Businesses, government agencies and individuals facing cyber attacks now have a new government agency they can go to for information and advice.
The New Zealand Computer Emergency Response Team (CERT NZ), which is receiving $22 million in funding over four years, is modelled on 100 similar bodies overseas and has been in the wings for several years.
Director Rob Pope said it would be the first port of call for both businesses and individuals who were experiencing attacks, allowing them to submit reports and get advice.
Other initiatives originally proposed by the Government in 2015 have yet to be delivered – including cyber-crime training for all police and an accreditation scheme for small businesses with good cyber security practices.
READ MORE: * New measures to combat cybercrime outlined by Government * Police miss deadline to train all officers in the fight against cyber-crime
A poll of 180 information technology decision-makers carried out in March for state-owned enterprise Kordia found medium-sized companies with between 20 and 99 staff were most likely to leave themselves open to cyber-attacks.
Business leaders had little confidence in the policies in place to deal with the aftermath of a data breach, and technology and business executives weren’t on the same page when it came to information security, Kordia chief executive Scott Bartlett said.
Of 525 Kiwi businesses surveyed by security-software vendor Symantec in August, four reported they had paid a ransom – at some point in the past – after falling victim to a ransomware attack.
Until now, the Government has only tended to share intelligence on cyber-crime with government agencies and organisations that are deemed critical to the economy, such as major utilities.
Pope promised CERT NZ would “make a very big difference”.
“It is not just a throw-out of glossy cyber brochures. We would hope over time to develop a much more sophisticated approach to education and awareness.”
The Institute of Directors has backed the creation of CERT NZ, as an organisation that could help establish a wider dialogue and encourage businesses that are victims of cyber attacks to share information about current threats.