IT Brief New Zealand logo
Technology news for New Zealand's largest enterprises
Story image

The who’s who of NZ’s government & public cybersecurity agencies

By Sara Barker
Thu 30 Sep 2021

Aotearoa, New Zealand, is a young nation cutting its teeth on innovation and digital capabilities. Our tech sector is growing; our people use digital tools in business and at home to explore and invent. But, with every new technology-enabled path we forge, we must also defend ourselves from cyber threats and exploitation. New Zealand’s national cyber defence involves many agencies and strategies. Here we take a look at some of the main players.

Government ministers, policies, and legislation

The New Zealand Government has two primary Ministers responsible for technology and security: Andrew Little, Minister for the GCSB and NZSIS, and David Clark, Minister for the Digital Economy and Communications. They are involved in developing New Zealand’s cybersecurity policy with the help of the Government's chief information security officer/GCSB director-general Andrew Hampton and the broader Government. In addition, The ICT Security and Related Services Panel enables commercial organisations to supply security services to the Government to protect New Zealand’s cybersecurity and defence.

Clark, Little, and their predecessors in previous governments have put significant effort into protecting New Zealand against security threats through the National Cyber Policy Office, established in 2012. In addition, there are specific forms of legislation and policies to plot New Zealand's cybersecurity journey. The most notable of these is the Cyber Security Strategy launched in 2011 and was updated until 2019. The Government also follows the Cyber Security Emergency Response Plan (CSERP), which was last updated in July 2021.

The CSERP outlines the government response to a cybersecurity emergency in terms of roles and responsibilities, the private sector’s understanding of the government approach, an effective and coordinated response, and the swift restoration of services and operations. The CSERP focuses on five principles: Cooperation, coordination, sustainability, timeliness, and trust. The CSERP is also activated when the National Cybersecurity Centre (NCSC) or CERT NZ identifies a cybersecurity emergency based on reports from partners, the public, or technical capabilities that identify threats that could lead to an emergency.

The Government Communications Security Bureau (GCSB)

Currently led by Director-General Andrew Hampton, the GCSB has been operating since 1977. However, the modern form of the GCSB started to take shape in 2003 when it became a public service under the Government Communications Security Bureau Act 2003. Since then, the bureau has continued to build out its capabilities whilst administering the network security provisions of the Telecommunications (Interception Capability and Security) Act 2013 and delivering its mandate under the Intelligence and Security Act 2017.

The GCSB was drawn into the public eye after attacks on its Waihopai spy base in 2008 and its involvement in the Five Eyes intelligence network. However, the GCSB’s remit is much broader than these incidents. Essentially, the GCSB exists to protect New Zealand from threats, both online and offline. 

Hampton explains, “We have two primary missions. One is intelligence gathering or signals intelligence, which is generally foreign intelligence. We do that by electronic means, following priorities set by Government. This means finding out about global and national issues that are relevant to New Zealand decision-makers."

“The other role we have relates to the NCSC, specifically cybersecurity and information assurance for organisations of national significance. We don’t provide the country’s firewall, and we don’t duplicate services provided by the commercial providers. Instead, we help to protect organisations of national significance from advanced persistent threat actors."

“There is a relationship between those two missions: the fact that we are an intelligence bureau means that we have access to legal authorities, partner relationships and technologies. These give us more capabilities in cybersecurity that other organisations may not be able to achieve.”

The GCSB is also involved in security risk assessments for new technologies such as 5G and even space launches under the The Outer Space and High-altitude Activities Act 2017. For example, in the last year alone, the GCSB assessed 24 space-related activities from New Zealand - these assessments covered launches, payloads, and high-altitude vehicles.

“If anyone wants to launch a space vehicle from New Zealand, we need to assess the payload. This is to make sure there are no national security risks,” says Hampton.

New Zealand’s National Cyber Security Centre (NCSC)

The NCSC was launched in 2011 and led by Lisa Fong since 2016. It operates within the GCSB to protect and provide incident response for New Zealand’s most significant public and private sector organisations from cyber threats. 

These organisations can include government departments, telecommunications companies, transport and energy companies, and much more. In 2018 there were more than 250 organisations in New Zealand classified as being of national significance. The NCSC provides advisory services, support, advice and education for these organisations. It also collaborates with the information security community, technology industry and Government.

The NCSC runs a malware detection and disruption service called Cortex. While Cortex's inner workings remain classified, it leverages threat intelligence from a range of sources to protect a select group of New Zealand organisations. Cortex is an ambitious service that is still shrouded in secrecy. Still, its prowess is apparent: In 2018, Cortex won two awards. The iSANZ Awards dubbed Cortex ‘Best Security Project’ and the Institute of Public Administration (IPANZ) recognised Cortex in the Excellence Award for Building Trust and Confidence in Government.

“Much of what we do is classified by necessity so it was fantastic to be able to win awards that recognise the services we provide to ultimately protect organisations and New Zealanders,” says Hampton.

Malware-Free Networks is a threat detection and disruption service similar to Cortex, but it is more widely available through cybersecurity providers and managed service providers. It also provides a curated threat feed informed by information from various sources, including classified ones, from the NCSC and its partners. Malware-Free Networks protects all organisations of national significance.

The service has been live since June, and the NCSC is working with network operators and commercial security service providers to enable the Malware-Free Networks service to be offered to their existing customers and accessible within the IT security market to new customers.

The NCSC’s Cortex and Malware Free Networks services aren’t available to every New Zealand business or individual. So who else can help out when an incident happens? CERT NZ is the next port-of-call.

A CERT is a Computer Emergency Response Team. CERT New Zealand (CERT NZ) was established in 2016 as an agency that provides security updates, and it investigates and reports security risks to businesses, IT teams, and individuals.

CERT NZ works with other government agencies and other CERTS worldwide, such as AusCERT (Australia), HKCERT (Hong Kong), and US-CERT (the United States). 

The agency also partners to share intelligence, update and technical advice alongside the Department of Internal Affairs, the NCSC, the New Zealand Police, Netsafe, and international partners in Australia, the United States, Canada, and the UK. In addition, CERT NZ runs a Pacific Partnership Programme that supports Pacific countries to build their cybersecurity capabilities. 

CERT NZ director Rob Pope explains, “We help protect people in three main ways: We analyse the international cybersecurity landscape for what threats and vulnerabilities are relevant to New Zealand, and pass on these warnings so that others can be vigilant. Secondly when an incident occurs, we are there for people to report to so we can offer our trusted and expert information and advice to help them deal with and recover from the attack. Lastly, we raise awareness of cybersecurity impacts and deliver up to date, actionable advice on cybersecurity best practice.”

Pope says ransomware is amongst the most disruptive types of attacks in New Zealand and worldwide. Still, there are also lessons to be learnt from the speed at which attackers can exploit software vulnerabilities to conduct attacks. Every three months, CERT NZ publishes a Quarterly Report, which touches on the most commonly reported security incidents. 

“The pressure is on organisations to be able to get their software updated before they can be impacted. Cybercrime is opportunistic and we see small to medium businesses being targeted frequently, and in the current economic climate as budgets are tightly constrained, often cybersecurity might seem like a line item organisations struggle to afford.”

Pope believes it’s important for businesses and New Zealanders to report cyber attacks or online fraud quickly.

“Incident reports are important because we can offer immediate support to help understand, mitigate and recover from cyber attacks. We can act as a triage service, putting people in touch with the right law enforcement contacts, and advising where to turn for IT help.”

CERT NZ treats all reports as confidential, and those submitting reports need only share as much as they feel comfortable.

He adds, “We are seeing attitudes move away from the ‘shame’ of being a victim of a cyber attack and people becoming more willing to report them and ask for help. The more reporting done, the more awareness and knowledge we're building, and the more we're helping each other to keep secure online.”

You can report cyber attacks, security breaches or online fraud at

New Zealand Police

The NZ Police Cybercrime unit was created in 2009. Back then, its focus was to coordinate the response to technically complex crimes. It had a dual reactive and proactive focus on these crime types. Five years later, the unit expanded to cover complex and serious cybercrime, including the Cryptopia theft and the recent Waikato District Health Board ransomware attack.

The team works closely with other New Zealand agencies, including the NCSC, CERT NZ, Netsafe, the Department of Internal affairs, and international partner organisations like INTERPOL and other like-minded law enforcement agencies. 

The Police Financial Crime Group Asset Recovery Unit has also been involved in investigating money laundering and cybercrime when New Zealand organisations get caught up in the mess. A prime example of this type of event is the Canton Business Corporation and BTC-e investigation, which resulted in the largest restraint of funds (NZ$140 million) in New Zealand Police history.

“New Zealand Police recognises cybercrime is a growth area which requires a targeted and meaningful response. We are continually working to strengthen the strategies Police use to address this type of offending,” says NZ Police Cybercrime Unit detective senior sergeant Greg Dalziel.

Dalziel echoes observations that ransomware attacks, cryptocurrency scams and business email compromise scams are becoming more common.

“Outside of this there are the volume crime cases where the losses are smaller, and often not connected to a particular campaign, hitting New Zealand."

"Prevention messaging remains a key response to cyber enabled crime. There is often a user interaction that results in the loss, and if we can prevent this occurring, we can stop a crime before any loss occurs.”


Netsafe is a charity whose mission is to work with schools, parents, education providers, and the wider public. Netsafe aims to encourage positive use of technology, prevent online harm, and provide support for people who have negative and often devastating online experiences. The agency has been operating for 20 years and runs a confidential, free helpline and other services.

Netsafe CEO Martin Cocker says, “Individuals are never more than a few clicks away from trolls, bullies, scammers, objectionable content and a range of other unpleasant online experiences. According to Netsafe’s research, one in five adults and nearly twice as many young people received a digital communication that had a negative impact on their life."

“Our job is to make it easier for people to enjoy the opportunities being online offers and to help them if something goes wrong. We do this by providing free support, advice and education, and by working collaboratively with the community, tech industry and Government.”

Netsafe and its collaboration partners strive to achieve the best outcomes for New Zealand. The agency is involved in everything from the Facebook Safety Advisory Board and the Twitter Trust & Safety Council to working groups such as the Global Internet Forum to Counter Terrorism (GIFCT), the NZ Pornography Working Group, and many partners in between.

Over the last couple of years, Netsafe noted a rapid uptake in technology during the pandemic, which has produced benefits and downsides for New Zealanders. Unfortunately, the negatives added to existing anxiety about health, stress, and physical separation. Cocker says that during this time, many people contacted Netsafe for self-help and incident support. Unfortunately, these experiences have sometimes resulted in physical, financial, and psychological harm, decreased user confidence, and undermined the digital economy and social investment.

“Some of the main threats facing the community relate to misinformation, the need to build resiliency, and providing equal access to content. Large parts of the internet function as an egalitarian platform. This means that the infrastructure of the internet treats the information it delivers as functionally equivalent,” he says.

In other words, the internet can present a scam and a genuine service alongside each other almost in the same breath. Fringe ideologies can divide people and also create their own communities. While the internet does have platforms, moderators and online safety mechanisms, they can’t always catch content designed to misinform or misdirect people.

“With more and more contentious issues debated online, many of these centring around internet technologies themselves, it takes a team effort to support people who have been the subject or recipient of this content and to better develop tools and processes to reduce this in the long term,” says Cocker.

"Aotearoa New Zealand’s digital society is full of challenges, and some are highly complex – but there are organisations people can turn to for help. There are processes, systems, self-help advice and tools that work – if only we can connect people to them fast enough.”

You can report an online safety incident on Netsafe's website at

New Zealand’s cybersecurity sector - diversity, pathways, and careers in homegrown tech

One of the most important ways to develop New Zealand’s cybersecurity capabilities is through fresh thinking, recruitment, and skills development. But this can be difficult - the world is facing a technology skills shortage, especially in cybersecurity. Private organisations and universities also offer scholarships and degrees, but what are our government agencies doing to help?

As an equal opportunity employer, The GCSB runs initiatives such as the Gender Pay Gap Action Plan and Diversity and Inclusion Strategy to attract more women, Māori, Pacific and Asian peoples within the GCSB and NZSIS. If that wasn’t enough, the GCSB also runs Women in STEM scholarships to help pave the way for STEM careers and within the GCSB itself. To top it off, The GCSB received the Rainbow Tick for diversity and inclusion.

Hampton says diversity and inclusion are important to the GCSB - as they should be for any organisation. The cybersecurity industry is facing challenges that require many different perspectives to solve. Diversity is not just about the usual things like gender, ethnicity, or sexuality - it also means different ways of thinking. Groupthink, Hampton says, is not welcome.

The GCSB is also growing as the Government invests more in New Zealand’s security. That means the bureau needs to represent the very New Zealanders it serves. 

“Organisations like ours operate in secret by necessity, but it’s also important that we’re open to people with different views and different perspectives, and that we reflect New Zealanders. That’s what we try to achieve through our recruitment.”

“Cybersecurity is a great career to pursue, particularly when there is a skills shortage. If you’re after job security and if you want an in-demand role, cybersecurity is a great fit. It helps if you have a technical background so STEM (science, technology, education and mathematics) subjects are important, but you also need to balance that with curiosity, an understanding of context, and a keenness to learn.”

He continues, “Cybersecurity doesn't exist in isolation. It's actually something that should be pervasive in business and in society. Even if your aspiration isn't to have a career in cybersecurity, learning something about it's going to be important for whatever job you do because it's likely to involve technology in some form or another. Technology also creates a whole lot of risk and so having some understanding of that and how to manage it will be important whatever you choose.”

Rob Pope adds on behalf of CERT NZ, “The best way to get involved is to find your local cybersecurity community groups. Often there will be technical or social meetups. These are excellent ways for people looking to join the field to learn from people involved in the industry and get advice on how to move into cybersecurity as a career path. There are also tertiary study options now.

“The other important thing is to just be curious, as there are a wealth of resources available to learn about cybersecurity available, and anyone can dive in and begin learning about the field.”

Public Interest Journalism Fund logo
Public Interest Journalism funded through NZ On Air.
Related stories
Top stories
Story image
The 'A-B-C' of effective application security
Software applications have been a key tool for businesses for decades, but the way they are designed and operated has changed during the past few years.
Story image
Commerce Commission
ComCom welcomes new marketing codes for the telecom industry
The Commerce Commission is welcoming the creation of new marketing codes for the telecommunications industry.
Story image
Artificial Intelligence
SAS unveils AI experience to improve kids' batting abilities
SAS has created The Batting Lab, an interactive experience using AI, computer vision and IoT analytics to help kids improve their baseball and softball swings.
Story image
Voxel hits total funding of $18M following ongoing wins
Since raising its seed round in September, Voxel has grown at pace, by decreasing on-site injuries by upwards of 80% and increasing operational productivity.
Story image
Artificial Intelligence
ForgeRock releases Autonomous Access solution powered by AI
ForgeRock has officially introduced ForgeRock Autonomous Access, a new solution that uses AI to prevent identity-based cyber attacks and fraud.
Story image
Prophecy International migrates VMware environment with Oracle Cloud Solution
The Adelaide-based global provider is using the solution to eliminate the need to re-write applications, therefore allowing the company to enhance its business operations.
Story image
Fortinet's Security Fabric hits new record for integrations
The Fortinet Security Fabric has surpassed 500 technology integrations with more than 300 Fabric-Ready Technology Alliance Partners.
Story image
SAS Viya on Microsoft Azure to deliver 204% return - study
The Forrester Total Economic Impact study finds SAS Viya on Microsoft Azure brings a 204% return on investment over three years.
Story image
Artificial Intelligence
SAS launches human-focused responsible innovation initiative
SAS has launched a responsible innovation initiative, furthering its commitment to equity and putting people first.
Story image
New SAS service overcomes subscription fatigue for media companies
SAS has launched SAS 360 Match which helps media companies move towards a AVOD model to generate revenue as subscribers cancel.
Story image
Talend introduces new data health solutions for businesses
Talend has announced its latest version of Talend Data Fabric, with the release of Talend Trust Score enabling data teams to establish a foundation for data health.
Story image
Absolute Software expands Secure Access product offering
Absolute Software is enhancing its Secure Access product portfolio, enabling minimised risk exposure and optimised user experiences in the hybrid working environment.
Story image
Ingram Micro Cloud adds Bitdefender solutions to marketplace
Ingram Micro Cloud has announced the expanded availability of Bitdefender solutions on the Ingram Micro Cloud Marketplace.
Story image
CyberArk launches $30M investment fund to advance security
CyberArk has announced the launch of CyberArk Ventures, a $30 million global investment fund dedicated to advancing the next generation of security disruptors.
Story image
IT budget
$20m boost for digital technologies announced
The government is spending an extra $20m over four years on its plan to transform the digital technologies industry.
Story image
A10 Networks finds over 15 million DDoS weapons in 2021
A10 Networks notes that in the 2H 2021 reporting period, its security research team tracked more than 15.4 million Distributed Denial-of-Service (DDoS) weapons.
For every 10PB of storage run on HyperDrive vs. comparable alternatives, an estimated 6,656 tonnes of CO₂ are saved by reduced energy consumption alone over its lifespan. That’s the equivalent of taking nearly 1,500 cars off the road for a year.
Link image
Story image
Artificial Intelligence
Clear Dynamics closes $35M funding round, invests in global growth
The funding is a major milestone and speaks to Clear Dynamics’ vision for AI-enabled ‘composable’ enterprise software, the company states.
Story image
Power at the edge: the role of data centers in sustainability
The Singaporean moratorium on new data center projects was recently lifted, with one of the conditions being an increased focus on power efficiency and sustainability.
Story image
Digital Transformation
Physical security systems guide the hybrid workplace to new heights
Organisations are reviewing how data gathered from their physical security systems can optimise, protect and enhance their business operations in unique ways.
Booster Innovation Fund. A fund of Kiwi ingenuity – for Kiwi investors.
Link image
Threat actors are exploiting weaknesses in interconnected IT/OT ecosystems. Darktrace illuminates your entire business and takes targeted action to stop emerging attacks.
Link image
Story image
Kodari Securities (KOSEC)
NFT trends and opportunities: expert reveals all
The NFT market is growing at an exponential rate, with unprecedented liquidity. Here we explore how businesses can profit.
Story image
Siemens showcases new automated solutions for data centers
Siemens has implemented new automated solutions and AI in the Baltic region's largest data center, providing insight into the future of data center management.
Story image
Public Cloud
Cloud adoption still a work in progress, NetApp finds
NetApp has announced the results of the annual Cloud Infrastructure Report based on a survey of public cloud business and IT decision makers.
Story image
Remote Working
How organisations can meet employees' changing expectations
The global employment market has shifted dramatically in favour of employees, sparking the so-called great resignation, in which people are leaving unsatisfying roles in search of greener pastures.
Story image
New digital traffic light system to tackle construction defects
Smarter Defects Management launches its PaaS digital system and says it will revolutionise managing defects in the construction industry.
Story image
Remote Working
IT teams deploy powerful technologies to enable remote work
"We found that IT teams mastered the challenges of remote work last year in large part by employing powerful yet easy-to-use technologies."
Story image
Application Security
What are the DDoS attack trend predictions for 2022?
Mitigation and recovery are vital to ensuring brand reputation remains solid in the face of a Distributed Denial of Service (DDoS) attack and that business growth and innovation can continue.
Story image
Microsoft unveils adaptive accessories for disability access
Microsoft is introducing an expansive Inclusive Tech Lab to give people with disabilities greater access to technology through new software features and adaptive accessories.
Story image
Tech job moves
Tech job moves - Datacom, Micro Focus, SnapLogic and VMware
We round up all job appointments from May 6-12, 2022, in one place to keep you updated with the latest from across the tech industries.
Story image
Cybersecurity starts with education
In 2021, 80% of Australian organisations responding to the Sophos State of Ransomware study reported being hit by ransomware. 
Story image
Digital Transformation
Why enterprise records management should be part of any digital transformation strategy
Modern organisations create and rely upon an enormous volume of content, and digital records make up a significant proportion of that content.
Find out how a behavioural analytics-driven approach can transform security operations with the new Exabeam commissioned Forrester study.
Link image
Story image
Artificial Intelligence
Updates from Google Workspace set to ease hybrid working troubles
Google Workspace has announced a variety of new features which will utilise Google AI capabilities to help make hybrid working situations more efficient and effective.
Story image
BeyondTrust integrates Password Safe solution with SailPoint
BeyondTrust has announced the integration of BeyondTrust Password Safe with SailPoint identity security offerings.
Story image
Adyen expands partnership with Afterpay as BNPL payments increase
Adyen has expanded its partnership with AfterPay allowing more of Adyen’s merchants in more countries worldwide to use the BNPL provider.
Story image
Power / Energy
SmartCIC report reveals top five 5G carriers in the world
The Global Cellular Performance Survey also found that 5G networks are delivering high download speeds but lagging in upload speeds.
Story image
Sift shares crucial advice for preventing serious ATO breaches
Are you or your business struggling with Account Takeover Fraud (ATO)? One of the latest ebooks from Sift can provide readers with the tools and expertise to help launch them into the new era of account security.
Story image
Hands-on review: STM laptop bags
The advent of hybrid working has meant we need laptop bags. We got our hands on two of the most popular laptop bags from STM.
Story image
Grasping the opportunity to rethink the metrics of a sustainable data centre
A data centre traditionally has two distinct operations teams: the Facility Operations team, and the IT Operations team. Collaboration between them is the key to defining, measuring, and delivering long-term efficiency and sustainability improvements.
Story image
Artificial Intelligence
ANU and Seeing Machines to use AI to improve driver safety
The Australian National University and Seeing Machines have won a grant to develop AI systems monitor human behaviour while driving.
Story image
Could your Excel practices be harming your business?
While Excel has been the de-facto standard for budgeting, planning, and forecasting, is it alone, enough to support organisations in the global marketplace that’s facing rapid changes due to digital transformation?
Story image
Data Center
Preventing downtime costs and damage with Distributed Infrastructure Management
Distributed Infrastructure Management (DIM) can often be a lifeline for many enterprises that work with highly critical ICT infrastructure and power sources.