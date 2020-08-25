PRESS RELEASE - August 2020

Cyber security, in a world of recurring data breaches and online fraud, becomes more and more important for small, medium, and large business enterprises. It has been reported that Kiwi businesses lost $33 million to online scams and fraudulent activity in 2019.

A number of government agencies are tasked with helping to stem the tide of online fraud being perpetrated on New Zealanders. The NZ Police, GCSB, Department of Internal Affairs, and several more organisations support the work of defending our cyber borders. As part of this effort, a follow up to the NZ Cyber Security Strategy was released in 2019 by the Department of the Prime Minister and Cabinet. It is available to read here.

A key arm in the strategy is the requirement for agencies to certify their computer systems and ensure that they are compliant with the New Zealand Information Security Manual (NZISM). As Government agencies adopt a more compliant approach to the security of their computer systems, we should see fewer data breaches and a more mature approach being implemented to security assurance and cyber security in general. The methodology prescribed in NZISM is for agencies to conduct security certification activity. This includes risk assessment, controls applicability, controls validation, and certification.

