New  Zealand  Internet  Task  Force  

Building  Trust  at  the  bo2om  of  the  world  Mike  Seddon    NZITF  Chair  &  Telecom  NZ  OperaBonal  Security  Manager  

Improving  the  cyber  security  posture  of  New  Zealand  

Programme  

•  Who  Am  I?  •  New  Zealand  •  The  Birth  of  a  Trust  Group  •  The  Early  Days  •  Growing  Up  (coming  out)  •  The  Way  We  Work  and  What  We  Have  Done  •  Who’s  In  and  Who’s  Out?  •  An  Offer  and  InvitaKon  •  Q&A  

•  $DayJob  =  OperaKonal  Security  Manager  for  Telecom  New  Zealand  

•  Chair  –  NZITF  

Who  Am  I?  

New  Zealand  (Middle  Earth)  

New  Zealand  (Middle  Earth)  

What  is  the  NZITF?  

The  New  Zealand  Internet  Task  Force  is  a    non-­‐profit  with  the  mission  of  improving  the  cyber  security  posture  of  New  Zealand        

It  is  a  collaboraBve  effort  based  on  mutual  trust  of  it’s  members  

The  Birth  of  a  Trust  Group  

•  Following  BTF7  and  Cyber  Storm  II  cyber  exercise  in  2008  the  NZ  Botnet  Task  Force  was  formed  

•  Renamed  NZITF  early  2009  as  the  focus  evolved  and  membership  expanded  

The  Early  Days  •  We  started  small  without  any  big  fanfare  

•  Coordinated  by  CCIP  around  other  meeKngs  

•  Shoulder  taps  and  introducKons  

•  Increasing  acKvity  levels  of  NZITF  required  the  need  for  a  Steering  Commi`ee  to  be  established  in  2009    

Growing  Up  (coming  out)  

• Formally  Incorporated  in  2011  

• Membership  fee  structure  introduced  

• First  adverKsed  public  event  

NZITF  Board  

•  Telecom  NZ,  Mike  Seddon  (Chair)  

•  Domain  Name  Commission,  Barry  Brailey  (Vice  Chair)    

•  Bank  of  New  Zealand,  Chester  Holmes  (Secretary)  

•  Internet  NZ,  Dean  Pemberton  (Treasurer)  

•  Dept.  Internal  Affairs,  Toni  Demetriou  

•  Vodafone,  Steve  MarKn  

•  PWC,  Adrian  van  Hest  

What  has  the  NZITF  done?  

•  CoordinaKng  technical  training  •  Targeted  Threat  Workshop  •  Security  Architecture  training  • Wireless  Security  Training  course  •  Team  Cymru  Botnet  Forensics  

• Honeynet  Project  and  Shadowsever  Botnet  Defense/Offence  courses  

•  CSIRT  introducKon  • Open  Source  Intelligence  • Windows  Reverse  Engineering  

What  has  the  NZITF  done?  

•  Support  industry  and  community  iniKaKves  

•  Graduate  secondments  into  industry  

•  Support  research  iniKaKves  

The  Way  We  Work  • Members  are  nominated  and  vouched  on  

•  Traffic  Light  Protocol  

• MeeKngs  

•  Training  

• Working  Groups  

Current  NZITF  IniBaBves  

• NZITF  working  groups  • CREST  NZ  • Cyber  Security  Surveying  • Cyber  Exercising  Framework  

• Botnet/Malware  

• Judiciary  Outreach  • TRUST.nz  • Responsible  Disclosure    

CREST  NZ  

•  The  NZITF  set  up  working  group  to  establish  CREST  NZ    Council  of  Registered  Ethical  Security  Testers  

•  No  professional  voice  or  representaKon  for  the  penetraKon  tesKng  industry  

•  Lack  of  educaKon  and  training  courses  •  Skill  set  shortage  in  New  Zealand  •  Growing  internaKonal  cerKficaKon  •  CREST  Australia  is  now  up  and  running  

NaKonal  Exercising  Framework  

•  Exercising  tests  and  improves  the  levels  of  preparedness  for  a  significant  cyber  incident  

•  Develop  a  framework  and  schedule  for  conducKng  cyber  exercises:  

•  Scenario  Discussions  •  Table  Top  Exercises  (TTX)  •  CommunicaKons  Checks  • NaKonal  and  InternaKonal            Full  Play  Exercises  

Cyber  Security  Survey  

•  Limited  NZ  metrics  for  decision  makers  • Want  to  provide  insight  into:  •  Cyber  security  posture  of  New  Zealand  •  Impact/cost  of  cyber  crime  to  New  Zealand  • What  future  resources  New  Zealand  requires  

•  Survey  to  provide  feedback  to  parKcipants  •  Conduct  annually  if  valuable    

Botnet/Malware  

•  Assess  current  NZ  infecKon  rates  •  IdenKfy  exisKng  data  sources  of  botnet  infecKons  and  compromised  New  Zealand  based  websites    

•  Recommend  which  potenKal  miKgaKons  would  be  effecKve  in  New  Zealand  and  the  stakeholders  for  each  

•  IdenKfy  possible  technical  and  policy  based  miKgaKons  

Judiciary  Outreach  

•  Extending  a  hand  of  support  and  experKse  to  NZ  Judiciary  

•  Breadth  of  NZITF  membership  to  draw  from  

•  Training  opportuniKes    •  Expert  witnesses  

Who’s  In  and  Who’s  Out?  

An  Offer  

Q&A  

info@nzim.org.nz  Mike.seddon@nzim.org.nz  

Mike.seddon@telecom.co.nz  

Improving  the  cyber  security  posture  of  New  Zealand