Cyber Security Strategy and Action Plan Public Workshop Summary
In the week of 25 June the National Cyber Policy Office held workshops in Auckland, Wellington and Christchurch on the refresh of New Zealand’s Cyber Security Strategy and Action Plan (released in 2015).
The workshops were an opportunity to hear from a diverse range of stakeholders, including Connect Smart partners and the broader community. This included representatives from multi-national corporations, telecommunications companies, energy companies, banks and financial services, insurance, district health boards, a range of cyber security and IT providers, universities and other tertiary education providers, non-government organisations and more. The workshops were split into four activities. We asked the participants:
- why is cyber security important to individuals, businesses and the community, New Zealand, and the world?
- what principles are important when addressing cyber security?
- what should be our goals?
- what do we want New Zealand to be known for in the cyber security space?
Discussion during an Auckland workshop
Minister Clare Curran addressing a Wellington workshop
We gained valuable insights and ideas from participants in the workshops. Some of the key themes and concepts are set out below.
Vision
What is important for an individual’s cyber security?
What is important for businesses and the community?
What is important for New Zealand and the World?
What is important to Everyone?
Principles
What do we need to bear in mind when implementing the Cyber Security Strategy and Action Plan?
Goals and priority areas
Participants generally considered the current goals (resilience, capability, addressing cybercrime and international cooperation) to still be relevant and appropriate areas of focus. Some participants challenged whether they should remain in their current form. For example, some participants said that the goals were too narrow or reflected what should be standard practice or business-as-usual, and could be more ambitious.
In groups, participants focused on what more might need to be done in each area:
RESILIENCE
Current goal: New Zealand's information infrastructure can resist cyber threats and we have the cyber tools to protect our national interests.
Examples of some of the questions:
|
CAPABILITY
Current goal: New Zealanders, businesses and government agencies understand cyber threats and have the capability to protect themselves online
Examples of some of the questions:
|
ADDRESSING CYBERCRIME
Current goal: New Zealand improves its ability to prevent, investigate and respond to cybercrime
Examples of some of the questions:
|
INTERNATIONAL COOPERATION
Current goal: New Zealand protects and advances its interests on cyberspace issues internationally
Examples of some of the questions:
|
What else? We also asked the participants what goals or priorities are missing. Below are some examples of the questions and ideas posed by participants:
- How can we better measure and evaluate progress?
- How can we ensure the refreshed Strategy has the necessary resources?
- How can we be “proactive by design, thinking about tomorrow's security not just today's”?
- How do we create the “cyber aware citizen”?
- How can we encourage innovation in the cyber security industry?
- How can the public and private sector jointly develop the cyber security workforce?
- How can we meet the differing needs of individuals, businesses, community organisations, and the country as a whole?
Next steps and having your say
The workshops are one part of the understand phase of the Cyber Security Strategy refresh:
If you have any questions, feel free to get in touch at connectsmart@dpmc.govt.nz.
The National Cyber Policy Office