Government has allocated funding for a nation-wide Computer Emergency Response Team (CERT) to help New Zealand organisations – businesses, local and regional government, health care and education – understand and respond to cyber threats. With initial funding of $22.2 million, this initiative underscores the importance government places on keeping Kiwi networks safe for commerce, privacy and learning. But what are the immediate and practical implications for the education sector, specifically your school?
“The most important aspect of a national CERT is that it will act as a clearing-house to centrally manage information on cyber security threats and events as they happen,” says Andrew Khan, Fortinet Senior Business Manager at Ingram Micro, New Zealand’s largest distributor of Fortinet’s cyber security solutions. “Indeed, in her Ministerial Address to the 2016 Cyber Security Summit, where the funding for the CERT was announced, the Hon Amy Adams pointed out that ‘most simply don’t know who to turn to in the event of an attack or if they suspect their system has been compromised. This makes it difficult to build up a comprehensive picture of the size, nature and impact of current and future cyber security threats’.”
“Once we have a more complete view of the cyber-security challenges we face,” continues Khan, “we can then all work together to build safeguards into our collective networks.”
The irony is that the resources are already in place and operating in New Zealand. “Most security vendors, including Fortinet, already have their own cyber security labs that track security incidents that occur at client sites, analyse the characteristics of the newly-discovered threats and then automatically update the firmware that sits inside the various security components with the ‘signatures’ of the malware to counter these threats,” says Khan.
“What the national CERT will do, hopefully, is to coordinate and extend the efforts of the various security vendors to build a comprehensive security fabric that amplifies their technology and delivers fast and secure protection to all Kiwi stakeholders,” he says.
But this is in the future. What can you do to prepare your school’s network so that, when the CERT is established, you can easily integrate your network into the national security fabric?
“Most schools in New Zealand are better prepared to take advantage of the benefits of a national CERT than most mid-sized businesses,” continues Khan. “The reason is simple. You already engage competent professionals to support your school’s network. Many businesses do not. You understand that network security is not your core competency and have either outsourced your network operations to a third-party managed service provider or have invested in a skilled in-house team to take care of your infrastructure. Many businesses have not. As a result, it would be safe to say that your overall security profile is already primed to participate in the national CERT when it comes on-line.”
“What you should be doing,” he continues, “is talking to your network security provider and ensuring that they are providing you with ‘CERT-ready’ infrastructure that can detect security events as they happen, prepare counter-measures and then distribute the ‘threat intelligence’ to your communities of interest.”
“If we all work together,” concludes Khan, “our combined resources can provide network security many orders of magnitude greater than simply operating in isolation. And that is the real benefit of the CERT. It will provide a mechanism for all Kiwi network users – schools, businesses, government and private citizens - to work together to provide enhanced protection. No other country is taking such a comprehensive approach. It’s a great opportunity and we applaud the NZ government for their foresight and support.”
Andrew Khan, Senior Business Manager
M: 021 819 793
David Hills, Solutions Architect
M: 021 245 0437
Hugo Hutchinson, Business Development Manager
P: 09-414-0261 | M: 021-245-8276
Marc Brunzel, Business Development Manager
M: 021 241 6946