CERT NZ and NCSC come together as New Zealand prepares to create a lead operational cybersecurity agency. Credit: Ulrich Lange The amalgamation of New Zealand's Computer Emergency Response Team (CERT NZ) with the National Cyber Security Centre (NCSC)--which holds hosts the Government Chief Information Security Officer (GCISO) function--has started after it was first announced in July. In what is expected to be a first step to creating a lead operational cybersecurity agency, this is also a move to create a similar cybersecurity agency structure to those operated by other Five Eyes nations--Australia, the UK and Canada that have single agencies with a wide span of responsibilities and customers. "Having a single agency to provide authoritative advice and respond to incidents across every threat level is international best practice," Minister for the Public Service Andrew Little said in a statement in July. The amalgamation of both agencies is part of "a strong evolution and dealing with what is a clear threat," according to Alexander Gillespie, professor of Law at the University of Waikato. He explained that for New Zealand the threat of cybersecurity has become more prominent once the Russia-Ukraine war started. "And the international black hole of law has forced some countries to rethink [things] like there’s no international treaty on cybersecurity and cyber threats in the military way. There should be a treaty but there is not," he tells CSO. Gillespie says that the amalgamation of these two key parties is New Zealand's response to the increasing cybersecurity threat. This may also facilitate better synchronisation with the Five Eyes nations. "The more that the agencies are interlinked, the better the cooperation will be between them," he adds. Next steps for CERT NZ and NCSC The first step towards creating a lead operational cybersecurity agency will see the transfer of CERT NZ operations and staff from the Ministry of Business, Innovation and Employment to the NCSC. Work to redesign a new integrated operating model that uses both agencies enhanced scale and capability to provide a stronger cybersecurity system and improved customer service for New Zealanders will begin "shortly," head of NCSC Lisa Fong said in a statement. But until that happens both agencies will remain providing their existing functions separately. "While it will take significant time to complete the integration, we hope to find opportunities along the way to leverage the expertise of both CERT NZ and NCSC in the services we provide," CERT NZ director Rob Pope said in a statement. Related content news UK government plans 2,500 new tech recruits by 2025 with focus on cybersecurity New apprenticeships and talent programmes will support recruitment for in-demand roles such as cybersecurity technologists and software developers By Michael Hill Sep 29, 2023 4 mins Education Industry Education Industry Education Industry news UK data regulator orders end to spreadsheet FOI requests after serious data breaches The Information Commissioner’s Office says alternative approaches should be used to publish freedom of information data to mitigate risks to personal information By Michael Hill Sep 29, 2023 3 mins Government Cybercrime Data and Information Security feature Cybersecurity startups to watch for in 2023 These startups are jumping in where most established security vendors have yet to go. By CSO Staff Sep 29, 2023 19 mins CSO and CISO Security news analysis Companies are already feeling the pressure from upcoming US SEC cyber rules New Securities and Exchange Commission cyber incident reporting rules don't kick in until December, but experts say they highlight the need for greater collaboration between CISOs and the C-suite By Cynthia Brumfield Sep 28, 2023 6 mins Regulation Data Breach Financial Services Industry Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe