National Cyber Security Centre

Welcome to Cyber Smart Week: The Scamathon 🎬 We’re proud to be running this year’s campaign which supports New Zealanders to #OwnYourOnline. This years campaign called The Scamathon features a host of scammers appealing to us to do all the wrong things. But we can all help to avoid giving to The Scamathon by adopting some simple cyber security measures. Visit https://lnkd.in/gNMScxDi to find out more about our campaign and view new videos daily throughout the week. #StopTheScamathon #OwnYourOnline #CSW24

This year, the NCSC is excited to be running Cyber Smart Week.     Keep a lookout next week for this year’s The Scamathon campaign.      #StopTheScamathon  #OwnYourOnline #CSW24

We have eight free online events running from 21-24 October during Cyber Smart Week. Whether you're a seasoned professional or just embarking on your online security journey, our experts will share invaluable tips, tricks, and practical advice you can use right away. These webinars will cover a range of sectors and groups, including: ✅ individuals ✅ healthcare ✅ small business ✅ mentors and advisors ✅ financial services ✅ seniors ✅ local and central government ✅ tech professionals. To secure your spot at the session of your choice, register now 🔗 https://lnkd.in/gEV2Yaaf Please share this with anyone you think would benefit from attending. #NCSC #CERTNZ #ownyouronline #csw24

Do you need a fun, fast, and easy way to test your incident response plan and help to improve your organisations cyber resilience?   The NCSC has released Rolls & Responders – our new resource to help New Zealand organisations test their incident response plan and in turn, help to improve their cyber resilience.   We know that for organisations, devising scenarios and exercises to test an incident response plan can become a time-consuming, complicated, and expensive task.   That’s why we’ve developed Rolls & Responders to be a lightweight, plug-and-play solution that will promote more regular use of exercises in business continuity planning.   Download Rolls & Responders on the NCSC website and test your organisation 👉 https://lnkd.in/gaQWfHme

Today, Hon Andrew Bayly, Minister for Small Business and Manufacturing, announced the launch of the Own Your Online: business online security series. Many businesses don’t know where to start with online security and don’t have time to seek out all the information. So, we’ve made it easy. We’ve created five videos that take you through how to help your business become more secure online. From setting up two-factor authentication, to helping secure your website and social media accounts. These videos will give you an understanding of the basics your business needs to have in place, and how to go about implementing them. Start your business online security journey now and help Unmask Cyber Crime. 🔗https://lnkd.in/gnrrq8Pp #NCSC #CERTNZ #ownyouronline 

Joint guidance 📢 Within critical infrastructure, operational technology (OT) controls many of the essential services we rely on – from the water we drink, to the transport systems that gets us from A to B. Ensuring our OT systems are cyber secure is paramount to preserving our everyday life.   We have partnered with our Australian counterparts, Australian Signals Directorate and other international agencies to support their release of the ‘Principles of operational technology cyber security’ publication.   These principles aim to help leaders, developers and other key stakeholders make robust, informed, and comprehensive decisions when designing, implementing, and managing cyber security risks in OT environments.   The six principles are:  👉 ensure the system is safe  👉know and defend your vital systems  👉protect your OT data – it is valuable 👉 separate OT from other networks  👉secure your supply chain  👉prepare your people – they are your first line of defence.   Read the paper and find out more about keeping OT cyber secure 👉 https://lnkd.in/gnpvGRuJ   #CyberSecurity #SecurityInfrastructure 

This year Cyber Smart Week will be brought to you by the NCSC, now that we have joined together with CERT NZ as one agency.   Last October CERT NZ launched the highly successful EXPOSED campaign on the new Own Your Online website. Research showed that 70% of people took some action after seeing the campaign.   We are encouraging New Zealanders to continue to build good online security habits to keep their accounts, businesses and online lives secure.   👉 Sign up to be a supporter! You’ll get an educational and promotional pack to help boost online security awareness in your business and prompt action.   It includes material to share with your customers, clients, colleagues and staff. In it you will find webinars, posters, social media content, email banners and much more.   If you want to get involved, sign up to become a Cyber Smart Week supporter:  https://lnkd.in/gQ8DqhEE #ownyouronline #csw24 CERT NZ

Ēhara tāku toa i te toa takitahi. Engari, he toa takitini. My strength is not the strength of one. It is the strength of many.   The NCSC is proud to partner with our Samoan colleagues in preparation for the Commonwealth Heads of Government (CHOGM) meeting to be held later this month - the first time CHOGM will be held in a Pacific nation.   Over the last six months, the NCSC Pacific Partnerships Team, in collaboration with the Samoa Ministry of Communications, Information and Technology and the Samoa Computer Emergency Response Team (SamCERT) has delivered a comprehensive package of cyber security support which has included cyber incident training on incident management and response, a public cyber security awareness campaign, support and training for the private sector and the formation of a Pacific Regional Cyber Response team.   Last week a completion ceremony was held for 40 IT professionals from across the Government of Samoa who have undertaken training, delivered by NCSC Principal Advisor, Pacific Incident Response, Tim Myers. Each team member will support their home agencies in their cyber capabilities. The ceremony was attended by New Zealand High Commissioner to Samoa, Si’alei Van Toor, Samoa Minister of Communications, Information and Technology Honourable Toelupe Poumulinuku Onesemo and Australian High Commissioner Will Robinson. We congratulate all those who have participated in and completed this training.   Fa’afetai tele lava to Samoa MCIT, SamCERT and our Pacific colleagues and we look forward to supporting Samoa in the lead up to CHOGM 🇼🇸🤝🇳🇿

Today we have released the results of an annual international survey on cyber security attitudes and behaviours, titled Oh Behave!   Over 6,500 individuals across New Zealand, the United States, Canada, Germany, the United Kingdom, Australia, and India were asked about key cybersecurity behaviours, attitudes and trends.   The research found that New Zealanders have the right attitudes when it comes to cyber security behaviours. 👉 35% said they always back up their important data – the highest of all nations surveyed. 👉 69% said they "always" or "very often" check for signs of phishing before clicking links. 👉 Only 35% said they found cyber security intimidating, the lowest of the seven countries surveyed, and correspondingly, over 60% said they thought being secure online was possible and "worth the effort".   NCSC Director Mission Enablement Michael Jagusch sees the results as a big positive for New Zealand: "The overall finding is that, compared to other countries, more New Zealanders are confident online and know that being secure online isn't a hard thing to do."    Read the research here 🔗 https://lnkd.in/gkZVRNs6

Joint guidance 📢 Today, we join the Australian Signals Directorate and other international partners to release joint guidance that aims to inform organisations about 17 common techniques used to target Active Directory, as observed by the authoring agencies. Microsoft’s Active Directory is the most widely used authentication and authorisation solution in enterprise information technology (IT) networks globally. Active Directory's pivotal role in authentication and authorisation makes it a valuable target for malicious actors. It is routinely targeted as part of malicious activity on enterprise IT networks.    Active Directory is susceptible to compromise due to its permissive default settings, its complex relationships, and permissions; support for legacy protocols and a lack of tooling for diagnosing Active Directory security issues. These issues are commonly exploited by malicious actors to compromise Active Directory.   Responding to and recovering from malicious activity involving Active Directory compromise is often time consuming, costly, and disruptive. Therefore, organisations are encouraged to implement the recommendations within this guidance to better protect Active Directory from malicious actors and prevent them from compromising it.   For more information and to download the full guidance, visit our website here 👉 https://lnkd.in/gqzdwhBW   #cybersecurity #infosec