Voluntary Cyber Security Standards for Infrastructure Operators

New standards for cyber security have been developed and agreed by operators of critical power infrastructure in New Zealand.

The voluntary standards have been developed by the National Cyber Security Centre(external link), which is part of the Government Communications Security Bureau (GCSB), and New Zealand Control Systems Security Information Exchange forum.

The GCSB Director, Ian Fletcher says, “The national and economic security of New Zealand depends on the reliable functioning of critical infrastructure, like our electricity networks.

“We meet several times a year to share information about threats and vulnerabilities in industrial control systems, which allow centralised supervision and control of remote assets such as power stations. It is this commitment to information sharing and collaboration across the industry which has led to the development of the voluntary standards,” Mr Fletcher says.

“The energy sector forms a key part of New Zealand’s critical economic infrastructure and application of these voluntary standards will help increase the resilience of key systems and reduce their vulnerability to cyber-borne threats.

“The development of these standards is a tangible demonstration of effective collaboration between government and the private sector, and those involved are to be commended for their initiative and commitment,” he says.

While these nine standards have been developed for the power sector, they can be applied to all industries that operate industrial control systems. It is intended that they will be a starting point for further development and improvement.

The Voluntary Cyber Security Standards for Infrastructure Operators [PDF, 746 KB] document is available to download [PDF, 746 KB].

Media contacts: Antony Byers: 04 819-8273 or 021 985-430 / Cherie Blithe:  04 819-8226 or 021 647-990