ongoing suitability assessment. This process is undertaken by the Australian Government Security Vetting Agency (AGSVA) for security clearances from BASELINE to, currently, TOP SECRET POSITIVE VETTING (TS-PV) and within the Australian Security Intelligence Organisation (ASIO) for granting the highest level TOP SECRET-PRIVILEGED ACCESS (TS-PA) security clearance.
The clearance process is designed to ensure that people who are granted access to classified information and assets which, if divulged to unauthorised recipients or (in the case of assets) damaged or stolen, could have negative consequences – harm – for Australia’s national security.
Beyond this national-level security clearance process, membership of the Australian Defence Force (ADF) adds another layer of moral code about not betraying trust because by wearing an ADF uniform a person signals a willingness to put their life at risk to defend Australia’s sovereignty and national security. To put Australia’s national interest first.
Media reporting in early 2025 noted that an ADF officer was deprived of his high-level security clearance due to concerns about his loyalty to another nation state – one that is not formally allied with Australia but with which Australia has defence and other strong ties.
The Army Reserve officer, whose name has not been made public, is an Australian citizen who first joined the ADF in 2004. He had held a TOP SECRET NEGATIVE VETTING 2 (NV2) security clearance since 2010.
ASIO conducted two security assessment interviews and two written questionnaires with the ADF officer from October 2020 to April 2023 in which the officer stated that he would hand over classified or sensitive information to the nation state he held some allegiance to, if asked by them, because he felt a sense of “natural solidarity” with that nation and did not view it as a foreign government.
Reportedly, during the security interviews with ASIO, the officer chose to withhold information about two training courses he attended in that nation state in 2016 and 2019.
ASIO found the officer was vulnerable to influence or coercion in acts of espionage or foreign interference and concluded that he had “demonstrated a higher level of loyalty to [another nation] than to the Australian government”.
ASIO Director-General Mike Burgess issued an adverse security assessment against the ADF officer on June 3, 2023. His security clearance was revoked, which ASIO admitted may negatively affect his ongoing employment due to the type of information and roles he can be subject to, and future employment within the Australian government.
“ASIO assesses that this demonstrates [the officer’s] loyalty to the nation state outweighs his obligations to the Australian government as a security clearance holder,” ASIO assessments found, according to Administrative Review Tribunal (ART) documents.
The ADF officer did not agree with the assessment and requested a review by the ART, arguing he had served 19 years with the Army and had acted within the requirements of his security clearance.
“…Under no circumstances would I conduct espionage or assist the [nation-state intelligence service] whilst I am wearing the ADF uniform,” he said, according to ART documents.
The ART heard from both sides and, in its decision published in April 2025, supported and affirmed the ASIO assessment. The ART found: “We are satisfied the information contained in the security assessment is correct and correctly represented, and we are satisfied it is reasonably relevant to the requirements of security in respect of risks of espionage and acts of foreign interference.”
The ART noted it did not make findings into whether the ADF officer had been disloyal to the Australian government, but rather focused on his divided loyalties between his obligations in his ADF role and his loyalty to his faith and cultural identity.
An ADF spokesperson said they were aware of the ART’s decision and any new application by the ADF officer would be subject to further security assessment by ASIO.
Notable features of this insider threat case
- A person who held one of the highest levels of Australian government security clearance, having therefore been subjected to years of security scrutiny and security education, was able to rationalise and be willing to provide Australian (and perhaps allies’) secrets to another nation state for whom he had religious and cultural affiliations.
- Despite knowing he was forbidden to disclose classified information, the ADF officer had considered and decided it would be permissible because he felt a sense of “natural solidarity” with that nation and did not view it as a foreign government.
- The ADF officer’s religion and cultural affiliation apparently overcame his alignment to Australia’s national security, even though he is an Australian citizen and a long-serving officer in the ADF.
- The added moral weight of serving with the ADF, of wearing the uniform, did not serve to dissuade the ADF officer from forming a view that it would be ‘right’ for him to pass on classified information to unauthorised recipients.
- Based on media reporting, the loss of the security clearance did not mean the ADF officer would automatically be discharged from the ADF, but it could limit the types of roles in which he could be employed.
Why this case matters beyond government
What is the relevance of this case study for readers who are employed in, or work with, entities lacking the elaborate and formal personnel security clearance machinery of the Australian government and the ADF?
The key point is that a mature and proven personnel security program does not deliver a complete mitigation against insider threat. So, as the personnel security program you are part of is likely to be less developed, potentially far less developed, than the programs the Australian government has in place, the risk of insider threat is most likely high in your entity.
You may say that your entity is not dealing with Australian government secrets, so the consequences – the harms – are less. I disagree. Every entity has people, assets, and information it should and must protect by law from the insider threat.
Entities subject to the Security of Critical Infrastructure Act 2018 (SOCI Act) and associated legislation are required to have an insider threat program. They need to treat the risks posed by the insider threat in order to meet their SOCI Act obligations.
An insider threat program is essential to enable the secure and reliable operation of critical infrastructure assets, thereby contributing to Australia’s national security.
In the threat environment Australia faces today and into the foreseeable future, the protection of critical information, systems, and personnel is not only a government concern, but also a shared responsibility across sectors. The Australian government manages only part of the capability to defend Australia, with the majority of the capability resting with our citizenry and the private sector.
The author of this article, Timothy Slattery, served in Australia’s army, intelligence and national security community for 37 years. Tim has operational and policy experience across defence, intelligence, law enforcement and protective security domains, including with Five Eyes partners. Tim retired from Australian federal government service in 2019, joining the consulting community in 2020 with focus on insider threat and broader personnel security issues across government, critical infrastructure and private sector clients. In 2024, Tim co-founded Pentagram Advisory to better focus his efforts to promote understanding and mitigation of insider threats.