SecurityBrief New Zealand - Technology news for CISOs & cybersecurity decision-makers
New Zealand
Flux result 133b3fc3 5f87 4aa3 ba47 23a423e766f8
#
MFA
#
Advanced Persistent Threat Protection
#
Physical Security

Fewer New Zealanders harmed by cyber attacks, survey finds

Thu, 23rd Apr 2026 (Today)
Author image
By Shannon Williams, News Editor

Fewer New Zealanders suffered harm from cyber attacks in the latest public survey by the National Cyber Security Centre. The share reporting some form of impact fell to 27% from 36% a year earlier.

The findings are based on research by The Research Agency, which interviewed 1,011 New Zealanders aged 18 and over. The survey found that 48% of adults experienced an online threat in the previous six months, broadly unchanged from the prior year.

Impacts recorded in the study included financial loss, lost productivity, and stress. Among those who experienced harm, one in five said they had suffered a financial loss.

The data also points to a rise in some basic security practices. The proportion of respondents who said they always enable two-factor authentication on their main online accounts rose to 43% from 38%, and the report found higher use of password managers.

Michael Jagusch, chief operating officer at the National Cyber Security Centre, linked the fall in harm to greater public awareness and stronger online habits. "People are taking more necessary actions to keep themselves protected," he said.

He said the survey suggests New Zealanders are prioritising their most sensitive accounts. "People are exercising safer behaviours with their finances, prioritising security actions for banking accounts, followed by email and then social media accounts.

"The use of two-factor authentication on main accounts, ensuring passwords on accounts and devices are long, strong and unique, and using password managers are key cyber security actions that we highly recommend," Jagusch said.

Reporting Gap

While the survey shows broad agreement on the importance of cyber safety, it also points to a persistent reporting problem. Fully 95% of respondents said it is important to protect themselves online, but only 56% said they reported a threat when one occurred.

Older New Zealanders were less likely to do so. Among people aged 55 and above, the reporting rate fell to 47%, with apathy identified as the main barrier.

Jagusch said reluctance to act often reflected uncertainty as much as indifference. "Reluctance to report threats or to perform key cyber security actions can come from a feeling of not knowing how to or feeling it is too complicated," he said.

The National Cyber Security Centre wants higher reporting levels to build a clearer picture of the threat landscape and shape its response. "We face a range of online threats, and we need people to report them so the NCSC can understand these threats and inform our response," Jagusch said.

Behaviour Shift

The survey suggests the main change over the past year may not be how often people encounter threats, but how well they limit the fallout. With the share of adults facing an online threat holding near half the population, the drop in harm indicates that some attacks are being stopped from becoming larger personal or financial problems.

That matters in a country where routine digital activity spans banking, email, shopping, and social platforms. Better use of two-factor authentication and password tools can reduce the risk that a stolen password leads to account takeover, fraud, or prolonged disruption.

Jagusch said the centre has spent recent years emphasising those measures in public campaigns. "Better password management and the use of 2FA have been key themes the NCSC has emphasised in campaigns over the past couple of years, so it's pleasing to see this behaviour change but the job is never done," he said.

He said the increase in adoption still leaves significant room for improvement. "The increase in use of 2FA is great, but we would like to see that number increased further for New Zealanders' online protection," he said.

The figures underline a mixed picture. Many New Zealanders appear to be taking more practical steps to secure their accounts, and fewer are suffering measurable harm from online threats. Yet almost half of adults still say they encounter such threats, and a large minority still do not report them.

For policymakers and cyber security officials, that leaves two separate challenges: improving personal digital hygiene and persuading people that reporting suspicious activity is both manageable and useful. The latest survey indicates progress on the first task, while the second remains less settled, especially among older users.

Related stories
Saviynt names Tim Wedande APJ Field Chief Technology Officer
Exabeam widens AI agent monitoring for Google tools
Check Point teams with Google Cloud on AI agent security
Girls shaping the future of AI: Why inclusivity matters now
Western Digital details sustainability gains amid AI demand

Top stories

Why local secure access is becoming critical for New Zealand organisations
One-third of FIFA World Cup partners lack email protection
Cyber breaches need communications planning, data warns
CrowdStrike expands Google Cloud security & wins award
Claude Code can leak secrets in public npm packages