September 2022 New Zealand Information Security Manual v3.6 ReleaseSeptember 02, 2022
Updates finalised for the v3.6 release of the NZISM include four policy changes and a small number of minor and editorial changes.
Cyber Security Information Sheet: Keeping PowerShell - security measures to use and embraceJune 23, 2022
This jointly produced information sheet recommends proper configuration and monitoring of PowerShell, as opposed to removing or disabling PowerShell entirely.
Joint Cyber Security Advisory: Weak security controls and practices routinely exploited for initial accessMay 18, 2022
This joint cyber security advisory identifies weak controls and practices commonly exploted by malicious cyber actors, and includes best practices to mitigate the issues.
Reporting an incident
If your organisation has encountered or suspects a cyber-security incident, please complete and return the Cyber Security Incident - Report Form. If you require assistance in dealing with the incident, please complete the Cyber Security Incident – Request for Assistance Form.
If required, you can speak with us directly on (04) 498-7654.
The NCSC has established this page in response to the COVID-19 pandemic to provide
New Zealand organisations with helpful information security resources. We're aware of malicious cyber activity seeking to exploit public concern around COVID-19, and it’s important that organisations and their staff adopt robust cyber security measures.
Some interesting stats
404 cyber security incidents were recorded by the NCSC in the 12 months to 30 June 2021.
The NCSC estimates it prevented $119 million worth of harm to New Zealand’s nationally significant organisations in the 2020-21 financial year.
The NCSC determined that in the 2020-21 financial year, 28% of the total recorded incidents involved indicators that had been linked to state-sponsored computer network exploitation groups.