Story image

Cyber security & risk management - what your enterprise needs to consider

18 Mar 2015

The New Zealand National Cyber Security Centre provides enhanced services to government agencies and critical infrastructure providers to assist them to defend against cyber-borne threats.

“As the use of the internet in New Zealand increases, so too does our vulnerability to cyber threats,” the NCSC says on its website. The organisation says countering these threats is a shared responsibility, and the government will work in partnership with industry, non-government entities and academia to improve New Zealand’s cyber security.

“The role of the NCSC is to protect government systems and information, to pan for and respond to cyber incidents, and tow ork with proviers of critical national infrastructure to improve the protection and computer security of such infrastructure against cyber-borne threats.”

In a report, Cyber Security & Risk Management – Issues for consideration at Board Level, the NCSC outlines the benefits of adopting a risk-managed approach to cyber security.

“Information and communication networks are a fundamental part of our infrastructure and have led to greater accessibility, mobility, convenience, efficiency and productivity,” the report says. “Being connected has become the new normal across so many aspects of our lives, driving significant change across the worlds of business and our private pursuits.

“However, such connectivity can bring about both benefits and harms, social and economic alike.”

The NCSC says information systems and internet-connected devices are highly susceptible to malicious cyber activity, and our dependence on such systems increases our exposure to threats.

“In New Zealand and globally, a wide range of institutions, both public and private, have been subject to malicious cyber activities. There are external parties (threats) who seek to derive value from our organisations’ information.”

The report says the traditional approach to cyber security has been to build bigger walls (firewalls, anti-virus software and other perimeter security devices). “While still necessary, these alone are no longer sufficient. A holistic approach to cyber risk management – across the organisation, its networks, supply chains and the larger ecosystem – is required.”

The benefits of adopting a risk managed approach to cyber security, include:

 • STRATEGIC Corporate decision-making is improved through the high visibility of potential risk exposure, both for individual activities and major projects, across the whole of the organisation.

• FINANCIAL Providing financial benefit to the organisation through the reduction of losses and improved “value for money” potential, noting that cyber-security incidents are a cost.

• OPERATIONAL Organisations are prepared for most eventualities; having adequate contingency plans provides corporate reassurance and helps ensure business continuity.

Enterprise cloud deployments being exploited by cybercriminals
A new report has revealed a concerning number of enterprises still believe security is the responsibility of the cloud service provider.
Ping Identity Platform updated with new CX and IT automation
The new versions improve the user and administrative experience, while also aiming to meet enterprise needs to operate quickly and purposefully.
Venafi and nCipher Security partner on machine identity protection
Cryptographic keys serve as machine identities and are the foundation of enterprise information technology systems.
Machine learning is a tool and the bad guys are using it
KPMG NZ’s CIO and ESET’s CTO spoke at a recent cybersecurity conference about how machine learning and data analytics are not to be feared, but used.
Seagate: Data trends, opportunities, and challenges at the edge
The development of edge technology and the rise of big data have brought many opportunities for data infrastructure companies to the fore.
Popular Android apps track users and violate Google's policies
Google has reportedly taken action against some of the violators.
How blockchain could help stop video piracy in its tracks
An Australian video tech firm has successfully tested a blockchain trial that could end up being a welcome relief for video creators and the fight against video piracy.
IBM X-Force Red & Qualys introduce automated patching
IBM X-Force Red and Qualys are declaring a war on unpatched systems, and they believe automation is the answer.