Businesses prepare for cyberattacks, in secret

A group of NZ organisations have established voluntary standards to guard against digital attacks

A group of New Zealand organisations responsible for critical infrastructure have established voluntary standards for the security of such systems against digital attack.

The New Zealand Cyber Security Voluntary Standards for Industrial Control Systems were devised with the support of the National Cyber Security Centre (NCSC).

Their originators are keeping quiet about the detail of the standards and the identity of members of the group, because it might set them up as a target for attackers.

They will not even say how many organisations are in the group.

An agreed statement, released through the NCSC, says the standards group "is for companies in the critical national infrastructure that are dependent on SCADA (Supervisory Control and Data Acquisition) or other industrial control, process control or telemetry systems. Members share confidentially mutually beneficial information regarding electronic security threats, vulnerabilities, incidents and solutions."

The one member willing to identify itself is Genesis Energy, whose spokesman on the topic, Mike Judge, says "this work has allowed us to safely discuss cybersecurity issues, and work together with industry to develop best practice and share information.

"The participants in this group are well placed, to provide or endorse security guidance to the New Zealand utility industry," Judge adds. "Risks will vary, but this standard we have developed is a practical compilation of best practice and guidance for establishing a secure control system.

"The aim is to minimise the threat from unauthorised or inappropriate access, and also to maintain access and control during adverse conditions.

"These voluntary standards will be applicable for a range of New Zealand industries including electricity, oil and gas, water, transport, chemical, pharmaceutical, food and beverage, and manufacturing," Judge says.

Tags securityNational Cyber Security Centre


Daniel Ayers


Any steps these organisations take to improve their security is a good thing. SCADA attacks are on the rise, including in the cyber warfare arena (e.g. Stuxnet), and in my experience SCADA systems can be quite vulnerable due to outdated software and a tendancy to avoid patching.

But why the secrecy? Everyone knows who the SCADA users are (there's a list of industries in the article) and there's a great deal of SCADA exploits and vulnerability information in the public domain.

Or could the secrecy be to protect those who are *not* participating?



Why paint a target on your back..... Thats why.....

Remember what happened to the kid in the sandpit that said... Look at my castle... Its the
biggest and the strongest ;)



The first rule about New Zealand Cyber Security Voluntary Standards for Industrial Control Systems is you do not talk about New Zealand Cyber Security Voluntary Standards for Industrial Control Systems.

Its a secret! Others call it a challenge.



i read blog very well and it's say something about cyber Crime. it's right but the <a href="" rel="nofollow">CCTV System</a> is also helpful for stop the cyber crime.

Comments are now closed

Governments act against webcam-snooping websites

MORE IN Security