F.A.

NZ Defence Industry Strategy just dropped: defence.govt.nz/assets/Defence…

NATO diplomacy signals New Zealand’s shift toward Europe, and its ambitions to expand dual-use technology exports to the region. buff.ly/4srdRXr

NZ takes a major step toward digital sovereignty & resilience. The new all-of-government Mātai data centre—run by the GCSB and housed in an NZDF base—offers a state-owned and locally-hosted alternative to private infrastructure (for government agencies). Beehive.govt.nz/release/govern…

@lukOlejnik Securitization

Interestingly, Europe does not exist at all in these week's big debate about AI. It's all USA vs China. Nothing else matters. What do you think is the reason for this?

@UK_Daniel_Card WOULD we see it, if the main risk consequence wasn't intrusion but leakage? When actors know shit they shouldn't, are we often able to confidently articulate the source of that info? psa - I'm not sure I believe what I'm saying - you've just been sucked into my neural whirlpool.

@RecedingLights I mean that's why I talk to SOOOO MANY PEOPLE..... because that way we reduce the risk that we all just can't see... but we are all in and running these networks... we would see this shit if it was going on!

In no reports from major telemetry vendors e.g. Microsoft do I ever see any evidence of PUBLIC WIFI being a credible threat.... I have spoken to: Gov IC LE MSSPs SOC Staff Pentesters/Red Teamers Incident Responders Universities Security Teams I've check country threat intel sharing platforms I've checked private intel sharing groups I have been checking for signs of malicious activity on wifi for years (I'll connect to any wifi network and I do :D ) cdn-dynmedia-1.microsoft.com/is/content/mic…

@HostileSpectrum What do you think is incentivizing such naming behavior? I've heard people boiling down to a CTI marketing/clout tactic, but not sure I'm fully on board with that explanation.

I would very much like to see a complete halt to all future cocktail or menu themed industry cryptonyms in threat actor naming. We are well past problematic consumer outcomes reactions, moving from giggle factor inappropriate in serious discussions to outright "WTF is this" stage

@McGrewSecurity It's completely fine to want to solve problems IN the status quo - especially if solving the problems OF the status quo means broadening beyond just a technological perspective.

I think a lot of burnout in this field is from folks frustrated about not making progress towards security: vulns, malware, threat actors, etc all keep coming. Me? I just like breaking stuff, reverse engineering, tinkering, teaching. Cybercrime/espionage is part of the balance

"The biggest financial impact has been on the city’s neediest: the young, the old, and those with issues tapping in and out of stations." londoncentric.media/p/an-utter-shi…

Looking with Five Eyes: Attitudes to China across the “Anglosphere” nziia.org.nz/articles/looki…

NCSC (lead cyber agency) update on absorption of CERT-NZ - ncsc.govt.nz/news/integrati… Tl;DR: "phasing out ‘CERT NZ’ as a brand and name", and "NCSC delivering CERT NZ functions and services"

@stephendziedzic Great reporting. I'm assuming those roving cyber response units are part of the single 'regional cyber crisis response team' housed within DFAT, as committed to under our 2023 cyber strategy?

Update: NZ has confirmed this hack on PIF (without attributing to China) and publicly confirmed that Australia assisted, saying response from Canberra was "deeply appreciated" DFAT more circumspect, simply saying cyber teams have responded to "a range of incidents" in Pacific

An example of what regional cybersecurity cooperation can look like in the Pacific. Australia sent cyber incident responders to Fiji after Chinese hackers (attribution by the ACSC) conducted espionage operations against Pacific Islands Forum systems. abc.net.au/news/2024-09-1…

@GregDAustin If we confine CISOs to a technical scope then aren't we just replicating the unhelpful 'cybersec is ICT' paradigm? IMO the CISO should sit across the entire scope of breach impacts - responsible for preparing the entire org for what to do when an incident hits.

@GregDAustin This makes sense, but I disagree with the confinement of CISO scope to mostly technical concerns. As you know - impacts aren't just technical, they're social. In my view a CISO that only writes technical system recovery plans is bad at their job.

@GregDAustin @AICDirectors Ah I see. I think what I'm saying is that we should judge a CISO by their failure to build organizational cyber resilience - not their failure to prevent a specific incident from happening.

@GregDAustin From my perspective I'd say that if a CISO has done the job properly, the plans of what EVERYONE needs to do post-breach should be in place. They should be like a conductor - helping the band players know what the hell to do when its all falling apart.

@ravirockks @GregDAustin @withers_glenn @AdamPeter_Henry To clarify I think that resilience has always been the end-goal of GOOD cybersec risk mgmt. I define it as the ability of an information system and its users to withstand, recover from, and adapt to breaches of confidentiality, integrity, availability.

@ravirockks @GregDAustin @withers_glenn @AdamPeter_Henry I'll confess I'm slightly baffled by the separation of these concepts. Separating resilience from security is like splitting up impact and likelihood. Since when did 'cybersecurity' not care about impact management?