The general manager of security and emergency management for Woodside Petroleum has publicly accused government staff of leaking commercially sensitive information that was provided under the Trusted Information Sharing Network (TISN).
Woodside's critical infrastructure.
The TISN was established in 2003 by the Attorney General's Department to give critical infrastructure businesses and government agencies a forum to confidentially share information that could improve Australia's ability to respond to national security threats.
However, according to Bill Forbes, general manager of security and emergency management for Woodside Petroleum — and co-chair of The TISN's Energy Group — government agencies have failed to keep their side of the bargain.
At the National Corporate Security Summit in Sydney on 2 July, Forbes accused government staff of leaking commercially sensitive information to Woodside's competitors.
He voiced his concerns directly to the Department of Immigration and Citizenship's (DIAC) head of protective security Mark Handley, who was a speaker at the event.
During the Q&A session in Handley's presentation, Forbes said: "It's of great concern when I've got executives of my company looking at me ... saying they have just heard from a counterpart in another company that something [we have communicated to TISN in good faith] has been passed on to competitors within our sector".
"[In] the spirit of what TISN is all about, we endeavour to provide [that body with] as much information about where we are now and where we are going [as we can]," said Forbes.
The alleged information leaks would contravene tenets outlined in the federal government's Protective Security Manual (PSM), which covers how government agencies handle information. In this case, the deed of confidentiality given by the Attorney-General's Department to TISN participants such as Woodside. The measures allow participants to determine the level of classification for information shared with the body. However, Forbes said these measures are not always adhered to by government staff.
Not all government agencies had read the PSM, said Forbes, let alone made "any attempt" to adhere to the spirit or letter of the document.
Forbes said the entire TISN project was at risk from information leakage and could result in critical infrastructure giants like Woodside not sharing information.
A spokesperson for the Attorney General's Department denied there had been any such security breaches.
"There has not been a breach which has endangered trust and confidence within the TISN in its five years of existence. The TISN is based on trust and hundreds of Australian companies have chosen to join and share information with the aim of building a more resilient Australia. Such a breach of TISN confidentiality would be viewed very seriously and would be investigated," the spokesperson told ZDNet.com.au.
"If an Australian Government employee breaches this confidence, there would be disciplinary action under the APS Code of Conduct and, possibly, prosecution under section 70 of the Crimes Act 1914," the spokesperson added.
The comments by Forbes come at a sensitive time as the Attorney General's Department recently announced its national e-security review. The review aims to take a national approach to "e-security" and the department has requested cooperation from industry and the public.
While Forbes said he supports TISN, he told Handley regarding trust: "With regards to confidential information ... it is a two-way street."