NZ Incident Response Bulletin - January 2024

The December edition of the NZ Incident Response Bulletin was published today. The bulletin is a monthly high-level executive summary containing some of the most important news articles that have been published on Forensic and Cyber Security matters during the last month. Each Bulletin also includes a section of our own content, based on a trending theme, this months being?“Cyber security to do list for 2024”.

Each article contains a brief summary and where appropriate, a linked reference on the web for detailed information.

We'll give you a brief summary of each article, and a link to more information. Why do we publish this bulletin? Because we want to keep you up to date with the latest Forensic and Cyber Security news, so that you aren't caught by surprise - and you'll know about risks and changes before they become problems.

Our Views:

Cyber security to do list for 2024

In the dynamic landscape of today's business environment, cyber threats pose a significant risk to organisations. Executives must prioritise cybersecurity to safeguard their sensitive information and maintain the trust of stakeholders. To address these concerns, we have assembled a list of must haves for 2024 based on the trends we have seen over the last five years of operation.

Cyber Security Frameworks and Controls

Good cyber starts with appropriate governance, which requires the selection and adherence to a suitable set of frameworks and controls.? The NIST Cyber Security Framework (CSF) celebrates its 10th birthday this year, while the CIS Controls has hit the 15-year milestone.? Depending on your organisation, one or both, may be beneficial. The NIST CSF was initially focused on critical national infrastructure, so our clients not operating in this space tend to adopt solely the CIS Controls. Schedule an assessment, develop a roadmap and regularly check in on your team to ensure they have the appropriate resources to make steady progress.

Training and Awareness

According to the 2023 Verizon Data Breach Report, around 75% of all cyber incidents were caused by human error/omission. Empower your staff with cyber security training and phishing simulations. By educating your workforce on identifying potential cyber risks, you significantly reduce the likelihood of falling victim to a cyber-attack.

Incident Response Preparation

Preparing for a cyber crisis is imperative. From the work we conduct in the field, we have developed a suite of documentation including an executive incident response plan through to a range of playbooks (e.g. ransomware, business email compromise, privacy breach). We can assist you in tailoring these to suit your organisation and host them in our electronic control room.

Crisis Resilience

With your documentation in place, the next step is to stress test this through tabletop exercises or cyber simulations. Many organisations regularly conduct penetration testing (Red Teaming) so ask yourself when the last time was you conducted a simulation (Gold Teaming). This proactive approach assists your executives and incident response team in identifying gaps in current processes, allowing for continuous improvement and readiness.

Incident Controllers

Hopefully, you have not had much opportunity to hone your skills as a cyber incident controller. Leverage our extensive experience in managing a cyber incident where we will guide you through all stages of a data breach, offering support either on-site or from our dedicated incident response control room.

Forensic Technology Experts

Faced with a data breach, you will likely need to engage legal and forensic technology expertise. Recent events have shown failure to do so may result in highly sensitive information needing to be disclosed to parties making a claim against your organisation. Ensure you maintain privilege and confidentiality from the outset.

Specialist Data Breach Software

2023 saw the largest ever data breach in New Zealand, as well as similar breaches in Australia. Given the scale of data needing to be assessed for customer notification, the use of appropriate technology is vital to ensure notifications can be sent in a timely manner. Utilising advanced forensic software that includes AI capabilities, we are able to scrutinise the source of compromise and assess the extent of confidential information breach. This includes PII and other sensitive information, providing a comprehensive understanding of the breach for informed decision-making.

Mandatory Notifications

Having assisted numerous organisations with their notifications, we have developed an automated solution to populate and track your notification requirements. Stay compliant with the NZ Privacy Act 2020 ensuring that mandatory notifications are executed efficiently and effectively.

Ongoing Monitoring

The Office of the Privacy Commissioner requires organisations who have suffered a privacy breach, to be actively monitoring for potential data leak sites on the Dark Web and elsewhere. We use automated monitoring software to aid in the detection of changes to such sites. Also consider the need to monitor the open web and social media to manage your 'Brand Reputation' as well as conducting Credit Monitoring for affected individuals.

Reliable Resources

Keeping abreast of the ever-changing landscape without overloading your inbox requires clear regular summaries of the key risks. Subscribe to reliable resources such as our bulletin so we can enhance your cybersecurity posture, enabling your organization to thrive securely.

The Bulletin:

To obtain a full copy of the Bulletin, please visit https://incidentresponse.co.nz/bulletin