Geekzone: technology news, blogs, forums
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.
GCSB releases cyber resilience report
Posted on 5-Nov-2018 10:54 | Filed under: News

The Government Communications Security Bureau (GCSB) has released a benchmark assessment of cyber security resilience across New Zealand’s nationally significant organisations.


The GCSB’s National Cyber Security Centre (NCSC) surveyed 250 nationally significant organisations to establish their cyber security resilience and the potential impacts if they were compromised.


“The survey is the first of its kind in New Zealand and provides a useful benchmark for cyber security resilience across New Zealand’s nationally significant organisations,” GCSB Director-General Andrew Hampton said.


“Overall it appears that digital transformation is outpacing investment in cyber security and as a result we found a range of resilience levels.


“While most organisations are heading in the right direction, more work needs to be done to improve cyber resilience across the board.


“Organisations should be optimistic about their ability to improve their security posture where they are able to take a strategic and systematic approach to it.


“There are a lot of dedicated cyber security professionals, doing their best with limited resources.  We hope this report will help them lift the cyber security dialogue within their organisations and to drive the change that is needed,” Mr Hampton said.


Key findings include:


  • 19 percent of organisations have a dedicated Chief Information Security Officer, while the remaining 81 percent either didn’t have the function, or had it is as part of a broader role.
  • 73 percent of organisations increased their spending on cyber security in the past year, however this investment has not necessarily translated into increased confidence in their cyber security resilience.
  • Spending has increased across all areas of cyber security but a focus on tools and vulnerability assessment has come at the cost of investment in people. As a result, 52 percent of organisations reported they had insufficient skilled staff for their security requirements.
  • Levels of confidence in the ability to respond to cyber security incidents are not high, with 41 percent of organisations either mildly confident or not confident in their ability to detect an intrusion.
  • 63 percent reported having a cyber security incident response plan, and of those who had a plan 33 percent had not tested that plan in the past year.
  • Of those organisations who use managed service providers, 36 percent have no mechanism to confirm whether the vendor is delivering on the agreed level of security.

In addition to the unclassified report being released today, each organisation who participated in the survey has received an individualised and commercially sensitive report. These reports provide a range of actions organisations can take to help increase their resilience including:


  • Establishing clear accountability for cyber security;
  • Regular reporting on cyber security, including near misses, to executives and directors;
  • Balancing strategic investment in assets and staff over vulnerability assessment;
  • Identification of critical information assets and risks to those assets;
  • Having a dedicated budget line for IT security;
  • Preparing and regularly testing a cyber security incident response plan, and
  • Ensuring third party vendors include specific cyber security service level agreements and the right to be audited on cyber security performance.

Trending now »

Hot discussions in our forums right now:

Home insurance: Do you live in an area at high risk of natural disasters?
Created by frednz, last reply by frednz on 14-Nov-2018 20:19 (57 replies)
Pages... 2 3 4

Warped post on 8 month old fence, who's responsible for repair?
Created by Paul1977, last reply by Paul1977 on 17-Nov-2018 14:12 (61 replies)
Pages... 3 4 5

Wanted: Working 5.25 Inch Floppy Drive
Created by Lias, last reply by Spirax on 14-Nov-2018 19:23 (18 replies)
Pages... 2

Spark VDSL Upload Speed Issues Vigor 2860 + Troubleshooting Info
Created by bener, last reply by bener on 15-Nov-2018 12:34 (29 replies)
Pages... 2

Geekzone giveaway: Nokia 7.1 smartphone
Created by freitasm, last reply by lucky015 on 17-Nov-2018 18:51 (144 replies)
Pages... 8 9 10

Controlled/uncontrolled metering (electricity)?
Created by danepak, last reply by danepak on 16-Nov-2018 23:58 (11 replies)

Joining Orcon but concern about phone line
Created by super12345, last reply by super12345 on 15-Nov-2018 17:45 (11 replies)

Spark unlimited mobile plan update
Created by freitasm, last reply by Coil on 15-Nov-2018 10:18 (23 replies)
Pages... 2