Home > Project Reports > NZCERT
Skip to content.

NZCERT

Document Actions
Project Report - NZCERT.

(Links to Strategy 3: Technical Development and Innovation)

Project Sponsor: Michael Wallmannsberger

Staff Support: Campbell Gardiner

Project Status: Active    Smiley Smiley

Project Description:

This project investigates scoping the establishment of a New Zealand Computer Emergency Response Team (NZCERT), to provide computer incident prevention, response and mitigation strategies for members, a national alerting service and an incident reporting scheme.

Project Budget:

$25,000 has been budgeted for the NZCERT project in 2008/09.

Overall Progress Summary:

Staff have registered a domain name (nzcert.net.nz), researched a range of issues relating to CERT set-up and have had ongoing discussions with parties including the SSC, CCIP and AusCERT.   

Most recently, we have drafted an RFP calling for expressions of interest from those able to undertake scoping.

Activities Planned for August 2008:

  • Finalise RFP.

Project History:

July 2008:

  • Received stakeholder input and followed up with the SSC asking for a copy of a CERT report they had prepared earlier. 

June 2008:

  • Refined RFP.
  • Contacted some key stakeholders for further input.

May 2008:

  • Drafted an NZCERT Request for Proposal (RFP) document and sent to Exe Dir for review.

April 2008:

  • Followed up with technical experts on Murray's CERT strawman. Tabled NZCERT for discussion at next Tech-Pol meeting re: next steps.

March 2008:

  • CERT strawman presented to a selected group of technical experts for further input.

January - February 2008:

  • CERT strawman/proposal received from Brendan Murray.
  • Advised Tech-Pol of existence of NZCERT-tf mailing list. Some mailing list activity.

July - December 2007:

  • Tech-Pol discussed two options for moving forward: Option one: engage a contractor to produce an initial scoping document (with a larger scoping exercise to be conducted later). Option two: engage a security expert to produce a more substantial report.

  • A range of potential security 'experts' that could produce a scoping  report were discussed, including Colin Jackson.

  • Drafted an NZCERT Terms of Reference; to be approved by Tech-Pol Committee. 
  • Tech-Pol Committee discussed NZCERT at its 18 October meeting.
  • Met again with the SSC, who believe there is a need for detailed scoping, which could be approached jointly by themselves and InternetNZ.
  • Met CCIP, SSC and spoke with AusCERT. Note: SSC advises it is investigating setting up an NZCERT. 
  • Drafted an issues document based on the above discussions, and published to NZCERT mailing list for consideration.  

January - June 2007:

  • Ongoing discussions with potential contractor for scoping.
  • Proposal for scoping received from potential contractor.
  • Discussions with two potential contractors for scoping exercise.

September -  December 2006:

  • Contact with CCIP re: RSS feed.
  • B. Murray liasing with P. Macaulay, F. March re: MED involvement and interest.
  • Discussions on future direction with Exe Dir.

June - August 2006:

  • Website design completed and site installed.

  • Website design work described and delivered.

  • Website functionality developed (including wiki).

April - May 2006:

  • Registered domain name nzcert.net.nz.
  • Beta website functionality of Wiki and discussion board further configured.

February - March 2006:

  • Met with CCIP to discuss their role in security activities generally
  • Approached CCIP for RSS feed for INZ use/presentation
  • Beta website functionality of Wiki and discussion board
  • Set up two email lists for NZCERT activities.

2005:

  • Task force set up to investigate the setting up of a NZCERT.