More should be done to implement cyber security strategy in NZ: Netsafe

The New Zealand government should spend more money on cyber security and building awareness around it than it is doing currently. However, such spend should be validated only after an accurate assessment of the costs of security lapses to the New Zealand economy.

“A fair assessment of costs-and-benefits from cyber crimes and security lapses have to be well understood. Statistics state that around 4% of NZ consumers are victims of cyber crime. We need to work out what the loss amounts to, to understand what is worth investing to stop such crimes,” says Martin Cocker, executive director of Netsafe, a non-profit organisation that works to promote the use of safe online behaviour and technologies.

Cocker states that the NZ government has taken several steps to improve cyber security in the country, key among them being the cyber security strategy that was brought out in 2011, and is governed by the National Cyber Policy Office (NCPO), which works directly under the Department of the Prime Minister and the Cabinet (DPMC).

“The cyber security strategy is a well-structured, high level document that is a very good first step. Strides have been made forward in building awareness, especially with outsourcing elements of it to organisations like Netsafe, which conduct programmes like our Security Awareness Week to build knowledge. But there are yet significant steps to be made with the other priorities listed in the strategy document.”

Some of these others are more complicated. For example, the flow of security professionals into the industry. “This takes time and buy-in from universities and tertiary institutions, but they don’t seem to be in a hurry to get these going. We have got to develop our own talent, especially when it comes to sensitive security jobs within the government,” says Cocker.

Cocker says that responsibilities for general security levels online lie not just with the government, and that Netsafe will be pulling its weight in terms of helping implement the current strategy, as well as with future policy formation. In fact, Netsafe is all set to submit on the Harmful Digital Communications Bill in October this year.

As it works to promote net safety in New Zealand, Netsafe is also looking to develop trans-Tasman co-operation on security issues. If everything goes according to plan, the company hopes to organise a security event in Australia in 2014.

“New Zealand is better off in terms of security than many other countries, because of its size. It is big enough for security to matter, and small enough for people to still get together outside of work and discuss the major security issues. However, the internet is big and threats are ever-present online,” says Cocker.

Cocker states that pay forward scams and romance scams record as the highest losses per incident in New Zealand, while ‘PC doctor’ scams are the highest by volume. Netsafe has also noted an increasing trend of ‘ransom ware’ - malware that locks your system and demands money to open it up again.

Some scams also try to profit from the user’s risqué online behaviour by specifying the dodgy content they have been watching, or even recording users and demanding money in return for the content.

“Each demographic has its own vulnerabilities, but there is no doubt that the more time they spend on computers and on the internet, the more likely they are to be affected by cyber crime,” adds Cocker.