The world of cyber security is fast-moving and complex. CERT NZ joins other people and organisations — both locally and internationally — who are already working in this space, to help New Zealand better understand and stay resilient to cyber security threats.
CERT NZ works to support businesses, organisations and individuals who are affected (or may be affected) by cyber security incidents. We provide trusted and authoritative information and advice, while also collating a profile of the threat landscape in New Zealand.
Why have a CERT?
A CERT is an organisation that:
- receives cyber incident reports
- tracks cyber security incidents or attacks, and
- provides advice and alerts to its customers on how to respond and prevent further attacks.
The NZ Government announced an investment of $22.2 million to set up a new national Computer Emergency Response Team (CERT) as part of Budget 2016. In establishing a CERT, New Zealand joins an international network of CERTs. This improves our access to information on potential or real-time cyber-attacks, and helps us play our part in the global effort to improve cyber security.
CERT NZ is a key component of New Zealand’s Cyber Security Strategy, contributing to the delivery of the Strategy’s vision of a confident and secure digital New Zealand.
How we work
To meet the challenges of the digital age, New Zealand needs to have a comprehensive understanding of the cyber threat landscape and the impact of cyber security threats. To achieve this, CERT NZ works with other organisations in the cyber security environment across the private, public and not-for-profit sectors in New Zealand. This includes key referral partners like:
- Department of Internal Affairs (DIA)
- National Cyber Security Centre (NCSC), and
- New Zealand Police.
We also work closely with our international counterparts to prevent and respond to cyber security incidents, and address cybercrime.
What we do
CERT NZ’s primary goal is to improve cyber security in New Zealand, which means:
- an increased comprehension of the threat landscape
- better avoidance of incidents, and
- reducing the impact of incidents.
To help us achieve our goal, we’ve established 5 key foundation services and functions for CERT NZ.
1. Threat identification: We’ll analyse the international cyber security landscape and will report on threats. We’ll gather information from other national CERTs and high value international security feeds to inform our reports of what’s relevant to New Zealand. Reporting will include advisories and alerts, and other reports where appropriate.
2. Vulnerability identification services: We’ll analyse local data and will report on vulnerabilities. This data includes data sets from our partners, and unclassified information from NCSC and other agencies. We’ll let organisations know about any vulnerabilities reported to CERT NZ that affect them directly.
3. Incident Reporting Services: We’ll triage reported incidents and assist businesses, organisations and individuals in getting help:
- through our website, which caters to both our specialist and non-specialist audiences, and
- by phone. Our call centre is available 7am-7pm, Monday to Friday.
We’ll pass some incidents to other appropriate organisations, with the reporter’s consent. For example, reports of online identity theft will be passed to New Zealand Police.
4. Response Coordination Services: We’ll coordinate the response to incidents where the reporter needs to work with several organisations, and will support the national emergency response process.
5. Readiness Support Services: We’ll raise awareness of cyber security impacts and best practice. We’ll continue to engage with our key partners and customers, represent New Zealand in international forums, and deliver up to date, actionable advice on cyber security best practice.