Claim OwnershipIn Australia’s National Interest - Security of Critical Infrastructure
Subscribed: 5Played: 29
Subscribe
© Pentagram Advisory
Description
What comprises Australia’s national interest, and how does the rise of insider threat activity in Australia’s critical infrastructure connect to Australia’s national interest? I expect this topic was not the first thing on your mind when you woke this morning ready for breakfast and a hot shower, however the topic is relevant because it is fundamental to you having breakfast, a wash, and getting on with you day. Let me explain.
46 Episodes
Reverse
Why do employees sometimes go above and beyond to protect their organisation — and other times bend rules, ignore policies, or disengage from security altogether?In this episode, Pentagram Advisory explores the role of the psychological contract — the unwritten expectations of trust and fairness between employer and employee — and how its breakdown fuels insider threats. Drawing on research from the University of Warwick, we unpack why technical controls alone aren’t enough, how to recognise early signs of a breach, and what leaders can do to repair trust before it escalates into a security risk.For leaders, executives, and practitioners, this is a reminder that the deciding factor in insider threat is rarely opportunity — it is choice. And choice is shaped by trust.
Espionage and foreign interference are now assessed as certain threats to Australia’s critical infrastructure. In this episode, Pentagram Advisory explores how insider threat programs — guided by the Protective Security Policy Framework and aligned with SOCI Act obligations — help organisations counter these risks. We unpack why people are both the first line of defence and the most attractive target.
ESG is one of the most decisive forces shaping corporate strategy and investment worldwide. But while environmental and governance issues dominate the headlines, the social dimension — the human factor — is often overlooked.In this episode, Pentagram Advisory explores why personnel security is the missing link in many ESG programs. We examine the risks posed by workforce vulnerabilities, insider threats, and supply chain exposures, and why boards and executives must integrate personnel security into ESG strategy to build resilience, protect value, and maintain stakeholder trust.Join us as we uncover how the people side of ESG could be the decisive factor in safeguarding purpose, performance, and profitability for organisations managing critical assets.
In August 2025, the Australian Government announced it had evidence that the Iranian Government had directed violent criminal activities in Australia. The activities were cited as the attacks on two Jewish sites in Australia in 2024. In response to this evidence, the Australian Government expelled the Iranian ambassador and senior diplomatic staff, and will proscribe Iran’s Islamic Revolutionary Guard Corps (IRGC) as a terrorist group in Australia. This podcast argues that Iranian activity in Australia meets the definition of foreign interference, explores the significance of these acts, and the possible risks that may be relevant to people and employers from acts of foreign interference, be they from Iran or other hostile states.
Foreign interference is no longer a distant problem — it is happening here in Australia, today.In this episode, Pentagram Advisory explores the growing threat of Chinese foreign interference and its impact not only on Australia’s national security but also on everyday workplaces. Drawing on recent cases and real examples, we examine how interference targets individuals, communities, and institutions, and why no workplace is immune.From political asylum cases like Ted Hui and Kevin Yam, to the covert collection of information from community groups, this episode highlights how interference can affect colleagues, threaten trust, and undermine social cohesion. We also outline practical steps workplaces can take — from recognising warning signs to building a culture of safe reporting and resilience.Join Pentagram Advisory’s Tim Slattery and Marina Shteinberg as they unpack the risks, share insights from recent reports, and provide guidance for boards, executives, and employees on staying alert without fuelling bias.
This episode explores the risk posed to an enterprise from the actions of trusted insiders, also known as third-parties, in the enterprise's supply chain.
Two years on from the introduction of the Critical Infrastructure Risk Management Program (CIRMP) under the SOCI Act, what have we learned — and where do we go next?In this episode, Pentagram Advisory explores how organisations can use the annual CIRMP review and Board-approved report to strengthen governance, integrate SOCI-related security risks into their Enterprise Risk Management Framework, and build resilience that goes beyond compliance.We discuss practical steps for improving Board oversight, closing the gap between operational insights and strategic decisions, and embedding CIRMP into everyday risk management. Whether you’re a security leader, risk manager, or Board member, this conversation offers actionable insights to ensure your CIRMP drives value for your organisation.Based on our article CIRMP turns Two: Strengthening Annual Review, Board Oversight, and Risk Integration.
As organisations implement return-to-office (RTO) policies, the focus is often on productivity, collaboration, and culture. But there's another critical dimension to this shift: security.In this episode, Pentagram Advisory explores the human risks associated with organisational transitions and how poorly managed RTO directives can lead to disengagement, disgruntlement, and increased insider threat risk. Drawing on insights from our article “Returning to the Office – Managing Insider Threats During Organisational Transition”, we unpack the psychological contract between employers and employees, discuss the drivers of insider threats, and outline practical strategies for rebuilding trust, strengthening reporting culture, and supporting managers through change.This episode is essential listening for leaders, security professionals, and HR teams navigating the intersection of people, culture, and protective security.
What does it take to build a trusted workforce — one that is resilient, high-performing, and secure? In this episode, Tim Slattery and Marina Shteinberg from Pentagram Advisory explore the invisible but critical psychological contract between organisations and their people.Based on their article Building a Trusted Workforce – Managing Human Risk with Purpose, this episode examines how trust is formed (and broken), the role of pre-employment screening and ongoing assessments, and how organisations can move beyond compliance to create a culture of security and care.Listen now to learn practical strategies for managing people risk with empathy, structure, and purpose.
Explore how a security maturity model can strengthen your organisation’s Critical Infrastructure Risk Management Program (CIRMP) under Australia’s Security of Critical Infrastructure Act 2018 (SOCI Act).In this episode, Tim Slattery and Marina Shteinberg from Pentagram Advisory unpack what a security maturity model is, why it matters, and how it provides Boards and executives with a clear, evidence-based view of their security posture. To help organisations navigate this environment, Pentagram Advisory has developed a tailored CIRMP Security Maturity Model. This model is specifically designed to reflect the unique operating context, risk environment, and sector obligations of each critical infrastructure entity.Whether your goal is to meet increasing regulatory demands, reinforce resilience, or demonstrate transparent governance, this conversation offers practical insights to guide your journey.For more resources on the security of critical infrastructure, insider threats, and supply chain risk, visit Pentagram Advisory or follow us on LinkedIn.
This episode is titled: Pentagram Advisory First Anniversary – Celebrating One Year of CollaborationThis episode will explore a unique and unexpected aspect of Pentagram’s first year of operation – that is Pentagram’s connecting with other service providers that bring a natural point of collaboration with Pentagram. This collaboration provides additional and complementary benefits for our clients and followers. Collaboration also provides opportunities for Pentagram to contribute to meeting the needs of collaborators’ clients. The key message is that Pentagram has nested with other like-minded providers that share Pentagram’s values and vision to strengthen Australia’s national security by lifting up the security and resilience of Australia’s workforce and critical infrastructure.
Australian media reported in May 2025 that the leader of Australia’s Transport Workers Union (TWU) is prepared to “shut down Australian transport” in 2026 in pursuit of union claims. In this podcast Pentagram Advisory explores the possible consequences of the TWU threat in the context of the legal obligations that came into effect on 27 March 2025 that transport sector asset owners and operators now face under the Transport Security Amendment (Security of Australia’s Transport Sector) Act 2025 (TSA Act). Especially with regard to personnel security obligations under the TSA Act, TWU members may behave as 'insider threats' that require mitigation. The podcast explores the role of an insider threat program in helping to mitigate these possible threats and how this approach benefits all people and organisations involved .
This episode is titled: Insider Threat – Australian Government Recognises the Need for Insider Threat Programs. This podcast will explore the Australian Government’s efforts in recent years to mitigate insider threat in both the government and private sectors. The key message is that there is a need for insider threat program and that need comes from recognising the potency of the insider threat to harm Australia’s national security, defence, economic wellbeing, and social coherence. In terms of security threats, the two most potent threats are from people and cyber sources. We hope you enjoy this podcast and find it informative.
In this episode, we explore the landmark Transport Security Amendment (Security of Australia’s Transport Sector) Act 2025 — a generational shift in how Australia secures its aviation, maritime, and offshore sectors.Join Timothy Slattery and Marina Shteinberg from Pentagram Advisory as they unpack what the TSA Act means for airports, ports, and offshore facilities. Discover how the new all-hazards approach moves beyond traditional physical security to address operational interference, insider threats, cyber risks, and personnel vulnerabilities — and why this evolution matters.For aviation and maritime industry participants, the application of an all-hazards approach marks a clear evolution from a prescribed, compliance-based regime focused on granting access to secure zones, to a risk- and principles-based, outcomes-focused model that requires mitigation of a far broader range of risks — including cyber, personnel, and supply chain hazards.We’ll walk through the key reforms, practical obligations, and strategic actions your organisation can take now to prepare for compliance and build operational resilience.Whether you're a security leader, risk manager, regulator, or executive in the transport sector, this episode offers valuable insights and clear next steps for navigating Australia’s evolving threat landscape.
An insider threat incident at Canberra Hospital in May 2025, in which an employee targeted another employee ,reveals critical lessons for Critical Infrastructure Risk Management Program (CIRMP) compliance and personnel security under the Security of Critical Infrastructure Act 2018.
In this episode, the Pentagram Advisory team breaks down what directors of responsible entities need to know about their legal obligations when approving the Critical Infrastructure Risk Management Program (CIRMP) annual report. We explore board duties under the SOCI Act and Corporations Act, the importance of ongoing oversight, and offer practical recommendations for management to support board decision-making. Essential listening for directors and executives overseeing critical infrastructure in Australia.
Critical infrastructure is a fundamental enabler of Australia’s national security. Australian governments over decades have recognised the need to protect critical infrastructure from evolving threats as a component of national security, yet have offered policy guidance with little effective action to achieve protection. Government has put the onus for action onto the private sector to protect nationally critical assets and operations. In this podcast Pentagram will focus on one subset of the myriad elements required to ensure the safety of all Australians – critical infrastructure, discussing why protecting critical infrastructure is so important that it should be a national security priority. We will discuss the national-level threats that we need to protect critical infrastructure from.
Observing the absence of usual or the presence of unusual: a new lens on insider threat reportingIn an era dominated by surveillance tools and behavioural analytics, organisations still overlook their most powerful early warning system — people.Reporting data is a critical indicator of whether your organisation’s security measures are both proportionate and effective. It can also serve as an early warning sign of emerging risks. Without this data, organisations are often operating in the dark — unable to respond to threats in a timely or informed manner. In this episode, based on the article "Observing the Absence of Usual or the Presence of Unusual," Marina Shteinberg, director and co-founder of Pentagram Advisory, explores the human side of insider threat detection: how observation, intuition, and language shape our willingness to report.Marina delves into the psychology and psycholinguistics behind workplace reporting. Why do people hesitate to speak up, even when they sense something is off? How do words like “snitch” or “whistleblower” influence our moral choices?Discover how organisations can harness the deeply human ability to sense change — often subtle, emotional, and unspoken — and foster cultures where reporting is not seen as betrayal, but as an act of care.Because at its core, security begins with human connection, and our intuition — shaped over thousands of years of social interaction — remains one of the most reliable tools we have.
Written by Timothy SlatteryWhat happens when someone inside the system, entrusted with national secrets, begins to see another country as their true allegiance?This is the dilemma posed by insider threats – trusted individuals who, whether by intent or negligence, cause harm to the organisations that rely on them.In this powerful episode, Timothy Slattery, a former senior national security official with 37 years of experience across Australia’s army, intelligence, and law enforcement sectors, explores a real-life case of divided loyalties within the Australian Defence Force. The story highlights how personal ideology can override professional obligations—even in the most trusted roles.Drawing on two years of ASIO investigations, Tribunal findings, and lessons from critical infrastructure reforms, Tim unpacks why this case matters not just to government, but to all sectors responsible for protecting sensitive information, systems, and people.🎙️ Narrated by Pentagram Advisory.Essential listening for leaders, security professionals, and anyone committed to understanding and mitigating insider risk.
In this episode, we delve into one of Australia’s most pressing national security threats — foreign interference — and its direct implications for our critical infrastructure.Drawing on insights from ASIO’s 2025 Annual Threat Assessment, this podcast unpacks how hostile foreign actors are increasingly targeting Australia’s essential systems, from energy and water to communications and transport. These threats are not theoretical — they are active, covert, and evolving.We explore:What foreign interference is — and how it differs from legitimate foreign influence.Why Australia’s critical infrastructure has become a high-value target.How foreign actors exploit insider access, supply chains, and partnerships.What boards, executives, and operators can do to mitigate the risk.The power of Open Source Intelligence (OSINT) in detecting foreign ties, coercive behaviours, and hidden risks.Join Pentagram Advisory as we offer practical, proportionate strategies to help organisations move from awareness to action — and play a frontline role in protecting Australia’s sovereignty, resilience, and public trust.🎧 Tune in now to learn how your organisation can build real-world defences against this growing national security threat.
Comments
Download from Google Play
Download from App Store
United States