The National Cyber Security Centre (NCSC) has established this page in response to the COVID-19 pandemic to provide New Zealand organisations with helpful information security resources. We're aware of malicious cyber activity seeking to exploit public concern around COVID-19, and it’s important that organisations and their staff adopt robust cyber security measures.
This page may be updated or supplemented regularly. We recommend subscribing to our website’s news alerts to keep in touch with our latest updates. For further advice from the New Zealand Government on COVID-19, click here.
COVID-19 Cyber Security Resources
We’ve compiled a list of resources produced by our partner agencies and other trusted organisations to help address cyber security challenges that are likely to emerge as more staff work from remote locations. Also included is information on current COVID-19-themed scams, phishing attempts, and a range of other cyber security threats.
Cyber Incident Response
The NCSC responds to threats to nationally significant organisations and high-impact cyber incidents at a national level. If your organisation requires assistance, please complete the Cyber Security Incident – Request for Assistance Form. If required, you can speak with us directly on (04) 498-7654.
If you would like to tell us about an incident but do not need help, please complete the Cyber Security Incident - Report Form [DOCX, 45.84 KB].
If you have experienced a suspected cyber security incident and you’re unsure about what to do, contact us. If your incident falls outside our area of responsibility, we may refer your enquiry to CERT NZ or another appropriate organisation.
Advice on Remote Working and Cloud Security
This series of documents has been produced by the NCSC to assist organisations preparing to implement remote access and conferencing solutions for their staff.
This document has been compiled to help organisations think about the cybersecurity risks that arise when staff need to work from remote locations. We’ve provided a series of recommendations that can be used as a starting point in addressing these risks.
Cloud services are one of the few practical solutions available to meet the challenge of working remotely, however the movement to cloud services at pace creates risks. Managing these risks should be an organisation’s objective in order to ensure short-term fixes don’t become long-term problems.
Microsoft Azure and Office 365 (O365) are cloud services used by many organisations providing remote working solutions for staff. Some organisations already have a well-established O365 security posture, but for those who are required to stand it up in a hurry, this document provides straightforward starting guidance to securing the O365 environment.
This paper sets out the Government Chief Information Security Officer’s advice to public servants on important security settings when using Zoom remote conferencing services for official New Zealand Government business, either within a public-sector organisation, or when collaborating with partner agencies.
There are a number of technology options for communicating that now include voice, group messaging, and video. While many of these technologies require specific measures to ensure they are used securely, some enduring principles can be used to help organisations make sound security decisions.