NZ intelligence agencies get tick of approval in follow-up performance review
By Paul McBeth
Sept. 3 (BusinessDesk) - Former public servants Sandi Beatie and Geoff Dangerfield gave an upbeat assessment of the New Zealand Intelligence Community in the follow-up review to the agencies' 2014 performance improvement framework.
The earlier report generally found the Government Communications Security Bureau, Security Intelligence Service, and National Assessments Bureau and Intelligence Coordination of the Department of Prime Minister and Cabinet faced "severe financial pressures" as the agencies went through a leadership change while under intense public scrutiny.
That led to a significant increase in funding, which Beatie and Dangerfield's report says is "an instructive example of where adverse PIF findings were taken on board by the senior leadership to drive significant change in performance while at the same time investing in new skills, analytics and tools."
The report cites shared support services as key to dealing with internal infrastructure that was "well below accepted standards" in need of urgent attention. Since then, "significant progress" has been made to boost the agencies' capabilities in human resources, finance and information technology, leading to better recruitment practices.
The intelligence agencies received $179 million over four years in response to a review seeking to better position them to meet current and future challenges.
While the intelligence community has lifted its game, "critical challenges remain including recruiting a more diverse workforce particularly in core intelligence collection capability," they said. "As the community grows and potentially becomes more diverse, there will inevitably be quite a significant cultural challenge to ensure the protection of the integrity and social licence to operate while continuing to build and retain ministerial, customer and public trust and confidence."
The intelligence agencies currently have 14 jobs advertised in a separate website branded as 'Beyond Ordinary' careers.
Managing that growth is seen as one of the risks to the agencies, with personnel seen growing by 50 percent between 2016 and 2020. As at June 30, 2016, GSCB had 353 full-time equivalents and the SIS had 304, which implies a target of about 1,000. As at June 30, 2017, GCSB employed 392 FTEs, SIS had 290, and the DPMC's Security Intelligence Group employed 66 staff.
The PIF reviewers said the SIS and GCSB have made "tangible progress" in closer recruitment, but more can be done give the "competitive market" to make sure they can secure "good quality candidates from a diverse range of backgrounds and experience".
The agencies last year launched a diversity and inclusion strategy, and for the past two years, GCSB has offered tertiary scholarships to women studying science, technology, engineering and mathematics.
The review's release coincided with a Five Eyes ministers meeting in Australia, where they discussed counter-terrorism, countering violent extremism, cyber-security, countering foreign interference, protecting critical infrastructure, border management and law enforcement.
Local industry group Internet NZ today raised concerns about a recommendation at the conference granting law enforcement agencies access to encrypted data and communications.
"Encryption provides important protection for all of us. We need encryption for things like online banking and booking travel safely. We need it to keep ourselves safe and secure online. Without it no one will have trust in the internet," Internet NZ chief executive Jordan Carter said in a statement. "It’s vital the government discuss these topics with a wide range of people and organisations - the tech sector, law enforcement, small and medium businesses who depend on safe online services, human rights, privacy advocates and more."
The PIF review noted work on the development of encryption infrastructure and engagement with telecommunications and other providers were among the NZ intelligence agencies' cyber-security activities.
"An independent quality assurance of a major cyber-security investment has shown that the project was well managed and achieved its objectives," the reviewers said.
In May, the GSCB's minister Andrew Little signalled plans to expand its Malware-Free Networks programme after a successful pilot with Vodafone New Zealand. Some 66 nationally significant public and private sector organisations fall under the Cortex umbrella.
The technology lets the GCSB's National Cyber Security Centre analyse, detect and disrupt cyber threats against public and private sector organisations, and from that, the unit draws insights it can provide cyber security advice to hundreds of nationally significant organisations.