Your browser version is outdated. We recommend that you update your browser to the latest version.

NZ to finally get a Computer Emergency Response Team

FEATURES: NZ Security, June2016

Hon Amy AdamsHon Amy AdamsThe Government has announced that it will invest $20 million of operating funding over the next four years on a new national Computer Emergency Response Team (CERT) to combat cyber-attacks and cybercrime, with an additional $2.2 million of capital for set up.

A CERT is an organisation that receives cyber incident reports, tracks cyber security incidents or attacks, and provides advice and alerts to its customers on how to respond and prevent further attacks. CERTs also work closely with international counterparts to prevent and respond to cybersecurity incidents, and address cybercrime.

Over 100 countries already have CERTs, and Australia’s has been operating for more than two decades. The recent CERT announcement is widely seen as a case of New Zealand joining the CERT club very late in the piece.

“Establishing a national CERT means New Zealand joins an international network of CERTs, improving our access to information on potential or real-time cyber-attacks. It will help us play our part in a global effort to improve internet security,” stated Communications Minister Amy Adams.

“Our national CERT will be a key piece of New Zealand’s cyber security architecture. It will be the central place for businesses and organisations to go to for help and information when they’re experiencing cyber-attacks,” said Ms Adams. The CERT also becomes a core part of the government’s Cyber Security Strategy and Action Plan launched last December.

With cybercrime having cost the New Zealand economy $257 million and having affected more than 856,000 New Zealanders in 2015, the CERT announcement has been broadly welcomed by industry. There are differing views, however, on whether the government’s preference towards an optional – rather than mandatory – regime for the reporting of cyber breaches by organisations is the right approach.

Symantec’s technology strategist, Mark Shaw, for example, was cited in a recent article as saying “the CERT is toothless without it being mandatory for organisations to report significant cyber security breaches.” He is not alone.

Minister Adams has also announced the creation of an Advisory Board to advise her on setting up the CERT.

“There is substantial experience in cyber security in the private and non-government sectors – and I intend to tap into that as CERT NZ will not reach its full potential without a strong voice representing our private sector guiding its establishment and operation,” she said.

“We know from our international partners that that involvement of the private sector is critical to success of the CERT.”

The Board will have up to nine members, constituted by a mix of cyber security experts from the private and public sectors. It will provide advice on the establishment, operation and longer-term organisational form of the CERT and the transition to it. The Board will also be expected to build strong links with the CERT’s key customers.

The CERT will initially be established as a separate unit in the Ministry of Business, Innovation and Employment and is expected to commence operations in the first quarter of 2017.

Back to Security

Follow us


Contact us

Phone: 022 366 3691


© 2015. Defsec Media Limited. All Rights Reserved.






Line of Defence     

Fire NZ     

NZ Security