New Government strategy to fight cyber crime

Yesterday Communications Minister Amy Adams launched a a ‘refreshed’ cyber security strategy.

One ISP says two thirds of incoming email is risky, and they can get up to 50 attempted cyber attacks per day.

From Adams’ speech launching the new strategy and initiatives:

Today I’m unveiling that new strategy, along with an Action Plan and a National Cybercrime Plan.

Guided by four principles, the new Cyber Security Strategy sets out a clear high level framework for the government and private sector to work hand-in-hand to improve New Zealand’s cyber security.

It’s accompanied by an Action Plan which details the specific steps to be taken and pulls together existing and new initiatives. It will provide a means to measure progress.

Given that technology and threats are constantly evolving, the Action Plan will not be set in concrete.

It will be reviewed annually in close collaboration with Connect Smart partners and others.

Establishing a CERT

We need a variety of tools in our tool box.

A key initiative in this area is the Government’s intention to establish a national CERT.

This new institution will endeavour to deal with the complexity of the cyber landscape.

Government agencies and businesses need to have timely, actionable cyber security information and advice and be able to deal with a trusted agency when they have a cyber security incident.

A national CERT will act as a single front door for New Zealanders.

It will be the place where everyone can report cyber incidents, including small and medium size businesses.

As a result we will be able to build a better picture of the cyber security threat facing New Zealand.

The CERT will also provide trusted advice about current cyber threats so that people and organisations can take action to avert incidents.

A threat analysis tool will gather information about threat patterns and techniques to help New Zealanders and organisations handle cyber threats.

The national CERT will be solely dedicated to cyber security – it will be the central component of New Zealand’s cyber security architecture.

Cyber security is about partnerships and so over the coming months we want to work with you to determine how best to structure the CERT to ensure the right blend of public and private collaboration.

Building Cyber Capability

We also need to build cyber capability to make sure that New Zealanders, businesses and organisations at all levels have the knowledge and skills to protect themselves online.

We must grow our cyber security expertise and digital literacy at all levels if we are going to make it harder for malicious cyber actors to steal data, commit fraud or do other damage to our information systems.

Connect Smart will continue to be an on-going cyber security awareness and capability campaign.

In particular, I have highlighted the need to ensure that small businesses have the capability to secure their information systems – not least because of the contribution they collectively make to the New Zealand economy.

In addition to the existing Connect Smart SME toolkit, a new online questionnaire has been launched today.

It will assist businesses to understand some basic steps that could make a big difference to the security of the information that is critical to their commercial success.

This is a first step towards the development of a “cyber credentials” scheme.

The scheme will provide a “cyber security tick” to businesses with good cyber security practices – in a similar way to schemes that acknowledge, for example, healthy food choices or energy efficient appliances.

Addressing Cybercrime

We’re also launching a new National Plan to Address Cybercrime.

A recent report put the annual cost of cybercrime to the global economy at more than NZ$600 billion.

The internet provides a new tool for criminals.

This technology can be used to commit offences such as theft, fraud, the spread of offensive material, and the intimidation of people.

It can also be used to inflict damage or disrupt computer systems and services.

Addressing cybercrime involves lifting the government’s capability, particularly that of the Police, to deal with cybercrime.

Our new interagency plan focuses on prevention through building awareness and helping Kiwis and businesses to protect themselves, while also building the capability of Police and other agencies to deal with crimes committed online.

We will also take a look at our legislative settings with a view of checking whether they are fit for the new challenges posed by the digital age and a global internet.

Business use of the Internet has increased hugely over the past decade and is now an essential compement of many business operations.

Cyber security is a major issue and unless dealt with well exposes individuals, businesses and the country to significant risk.

Time will tell whether this new strategy helps – but if it works we may not know about it.

We are only going to notice when cyber security fails.

Leave a comment

12 Comments

  1. Alan Wilkinson

     /  11th December 2015

    I would guess the vast majority of internet threats are idiot level and do not require Government agencies to handle other than by encouraging education and information sharing. The minority of sophisticated attacks are where serious expertise should be focused. A national service that identifies targets, sources and weapons for those seems sensible, presumably working closely with overseas expertise.

    Reply
    • Alan Wilkinson

       /  11th December 2015

      I’m not sure how much this is astute and how much is unfounded insinuation. And as for reporting, she doesn’t even tell us how much of the committee’s work was done in private compared with the public session. I continue to regard most of her work with scepticism and large pinches of salt.

      Reply
      • Mefrostate

         /  11th December 2015

        I’d agree that the article is certainly down the opinion end of the spectrum, but I certainly think she has a point that the media have conveniently been distracted by the ‘jihadi brides’ hot-button, away from the issues highlighted by Gwyn.

        “And so what we got was breathless media reporting about ‘jihadi brides’. And little-to-no critical examination of the issues that have dogged both agencies this year.”

        I don’t think it’s too much of a stretch to consider that this could have been a deliberate tactic. Much like ‘backing the rapists’

        Reply
        • Alan Wilkinson

           /  11th December 2015

          What issues have dogged both agencies? Mountains being made out of molehills I think.

          Reply
          • Mefrostate

             /  11th December 2015

            Several mentioned in the article (expanded powers to spy on Asia-Pacific and pass info to Five Eyes, systems for vetting, and the Groser issue), plus the report itself raises issues with OIA responses and the need for political neutrality whilst maintaining oversight from both government and opposition.

            Admittedly, expanded investigations are forthcoming from Gwyn on many of these matters.

            Reply
            • Alan Wilkinson

               /  11th December 2015

              All of them molehills at best. Of course NZ scans Asia-Pacific and of course uses available information for diplomatic purposes. The Goff case was blatant politicking by the Left which got what it deserved.

            • Mefrostate

               /  11th December 2015

              I personally think they’re mountains. Or at least that they’re hills large enough that jihadi brides begin to look a lot like dead cats.

        • John Schmidt

           /  11th December 2015

          Where did the bride thing come from. My recollection of what was said by Kittredge was that they knew women had travelled to Syria for reasons they did not know, that it was something not previously known to happen and the concern was not knowing the why these women have gone. There was then speciation on a wide range of reasons of which bride was mentioned as a possibility. Next thing we have headlines focusing on brides totally ignoring the other possibilities and by the way none of the possibilities were good.

          Reply
          • kittycatkin

             /  12th December 2015

            She said that it was likely that they were wives or partners of fighters, Someone mentioned the number girls of 5-13 who go abroad every year, but that can be dismissed, I think-I have no idea where that came from, but can’t believe that if it was true it would have gone unnoticed. Vast numbers of unescorted little girls going to Syria every year and nobody notices or finds out why ?

            Metiria Turei’s bizarre remarks seem to have sunk without trace. They were just too dotty to have any credibility and a gross distortion and misinterpretation of John Key’s comments.

            Reply

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s