The government will be extending the timeframe of its Cyber Security Strategy refresh to “do a deeper dive into the issues” and to inform a new plan of action.
According to broadcasting, communications and digital media minister Clare Curran, cyber security is an essential part of New Zealand’s aim of being a connected and digital nation. With cyber threats quickly becoming more sophisticated and espionage tools more accessible, Curran says now is a good time to reassess and step up cyber security efforts.
“The refresh will examine whether we have the right resources and the right arrangements to deal with the cyber threats facing New Zealand,” says Curran. “We need to make sure we’re investing the right resources in the right way across government to respond to these growing threats.”
As the threat of cyberattacks develops, the insurance sector is a key protection mechanism, while also being one of the industries most vulnerable to breaches. According to cyber specialist Delta Insurance, technology liability policies must be constantly updated to respond to new exposures, and companies need to maintain their awareness of the latest threats.
However, according to Delta’s managing director Ian Pollard, external stresses such as cyber threats aren’t necessarily always bad for business.
“Staying aware and informed about the coming threats and planning to mitigate or take advantage of them is key to forging new competitive advantages,” says Pollard. “Periods of disequilibrium are energising. Faced with cyber threats or legal risks, adaptive leaders must mobilise by altering the DNA of their organisations, and redefining the rules of the game.”
Having a business continuity plan (BCP) or a disaster recovery plan (DRP) will also make it easier to deal with risk situations when they inevitably happen. With the majority of security incidents being caused by employees, Pollard says tech leaders have a responsibility to build “risk management mindsets and cultures within their companies” and have strong cyber education in place. Insurance companies also need to re-assess their policies and ensure that they’re providing customers with the best cover available on the market.
“If you’re accessing the systems of big countries in Asia through APIs and other connections, they’ll want some comfort that you’ve got insurance to cover their costs if you mess up and release all their data,” explained senior underwriter and financial lines manager John Moore.
Minister Curran is set to report back on the revised New Zealand Cyber Security Strategy and Action plan by the end of October.