Latest news with #NationalCyberSecurityCentre
Scoop
5 days ago
- Business
- Scoop
Entries Now Open For 2025 iSANZ Awards
Entries are now officially open for the 2025 iSANZ Awards, Aotearoa New Zealand's premier event celebrating excellence in information security. From today until 29 August 2025, New Zealand's business and cybersecurity community is invited to enter across seven award categories, honouring individuals, teams, initiatives, and organisations who are helping keep the country safe. Now in its 11th year, the annual iSANZ Awards shine a light on those working tirelessly - often behind the scenes - to defend our national digital infrastructure, businesses, and people from a growing wave of cyber threats. This year's winners will be announced at the iSANZ Awards Gala Dinner on 6 November 2025 at Shed 6 in Wellington, where the industry will gather to celebrate the best of the best in cybersecurity. Finalists will be revealed on 29 September 2025. Kendra Ross, iSANZ Board Chair, says the awards are an important moment of recognition for the country's cybersecurity professionals. 'Cybersecurity is no longer a nice to have, a luxury - it's now central to New Zealand's economic wellbeing, social stability,national security and the protection of all Kiwis. The iSANZ Awards give us the opportunity to recognise the people and organisations quietly working at the frontline of defence every day,' says Kendra. 'With cyber threats constantly evolving, we need to keep encouraging excellence, collaboration, and keep showcasing the great work of our industry to attract talent to our sector. That's why the iSANZ Awards event, alongside major information security conferences like the iSANZ Conference and Kawaiicon happening the same week, are more important than ever.' The call for iSANZ entries comes as recent research from the National Cyber Security Centre (NCSC) highlights the widespread impact of malicious online activity. The NCSC reports that 54% of New Zealand adults have experienced an online threat in the past six months, with 830,000 people suffering financial loss - averaging $1,260 per incident. The total estimated annual loss to New Zealanders due to cybercrime stands at a staggering $1.6 billion. 'In this context, recognising and celebrating our cybersecurity leaders isn't just important - it's vital,' says Kendra. 'These awards help build community, elevate role models, and raise the standard of protection across the board.' Award Categories for 2025: Security Project / Awareness Initiative Of The Year This category recognises outstanding and successfully delivered information security projects or initiatives. It could be a security awareness campaign, an organisational cyber uplift program or other security project. Chief Information Security Officer of the Year This category is open to cyber security leaders in CISO or security leadership roles who influence and drive better security outcomes for an organisation. Start Up Or New Business Of The Year This category celebrates the best new security companies that are making their mark and helping to raise the cyber resilience of Aotearoa New Zealand. Security Team Of The Year This category celebrates high performing security teams that are improving the cyber security posture of their organisation day in, day out. Security Company Of The Year This category celebrates stand out organisations that make security their business, rather than something that helps them in business. The security company of the year is awarded to the security company that has not only supported their customers and clients, but has worked to grow the security industry in Aotearoa New Zealand. Up And Coming Cybersecurity Star Of The Year This category focuses on our new cyber security professionals, celebrating the best and brightest who have joined our growing cyber security industry. Security Product of the Year This category is open to organisations who have great security products in the market that are showing measurable impact in protecting New Zealand organisations. For full details on each award category, eligibility, judging criteria and how to enter, visit the iSANZ website at Key Dates: Entries Open: 25 July 2025 Entries Close: 29 August 2025 Finalists Announced: 29 September 2025
Daily Mirror
6 days ago
- Daily Mirror
Massive Gmail and Yahoo alert issued to all UK email users - follow simple advice now
Everyone with a Gmail, Yahoo or Outlook account needs to be on high alert and report any suspicious activity. British email users appear to be facing a never-ending barrage of scam emails. In fact, a new alert from the team at Action Fraud has confirmed that a whopping 43 million suspicious emails were reported between January and May 2025. It's a staggering amount and shows exactly why we all need to be wary when checking our inboxes. Now there's some important new advice to consider and it could mean scammers start losing. When most of us spot something dodgy, we often just throw it in the bin, but that doesn't actually help to beat the online crooks. The best option when getting spam is to report it, as this can then stop cyber thieves from attacking others in the future. "As of May 2025, over 42 million suspicious emails have been reported to the Suspicious Email Reporting Service, resulting in the removal of 400,000 scam websites by the National Cyber Security Centre," Action Fraud explained. It's really simple to send messages to this service. If you have received an email which you're not quite sure about, you can simply forward it to report@ "The purpose of a scam email is often to get you to click a link," The National Cyber Security Center (NCSC) explained. "This will take you to a website which might download a virus to your computer, or steal passwords or other personal information. This is sometimes known as 'phishing'. "The National Cyber Security Centre (NCSC) has the power to investigate and remove scam email addresses and websites. It's free to report a suspicious email to us and it only takes a minute. By reporting phishing attempts you can reduce the amount of scam emails you receive, make yourself a harder target for scammers and protect others from cyber crime online." With so many malicious emails being sent every day, it's vital to be wary and never click on anything that appears unusual. Firm's such as Netflix and Spotify are prime targets with emails often suggesting that subcription payments have been cancelled. Amazon recently warned customers about a new scam that suggests Prime is rising with users then urged to click a cancel link. 'We've recently noticed an increase in customers reporting fake emails about Amazon Prime membership subscriptions,' the retailer said. 'If you want to verify your Prime membership, open your Amazon mobile app or go directly to the company advised. 'Select 'Prime' from the main menu to view your membership status, renewal dates, and plan details.'
Biz Bahrain
7 days ago
- Business
- Biz Bahrain
NCSC announces third edition of Arab International Cybersecurity Conference and Exhibition (AICS 2025)
On Tuesday morning, a press conference was held to announce the launch of the third edition of the Arab International Cybersecurity Conference and Exhibition (AICS 2025), under the patronage of His Royal Highness Prince Salman bin Hamad Al Khalifa, Crown Prince, Deputy Supreme Commander of the Armed Forces, and Prime Minister. The event is scheduled to take place from November 5 to 6 at the Bahrain International Exhibition Centre, officially organised by Faalyat, a leading company in international event management. The National Cyber Security Centre (NCSC) will host the third edition of the conference and exhibition in collaboration with the global DEF CON conference, one of the most prominent and specialised cybersecurity conferences worldwide. His Excellency Shaikh Salman bin Mohammed Al Khalifa, Chief Executive Officer of the NCSC, expressed pride in hosting the third edition of AICS under the patronage of His Royal Highness the Crown Prince, which reflects the Kingdom of Bahrain's continued commitment to consolidating its position as a leading global centre in the field of cybersecurity. HE emphasised that the partnership between the NCSC and DEF CON provides an opportunity for exchanging international expertise and establishing strategic partnerships, in addition to showcasing the latest solutions and technologies that play a pivotal role in enhancing cybersecurity readiness both regionally and internationally to address escalating and evolving cyber threats. HE also commended the ongoing cooperation with the official organising company, Faalyat, recognising its deep expertise in stakeholder engagement, strategic communications, and experiential design, which reflects a shared commitment to positioning Bahrain as a global leader in cybersecurity. The CEO pointed out that the previous two editions achieved remarkable success in terms of participation numbers and the diversity and richness of training workshops and panel discussions led by distinguished cybersecurity experts from the region and worldwide, reflecting growing regional and international confidence in Bahrain's ability to host and organise specialised international technology events. HE added that the third edition aligns with the NCSC's vision to enable secure digital transformation, foster innovation, develop future defence mechanisms against rising cyber threats, and strengthen regional and international cooperation to enhance Bahrain's cybersecurity ecosystem. During the press conference, a partnership agreement was signed between the National Cyber Security Centre and the global DEF CON conference, announcing the regional launch of the specialised DEF CON Villages focusing on artificial intelligence, space, cloud security, and industrial control systems, alongside interactive Demo Labs offering innovative technical and practical experiences. This initiative aims to provide researchers, students, and startups with opportunities to showcase their innovations and projects before a global group of experts in an engaging environment. Additionally, a cooperation agreement was signed between the NCSC and the Bahrain Institute of Banking and Finance (BIBF) to enhance efforts and collaboration in cybersecurity capacity building through specialised training programmes to prepare current and future national talents for the upcoming conference. The press conference also announced the formation of DEF CON Group Bahrain, a community bringing together leading experts, students, and those interested in digital safety and cyber resilience, focusing on discussing key defensive cybersecurity practices within Bahrain. It is expected that the third edition of AICS will attract over 10,000 participants from 50 countries to attend specialised panel discussions featuring more than 100 global cybersecurity experts. The event will also include international pavilions and youth empowerment programmes aimed at preparing the next generation of cybersecurity leaders through mentorship, training, and practical experience. The conference will include DEF CON Villages and interactive Demo Labs presented by distinguished cybersecurity experts from around the world, technical workshops, and training programmes tailored to the needs of professionals and institutions. Furthermore, it will feature a Capture the Flag (CTF) competition and other exciting cybersecurity contests designed to showcase local and international cybersecurity skills and talents. The event will also host a technology exhibition displaying the latest global solutions and innovations. BNA(R)
Yahoo
22-07-2025
- Business
- Yahoo
Simple ways employees can prevent cyber attacks
The scale and complexity of cyber threats facing large organisations today have never been greater. From targeted ransomware attacks to internal data leaks, the risk landscape is evolving rapidly. For large enterprises, which often hold vast quantities of sensitive data and critical infrastructure, robust cyber security measures are no longer optional—they're essential for resilience, reputation, and regulatory compliance. Effective cyber security strategy requires a layered, proactive approach. While technology plays a significant role, success depends just as much on leadership, policy, and staff behaviour. This article outlines key cyber security advice for large organisations, using guidance from trusted sources like the UK's National Cyber Security Centre (NCSC), and highlights best practices that will remain relevant as threats evolve. Build a strong governance framework For any organisation with complex systems and a large workforce, cyber security governance is the foundation on which all defences rest. Clear governance ensures that security responsibilities are defined at every level, from board members to frontline staff. Start by establishing a formal cyber security strategy aligned with your wider business objectives. The board should have visibility of cyber risks, supported by senior leaders with appropriate expertise, such as a Chief Information Security Officer (CISO). Risk ownership must be assigned, and accountability built into every level of the organisation. The NCSC recommends adopting frameworks such as the Cyber Assessment Framework (CAF), which helps assess your organisation's ability to manage cyber risks to essential services. Implement regular audits and maturity assessments to identify gaps and ensure continuous improvement. Risk management should extend beyond the organisation's boundaries. Third-party vendors, contractors, and supply chains are common entry points for attackers. Ensure that partners adhere to comparable security standards and include cyber clauses in all contracts. Carrying out regular supplier risk assessments can significantly reduce exposure. Invest in layered technical defences Large organisations typically manage a diverse mix of legacy systems, cloud services, and mobile infrastructure—all of which can introduce vulnerabilities. Implementing a layered, defence-in-depth approach can prevent a single point of failure from compromising your entire network. At the perimeter, firewalls, intrusion detection systems (IDS), and secure gateways can help block unauthorised traffic. Within the network, segment systems by function or sensitivity to limit the impact of a breach. For instance, sensitive HR data should never reside on the same network as public-facing services. Endpoint protection should include next-generation anti-virus software, real-time monitoring, and automated incident response capabilities. Ensuring that systems are regularly patched is vital; unpatched software remains one of the most exploited weaknesses. Cloud security requires its own set of controls. Apply the principle of least privilege to user accounts, enforce strong authentication (ideally multi-factor authentication), and monitor usage through centralised dashboards. Encrypt data both in transit and at rest to safeguard against interception or theft. Backup strategies are equally critical. Maintain secure, off-site backups of all essential data and test your recovery processes regularly. Many ransomware attacks attempt to corrupt backups first, so isolating them from the main network is best practice. Prioritise staff awareness and secure behaviours While sophisticated malware grabs headlines, many breaches result from simple human error—phishing emails, weak passwords, or misconfigured permissions. Cultivating a culture of security awareness is therefore one of the most cost-effective defences an organisation can implement. Regular training should cover not just technical knowledge, but also behavioural aspects. Teach employees how to spot suspicious messages, how to handle sensitive data, and the importance of reporting incidents quickly. Cyber security awareness should be embedded into onboarding processes, and updated through ongoing campaigns or simulated phishing exercises. Adopt strong access control policies across the organisation. Encourage the use of password managers and enforce minimum standards such as length, complexity, and uniqueness. Where possible, use biometric or multi-factor authentication to reduce the risk of credential theft. Set clear policies for remote work, device use, and data sharing. As hybrid and mobile working becomes the norm, organisations must secure both corporate and personal devices. Deploy mobile device management (MDM) solutions and ensure secure virtual private network (VPN) access for all remote users. Incident response plans should be tested regularly so staff know how to act quickly and effectively during a breach. Knowing who to contact, what evidence to preserve, and how to contain the incident can dramatically reduce the impact of an attack. The takeaway Cyber security for large organisations is not a single solution but a continuous process. It combines governance, technology, and people in a coordinated effort to reduce risk and increase resilience. By implementing strong governance structures, maintaining layered technical defences, and promoting a culture of cyber awareness, organisations can better prepare for the threats of today—and those yet to come. As cyber attackers grow more sophisticated, the importance of forward-thinking, holistic strategies cannot be overstated. Large organisations must remain agile, informed, and committed to continuous improvement in their security posture. By doing so, they protect not only their data and systems but also the trust of customers, partners, and the public at large. "Simple ways employees can prevent cyber attacks" was originally created and published by Retail Insight Network, a GlobalData owned brand. The information on this site has been included in good faith for general informational purposes only. It is not intended to amount to advice on which you should rely, and we give no representation, warranty or guarantee, whether express or implied as to its accuracy or completeness. You must obtain professional or specialist advice before taking, or refraining from, any action on the basis of the content on our site. Sign in to access your portfolio
RNZ News
21-07-2025
- RNZ News
New Zealand businesses warned as Microsoft SharePoint targeted in cyber attack
File photo. Photo: AFP / Gerard Julien New Zealand's cyber watchdog has picked up on a Microsoft warning about attacks on server software globally. The Washington Post reported hackers had been able to launch a so-called "zero-day" attack , targeting a previously unknown but "major security flaw". Microsoft issued an alert several days ago to governments and businesses that servers within organisations that use SharePoint, were exposed. The hack does not affect SharePoint online in cloud computing systems. The National Cyber Security Centre said New Zealand organisations should install security updates or isolate their SharePoint from the internet. However, the remedy appeared limited. "Currently ... patches are only available for SharePoint Subscription Edition and SharePoint Server 2019," the centre said on its website. US regulators last year castigated Microsoft for what they called a lax security culture around a 2023 attack on cloud services by Chinese hackers. Microsoft responded by saying it was hardening all its systems. Sign up for Ngā Pitopito Kōrero , a daily newsletter curated by our editors and delivered straight to your inbox every weekday.
