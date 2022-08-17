FutureFive New Zealand logo
Consumer technology news from the future
Story image
Strategy
CERT NZ
Cyber resilience
Framework
PIJF

NZ’s Cyber Resilience Framework to be evolving and potentially automated

By Jessie Chiang
Yesterday

Cybersecurity was a top concern for the government in this year's budget, with tens of millions of dollars earmarked for agencies and sectors to boost their defences against cyberattacks.

These include the Ministry of Education ($27 million), the Ministry of Justice ($12 million), the Department of Corrections ($59 million), the New Zealand police ($24 million) and the Serious Fraud Office ($1 million).

For CERT NZ, Budget 2022 gave it some of the biggest increases in funding since its conception. The government pumped $30 million to the agency to provide cyber resilience support for the private sector and individuals. That's a significant jump on even its start-up costs in 2016 when the government announced an investment of $22.2 million to set up a new cybersecurity response team.

And part of the funding from this year's budget is going into what the agency says will be a first-of-its-kind Cyber Resilience Framework.

What is a Cyber Resilience Framework?

CERT NZ's manager of insights and reporting Nicte Lopez says the framework is about setting a baseline of information that could lead to insights on how Aotearoa is doing in the cyberspace. 

That includes whether New Zealand can withstand attacks, whether we're learning and evolving to be more prepared, and like the title says, whether we are resilient against the emerging threats that come in.

"It's a framework or an index that we're looking to develop that can be used by private, public and individuals. It's not a cybersecurity framework where you have a tick box, and you go, Oh, I need to do these steps to be a bit more," says Lopez.

"It's thinking about New Zealand as a whole system, which involves its communities, its individuals, and organizations, small, medium, large."

CERT NZ has been developing this framework for about a year, and in its initial research, it hasn't found anything similar in the international landscape. Only indexes or systems based on public information are currently available and there isn't anything that is as comprehensive as what the government agency wants to develop. Lopez says many of the things that exist out there are also quite technical. They don't necessarily think about the social impact a cyber attack can have on an individual and a community. 

"That's something that we are very keen to be able to quantify, to understand. Are we providing our effort in the right area, or do we need to maybe focus a little bit more somewhere?" she says.

Examples of international frameworks include the Global Cybersecurity Index which measures the commitment of countries to cybersecurity at a global level – to raise awareness of the importance and different dimensions of the issue. There's also the National Cyber Security Index in Estonia, which measures the preparedness of countries to prevent cyber threats and manage cyber incidents. 

"Again, those are very technical focused, and they're very focused on governance that exists. We're looking for something a bit broader that gives us that human element to what cybersecurity really is," says Lopez.

The work that's been done and what's next

Lopez says CERT NZ is currently moving from its discovery phase, understanding what the world is doing, into its scoping phase.

"We've reached out to the world, and they're very interested. They want to see us succeed so they can have something that they can start using. There are already conversations internationally around being able to do a little bit more analysis on how countries are doing," she says.

That's hard to do with larger countries, but Lopez says New Zealand has an opportunity because of its scale and its ability to work together with the private sector. This work has been allocated $2.4 million over three years, and CERT NZ envisions being able to develop a proxy framework which will also look at what it would take to have a fully mature framework.

But getting to the end result isn't as easy as some might think.

"We have to think about information is scattered everywhere. You require people to analyze it and ask the questions. You also need to think about this as a living thing. You can't put budget to it and then walk away, you want to continuously invest in the knowledge that you've gained and iterate that knowledge," says Lopez.

What CERT NZ is considering is developing a skeleton, or a mock-up of the domains it thinks it could look at and, for each domain, involve the private, public sector and experts in academia. This makes it a progressive and iterative process.

"The questions that we have this year are not going to be the same questions we have three years down the line. So it's really about building a system that can learn by itself. What are the new questions that we need to be constantly asking to know are we being resilient against the threats from New Zealand in the cyberspace?" says Lopez.

At the end of the day, cyber threats are constantly evolving, so any resilience framework needs to do so too. That means the framework can't be a dead document. Lopez says while it's early days, automating information could play a role in keeping the work up to speed.

"There are limits of being able to work together with the agencies that have information to consolidate it. Obviously, automation would be a good way forward," she says.

"Those are probably the questions that we will be asking once we identify what it is that we want to achieve, and then how can we achieve this in the best way possible?"

Taking part

For businesses and industries who see the framework as useful, Lopez is asking them to reach out to CERT NZ. She says the agency is currently in the phase of seeking to understand what the problem is and how it can put the framework or the index together. CERT NZ wants it to be usable for anybody, whether it be an individual or business, to understand if there's a particular weakness or strength in their industry.

"We're not gonna get perfect on day one. It is an iterative thing. We you know, we need to work together to get this right and we're one country but I think we've got a really good attitude towards making this succeed," says Lopez.

"We want to create something that is sustainable, and that is not costing taxpayers money without the value that they're getting back."

Public Interest Journalism Fund logo
Public Interest Journalism funded through NZ On Air.
Related stories
How well do rangatahi understand cyber safety in Aotearoa?
Why printing security plays a vital part in keeping Aotearoa safe
Major media companies sign new online safety framework for Aotearoa
How secure is accounting software data in Aotearoa?
Unknown connections: How safe is public WiFi in Aotearoa?
Game review: Tiny Tina’s Wonderlands (PC)
Top stories
Story image
Gaming
Game review: Stray (PlayStation 5)
Stray is a new unique 2022 video game where you control a cute ginger cat. As a person that feeds eight stray cats, I knew Stray was a game that I really needed to play.
Story image
Cyber resilience
NZ’s Cyber Resilience Framework to be evolving and potentially automated
The government's already putting $2.4 million into the Cyber Resilience Framework in its initial stages, what is it and why is it important?
Story image
Blockchain
Australian Grand Prix uses CENNZnet blockchain for fan experience
CENNZnet was employed by Power'd Digital to deliver the Formula 1 Heineken Australian Grand Prix's 2022 AusGP Access program.
Story image
Gaming
Game review: Sweet Transit (PC Steam early access)
Team 17’s Sweet Transit invites players to build a thriving colony in a world whereby trains are the only form of transport.
Story image
SmartWatch
Hands-on review: Huawei Watch D smart watch
The Huawei Watch D is the latest flagship smart watch from the Chinese tech giant, and it's further proof that the company is more than capable of competing with the likes of Samsung and Apple in the highly competitive wearable market.
Story image
Review
Hands-on review: JBL Flip 6 portable speaker
Once you switch it on, and listen away for up to 12 hours, you will quickly realise that this is a little speaker looking for a party.
Story image
Home security
Hands-on review: Eufy Wire-Free Dual Cam Video Doorbell 2K
We have had our house secured by Eufy products for over seven months now. We love the brand, and it has never let us down.
Story image
Gaming
Game review: Digimon Survive (PlayStation 5)
Since there’s little actual gameplay in Digimon Survive, the biggest draw card to the game is its long and interesting story.
Story image
Fibre
Orcon brings faster fibre to Christchurch with Hyperfibre offering
Orcon has today launched the next generation of fibre speeds in Christchurch, bringing its Hyperfibre offering to the city.
Story image
Smartphone
Samsung introduces new generation of foldable smartphones
Samsung has unveiled its new range of Galaxy Z smartphones, bringing new developments to the company’s foldable smartphone portfolio.
Story image
Product Management
TeamViewer and Siemens to innovate product lifecycle space with AR
TeamViewer's new partnership with Siemens Digital Industries Software to bring the power of TeamViewer's AR platform, Frontline, to Siemen Teamcenter software.
Story image
Broadband
MyRepublic unveils 'choose the speed you need' mobile plans
Broadband provider MyRepublic has announced the details of its new 'choose the speed you need' mobile plans, designed for New Zealanders. 
Story image
i-PRO
I-Pro officially marks launch of brand in Australia and New Zealand
I-Pro has officially launched in Australia and New Zealand, following a series of new releases as an entity that started in early April.
Story image
Phishing
Norton research finds NZ threat landscape diversifying on social media
Norton's quarterly report has highlighted the seriousness of the threat landscape in New Zealand.
Story image
Sustainability
NZ program recovers and recycles more than 177 tonnes of e-waste
The TechCollect NZ pilot program says its milestone of recovering and recycling more than 177 tonnes of ICT e-waste recognises the efforts of many.
Story image
Gaming
Logitech G’s new Aurora collection looks to help change gaming stereotypes
The company’s new Aurora collection is designed to be gender inclusive, not gender exclusive, addressing the needs and wants of women gamers while also still appealing to a wider general audience.
Story image
Malware
Research shows attacks on the gaming industry are getting worse
Web application attacks in the gaming sector have grown by 167% from Q1 2021 to Q1 2022, according to new research from Akamai.
Story image
Apple
2degrees unveils eSIM functionality for selected devices
2degrees has enabled eSIM functionality to work with a variety of Apple, Samsung and Oppo devices, including a range of iPads.
Story image
Gaming
Hands-on review: SteelSeries Apex Pro Mini Keyboard
SteelSeries has taken the design of its range of Apex keyboards to create a smaller version, the Apex Pro Mini. Techday’s Darren Price checks it out.
Story image
Home Entertainment
Hands-on review: TCL 65″ C835 Mini LED 4K Google TV
We introduce you today to a TV that brings the height of immersion to your viewing experience: The TCL 65″ C835 Mini LED 4K Google TV.
Story image
Distribution
Garmin expands NZ footprint with new Auckland distribution centre
The facility at Goodman’s Highbrook Business Park will be fully operational from October 2022 and features 3,586sqm of warehouse space.
Story image
Gaming
Hands-on review: SteelSeries Arctis Nova Pro gaming headset
SteelSeries, being no stranger to creating premium gaming peripherals, sent over its Arctis Nova Pro wired headset kit for us to take a look at.
Story image
Gaming
Chorus announces Hyperfibre sponsorship deal with NZ Esports
Chorus has put its support behind New Zealand's Esports community with a newly announced three-year Hyperfibre sponsorship deal with NZ Esports.
Story image
Cloud
Microsoft and Auckland Transport announce new cloud agreement
Auckland Transport (AT) and Microsoft have announced a new cloud agreement aimed at promoting innovation, reducing costs and improving sustainability in transport services.
Story image
Samsung
New range of Samsung Smart Watches announced with health focus
Samsung has announced new additions to its SmartWatch portfolio, with the Galaxy Watch5 and Galaxy Watch5 Pro to be released in late August.
Story image
Netsafe
Major media companies sign new online safety framework for Aotearoa
A new joint development between Netsafe and some of the world's leading social media companies is set to provide Kiwis with safer online experiences.
Story image
Virtual Reality / VR
Virtual reality app reduces phobias through NZ trial
"With this VR app treatment, trialists had increased control in exposure to their fears, as well as control over when and where exposure occurs."
Story image
Gaming
Game review: Klonoa Phantasy Reverie Series
If there's something missing in today's gaming industry, it's the wonderful discovery of finding new games for hire at your local video rental store. I remember my family hired out the first Klonoa game for the PSOne back in 1997, and it was a blast to play as a kid.
Story image
Planning
Digital key for smart investment in public infrastructure for NZ cities
Major public infrastructure projects can better manage risks of cost overruns and delays if they deploy data and digital tools at the earliest planning stages.
Story image
Dark web
Beware the darkverse and its cyber-physical threats
A darkverse of criminality hidden from law enforcement could quickly evolve to fuel a new industry of metaverse-related cybercrime.
Story image
Tablets & laptops
Hands-on review: Xencelabs Graphic Display Tablet
Xencelabs seemed to show up out of nowhere on the market. I had no idea who they were or what they were about, but I was very intrigued.
Story image
Arlo
Hands-on review: Arlo Go 2 security camera
In my humble opinion, Arlo Go 2 offers security for anyone needing to keep a remote eye on prized possessions or premises at different locations.
Story image
Malware
Minors using Discord servers to spread malware for cash
Avast has discovered an online community of minors constructing, exchanging and spreading malware, including ransomware and a mix of information stealers and cryptominers.
Story image
Review
Hands-on review: TCL 30 SE mobile phone
TCL continues to provide consumers with budget phones that still pack a punch with the TCL 30 SE mobile phone. 
Story image
Printers
Comedy legend Jimeoin fronts Epson advertising campaign in NZ and Australia
According to Epson the company’s EcoTank models now account for 74% of all printers sold in the category in New Zealand, alone.
Story image
Internet
InternetNZ appoints new chief executive. Will take over in October
InternetNZ has announced the appointment of its new chief executive, with Vivien Maidaborn taking over the role from interim chief Andrew Cushen in October.
Story image
Wireless
Hands-on review: James Donkey RS4 Knight Wireless Gaming Keyboard
I have always liked mechanical keyboards, and this is no exception. I find the action much easier to use than the modern keyboards with limited travel.
Story image
Gaming
Attacks on gaming companies more than double over past year
The State of the Internet report shows gaming companies and gamer accounts are at risk, following a surge in web application attacks post pandemic.
Story image
VPN
Hands-on review: Norton Secure VPN
Norton is obviously serious about your privacy. They have a “No-log” policy, which simply means that they do not track or store any of your on-line activities.
Story image
Tablets & laptops
Hands-on review: HP Evo Spectre X360 Flip Ultrabook 13.5” laptop
The Spectre comes with a keyboard that makes working for long hours something to be looked forward to. It has to be one of the best keyboards I have seen on a 13.5” laptop.
Story image
Tablets & laptops
Chromebook and tablet shipments see another rapid decline for the year
According to research from Canalys PC Analysis, Chromebook and tablet shipments have fallen for the fourth quarter in a row for Q2 of 2022.
Story image
Gaming
Game review: Disgaea 6 Complete
Disgaea 6: Defiance of Destiny originally came out in 2021, and more than a year later, the game has now been re-released.