Note: This is part of a series. You can read part onepart two, and part three, here.

As far as counterterrorism and de-radicalisation strategies go, there are a number of decisive events—each with their own set of sub-events—that should ultimately be the focus of any government-backed initiative. The first could be the radicalisation process itself. The second could be the de-radicalisation process of those who are caught trying to leave Australia. The third could be the de-radicalisation process of either: (a) those who have returned to Australia from fighting with terrorist organisations overseas, or (b) those who have indicated they want to return to Australia after their expectations and assumptions had been utterly crushed by the reality of the conflict.

The radicalisation process itself is an extremely complex psychological phenomenon. A person’s reason for leaving the relative comfort of middle-class Australia and joining a terrorist organisation such as the Islamic State will differ from an individual living in Pakistan who does the same thing. It will be a combination of variables that are unique to that individual that will ultimately drive them to make that choice. That being said, there are trends that exist concerning areas such as political, social, religious, ethnic, nationalistic, and personal circumstances that contribute to people choosing this path.

Not only do counter-radicalisation strategies need to be crafted to deal with the aforementioned circumstances, they also need to navigate one of the biggest hindrances to this new era of terrorism: social media. The Islamic State’s undeniable appeal to the misguided, amplified via aggressive online strategies, is simply unprecedented. Their digital campaigns of hate and instantaneous global distribution have almost been refined to an art form. It is becoming painfully obvious that government-led initiatives to counter the online recruitment of terrorist organisations is far from adequate.

The U.S. is currently reeling from what is the largest breach of federal employee data in recent years. Hackers allegedly working for the Chinese government managed to breach the Office of Personnel Management (OPM) system, compromising the personal data of approximately four million current and former federal employees. This information included Social Security numbers, job assignments, and training information, with some concern that payroll information may also have been breached.

This was the second successful attack against the OPM in as many months. The first was discovered in March, when hackers breached the OPM system that manages sensitive data on federal employees applying for security clearances. The amount of personal data that such a system would hold is beyond words. From my personal experience, from 2004-2014, I held the highest security clearance that the Australian government administers. The process itself accounted for my entire life from my date of birth to the day I was physically applying for the clearance. This was due to the fact that I would be exposed to information that would have had grave national consequences should it ever have been made public.

The clearance process made sure that I as an individual could meet the personal, reporting, and workplace responsibilities expected of someone who was granted access to such sensitive information. It delved deep into the most personal of information—with no holds barred—to ensure that I satisfied all of the appropriate criteria. They look for reasons to not give you the clearance rather than reasons for, and rightly so. The amount of personal information I had to submit would have made even the most amateur of identity thieves weak at the knees. The fact that the OPM system which manages this type of information was breached is simply mind-blowing.

The reason I am using this as an example is to highlight the extent of the problem that we are facing. If the most militarily advanced nation in the world cannot protect some of the most sensitive information concerning its employees and operations, then what chance does it have of effectively addressing and countering the online extremist propaganda of groups like the Islamic State? If the U.S. has a budget allocated to the overarching realm of cyber security, is the bulk of this going to go toward upgrading and protecting their systems which have already been breached, or toward soft policies such as those strategies aimed at countering online radicalisation?