Blue army: paramilitary policing in Victoria

McCulloch, Jude

January 1998

This thesis focuses on the changes to law enforcement precipitated by the establishment of counter terrorist squads within State police forces during the late 1970's. It looks at the impact of Victoria's specialist counter terrorist squad, the Special Operations Group (SOG), on policing in Victoria and asks whether the group has led to the development of a more 'military based' approach to policing. The research demonstrates that the SOG has been the harbinger of more military styles of policing involving high levels of confrontation, more lethal weapons and a greater range of weapons and more frequent recourse to deadly force. The establishment of groups like the SOG has also undermined Australia's democratic traditions by blurring the boundaries between the police and military and weakening the safeguards which have in then past prevented military force being used against citizens. / The SOG has acted as a vanguard group within Victoria police, anticipating and leading progress towards a range of new military-style tactics and weapons. The SOG, although relatively small in number,, has had a marked influence on the tactics and operations of police throughout the force. The group was never contained to dealing with only terrorist incidents but instead used for a range of more traditional police duties. While terrorism has remained rare in Australia the SOG has nevertheless expanded in size and role. Because the SOG is considered elite and because the SOG are frequently temporarily seconded to other areas of policing, SOG members provide a role for other police and have the opportunity to introduce parliamentary tactics into an extended range of police duties. The parliamentary skills developed by the SOG have been passes on to ordinary police through training programs headed by former SOG officers. In addition, the group has effectively been used as a testing ground for new weapons. The structure of the Victoria Police Protective Security Group and the way public demonstrations and industrial disputes are viewed in police and security circles ensure that parliamentary counter terrorist tactics will be used to stifle dissent and protest. The move towards paramilitary policing is necessarily a move away from the police mandate to protect life, keep the peace and use only minimum force. / The interrogation of SOG and SOG tactics into everyday policing has occurred without any public debate or recognition of the important democratic traditions that have ensured that military force is not used against citizens except in the most extreme circumstances. Although the SOG is not formally part of the military it is nevertheless a significant parliamentary force virtually indistinguishable in terms of the weapons and levels of force at its disposal from the military proper.

Protection of security information within goverments department in South Africa

Nkwana, Mokata Johannes

02 1900

The protection of security information in government departments requires the active engagement of executive management to assess emerging threats and provide strong security risk control measures. For most government departments, establishing effective protection of security information is a major initiative, given the often continuous, strategic nature of typical security efforts. This requires commitments or support from senior management and adequate resources. It necessitates the elevation of information security management to positions of authority commensurate to the required responsibilities. This has been the trend in recent years as government departments are increasingly dependent on their information assets and resources, while threats and disruptions continue to escalate in frequency and cost. It is clear from numerous recent studies that organisations that have taken the steps described in this research document and have implemented effective information security risk control measures have achieved significant results in reduced losses and improved resource management. Given the demonstrable benefits, it is surprising that there have not been greater progress in effectively managing information assets. Although regulatory compliance has been a major driver in improving the protection of security information overall, this study has also shown that nearly half of all government departments are failing to initiate meaningful compliance efforts. Failure to address the identified vulnerabilities by government departments will result in espionage, covert influencing manipulation, fraud, sabotage and corruption. Information security risk control measures include the elements required to provide senior management assurance that its direction and intent are reflected in the security posture of the organisation by utilising a structured approach to implement an information security programme. Once those elements are in place, senior management can be confident that adequate and effective protection of security information will protect, as far as possible, the department’s vital information assets. / Criminology and Security Science / M.Tech (Security Management)

Government department

Information security

Protective security

352.387682

Data protection -- South Africa

Data protection

Protection of security information within government departments in South Africa

Nkwana, Mokata Johannes

02 1900

The protection of security information in government departments requires the active engagement of executive management to assess emerging threats and provide strong security risk control measures. For most government departments, establishing effective protection of security information is a major initiative, given the often continuous, strategic nature of typical security efforts. This requires commitments or support from senior management and adequate resources. It necessitates the elevation of information security management to positions of authority commensurate to the required responsibilities. This has been the trend in recent years as government departments are increasingly dependent on their information assets and resources, while threats and disruptions continue to escalate in frequency and cost. It is clear from numerous recent studies that organisations that have taken the steps described in this research document and have implemented effective information security risk control measures have achieved significant results in reduced losses and improved resource management. Given the demonstrable benefits, it is surprising that there have not been greater progress in effectively managing information assets. Although regulatory compliance has been a major driver in improving the protection of security information overall, this study has also shown that nearly half of all government departments are failing to initiate meaningful compliance efforts. Failure to address the identified vulnerabilities by government departments will result in espionage, covert influencing manipulation, fraud, sabotage and corruption. Information security risk control measures include the elements required to provide senior management assurance that its direction and intent are reflected in the security posture of the organisation by utilising a structured approach to implement an information security programme. Once those elements are in place, senior management can be confident that adequate and effective protection of security information will protect, as far as possible, the department’s vital information assets. / Criminology and Security Science / M. Tech. (Security Management)

Government departments

Information security

Protective security

352.387682

Data protection -- South Africa

Data protection -- South Africa

Cyber Supply Chain Security and the Swedish Security Protected Procurement with Security Protective Agreement

Dios Falk, Carina

January 2023

Digitalisation and globalisation are increasing the number of integrated and interconnected information technology (IT) systems worldwide. Consequently, these relationships and dependencies develop technological relationships through their services. Identifying all these relations is for organisations a challenge and complex since it involves millions of source code lines and global connections. For this reason, cyber supply chain risk management (C-SCRM) is becoming ever more critical for organisations to manage risks associated with information technology and operational technology (OT). At the same time, during a press conference, the Swedish Minister for Defense Peter Hultquist estimated that there are approx. 100.000 cyber activities against Swedish targets every year that targets both the Private and Public sector. In response to the evolving threat landscape, Sweden is experiencing a paradigm shift in protective security processes with new legislation entering into force that aims to protect Sweden's security against espionage, sabotage, terrorist offences and other crimes against national security. These rules on protective security, the Protective Security Act (2018:585) and Protective Security Ordinance (2021:955) apply to operators that are important for Sweden's national security and affect how public procurement processes are regulated. This thesis aims to study how the Swedish Security Protected Procurement with Security Protective Agreements (SUA) process and Cyber Supply Chain Risk Management (C-SCRM) relate and to understand what practices increase and decrease the level of C-SCRM in the current SUA process. The research questions are Q1) How does the SUA process relate to C-SCRM? and Q2) How does the SUA process affect the level of C-SCRM? This research paper contributes to understanding C-SCRM in the context of the Swedish Security Protected Procurement with Security Protective Agreements (SUA). To answer the research questions a Case study strategy was used, and interviews were conducted with eight key experts as well as a document analysis. The results showed that audit, regulation and people and processes are essential to managing C-SCRM and that processes within other international models, including the CMMC and Cyber Essential Plus, should be adopted to the SUA process to better manage cyber supply chain risks.

Cyber Security

Protective Security

Public Procurement

Cyber Supply Chain Security

Swedish National Security

Risk Management

Cyber Security Risk Management

NIST 800-161

ISO/IEC 27036

NISTIR 8276

Computer Sciences

Datavetenskap (datalogi)