Consultation open on Responsible Disclosure Guidelines
Posted: 8 November 2013
Today the New Zealand Internet Task Force (the NZITF) has released draft guidelines on responsible disclosure. These guidelines will help security researchers and organisations that operate ICT systems to work together to identify, understand and fix security vulnerabilities in New Zealand websites and ICT systems.
We are seeking your views on these draft guidelines to make sure that they are high quality and provide useful guidance on the aspects of responsible disclosure that need covering.
We welcome any comments or suggestions that you have on how the guidelines could be improved. We would also like to hear from you if your organisation is interesting in being named as a third party for finders to contact and act as an intermediary between them and the ICT owners that they deal with.
The guidelines are available for download at http://nzitf.org.nz/files/NZITF_Draft_Responsible_Disclosure_Guidelines.pdf
Submissions should be sent, by email, to email@example.com by Sunday 22 December (please include the words "guidelines submission" in the subject header).
Responsible Disclosure Guidelines
Posted: 3 September 2013
Media release – 3 September 2013
The New Zealand Internet Task Force (NZITF) is currently working on responsible disclosure guidelines. These guidelines will help security researchers and organisations to work together when disclosing and addressing vulnerabilities in ICT systems.
New Zealand businesses and organisations do not want to have ICT systems (such as websites) with vulnerabilities in them. Security researchers want to be able to notify organisations of vulnerabilities they come across without fear of legal action or negative publicity. It is important that we are all clear about what is expected of us when disclosing a vulnerability or when someone contacts us with a vulnerability.
Because the NZITF has a broad membership of security professionals we think that we can provide guidance that will add value, set some clear boundaries and ultimately make it easier for security professionals to work together and help improve New Zealand’s cyber security posture. The NZITF is intending to hold a public consultation on the guidelines later this year.
Local group scoops top Australian security award
Posted: 7 June 2013
Media release – 7 June 2013
The New Zealand Internet Task Force (NZITF) has beaten the Australians at their own game, taking out the top prize in the prestigious AusCERT Awards.
Winner of the ‘Best Security Initiative,’ the NZITF was recognised last month for its bringing together of security experts from across the country’s government and private sector security communities.
New Zealand Internet Task Force Chair Mike Seddon says members of the NZITF are delighted to have been recognised on Australian soil, with the AusCERT win testament to the strength and effectiveness of the Task Force’s proactive cyber security activities.
A volunteer group of security professionals across government, law enforcement, academia, information security and private sector industries, the NZITF works collaboratively to improve the cyber security posture of New Zealand in defending against and mitigating cyber based threats.
Seddon says the comprehensive make-up of the NZITF affords it a unique view of the opportunities and threats across the entire spectrum of IT security and risk.
“Our approach is grounded in collaboration and trust. In sharing amongst ourselves our knowledge and experience, the general delivery and state of IT security and risk management in New Zealand is significantly improved.
“We are a rather unique outfit in a global sense and that is why the benefits we have and will continue to deliver are a key contributor as to why New Zealand could be considered world leading in this arena.”
For more information contact:
Chair NZ Internet Task Force
NZITF wins Australian Information Security award
Posted: 23 May 2013
The New Zealand Internet Task Force has won the Award for Best Security Initiative in the 2013 Australian Information Security Awards. The awards were held at the 2013 AusCERT Information Security Conference, and are run in conjunctions with SC Magazine.
The Best Security Initiative is presented to an individual or organisation who has developed solutions to security threats, and will build trust and confidence in the online environment.
NZITF finalist in 2013 Australian Information Security Awards
Posted: 10 May 2013
The New Zealand Internet Task Force has been announced as a finalist in the Best Security Initiative category in the 2013 Australian Information Security Awards. The award for Best Security Initiative is presented to an individual or organisation who has developed solutions to security threats.
The 2013 Australian Information Security Awards will be held at the 2013 AusCERT Information Security Conference.
Cyber Security Awareness Week 2013
Posted: 27 March 2013
NZITF Highly Commended in ANZIAs
Posted: 10 October 2012
The NZITF has received a Highly Commended recognition in the Security & Privacy category at the 2012 Australia and New Zealand Internet Awards (the ANZIAs). The ANZIAs judges agreed that the NZITF:
"contributes to a safer online environment for New Zealand businesses and individuals, through its’ initiatives to enhance the capabilities of the security community".
The NZITF Board would like to extend it's congratulations to Aura Information Security, a member of the NZITF, who won the Security and Product category for thier RedEye Security product.
NZITF finalist in ANZIAs
Posted: 14 August 2012
The NZITF has been announced as a finalist in the Security & Privacy category at the 2012 Australia and New Zealand Internet Awards(the ANZIAs). Aura Information Security, a member of the NZITF, has also been nominated for its RedEye Security product.
The ANZIAs are a collaboration between auDA and InternetNZ, and an annual event celebrating the achievements of organisations, businesses and individuals that have made significant contributions to the development and use of the Internet in Australia and New Zealand. ANZIA winners receive recognition as industry leaders, for setting new standards in making the Internet a more inclusive, accessible and safe place. The ANZIAs category winners will be announced on October 12, 2012, for more details please visit the ANZIA website.
Cyber Security Awareness Week
Posted: 1 June 2012
New Zealand is holding it's inaugural Cyber Security Awareness Week, CSAW, 11-15 June 2012. CSAW is being coordinated by NetSafe. You can follow the weeks events via NetSafe's facebook page.
DNSChanger Diagnostic Check
Posted: 1 May 2012
Over 1000 New Zealand computers are believed to be infected with the DNSChanger malware, on 9 July it is likely that these infected machines will no longer be able to connected to the Internet.
To check if your machine is infected, and to find out how to fix this please visit the DNSChanger Diagnostic website. This website is a joint initiative between NetSafe, the New Zealand National Cyber Security Centre, and the Ministry of Economic Development.
Bruce Schneier Public Event
Posted: 2 April 2012
The NZITF is proud to annouce a public lecture by Bruce Schneier, Liars and Outliers, Tuesday 1 May 2012. This is event is free to attend but RSVP's are essential. More info...
NZ Lawyer Magazine Article
Posted: 23 March 2012
An article has been recently published in the NZ Lawyer magazine provides some useful suggestions for organisations that are looking to improve their online security. (Article)
SC Magazine Article
Posted: 9 March 2012
A recent article in SC Magazine Australia looks at the effort in New Zealand and Australia to establish a certification for the penetration testing industry. (Article)