Office of the Minister of Broadcasting, Communications and Digital Media Chair, Cabinet Appointments and Honours Committee

Similar documents
Resolution: Advancing the National Preparedness for Cyber Security

POSITION DESCRIPTION

Position Description. Engagement Manager UNCLASSIFIED. Outreach & Engagement Information Assurance and Cyber Security Directorate.

Protecting information across government

Digital government toolkit

POSITION DESCRIPTION

Released by the Minister of Broadcasting, Communications and Digital Media

Package of initiatives on Cybersecurity

Position Description. Computer Network Defence (CND) Analyst. GCSB mission and values. Our mission. Our values UNCLASSIFIED

ICT FUNCTIONAL LEADERSHIP: PROGRESS REPORT OCTOBER 2016 TO MARCH 2017

Technical Advisory Board (TAB) Terms of Reference

Cybersecurity governance in Europe. Sokratis K. Katsikas Systems Security Laboratory Dept. of Digital Systems University of Piraeus

Briefing to the Incoming Minister

Government Resolution No of February 15, Resolution: Advancing National Regulation and Governmental Leadership in Cyber Security

Public Safety Canada. Audit of the Business Continuity Planning Program

LEADERSHIP GROUP LG (2017) Paper October 2017 RESILIENCE BOARD

POSITION DESCRIPTION

Marine Institute Job Description

Proactively released by the Minister of Internal Affairs

Cybersecurity & Privacy Enhancements

Architecture and Standards Development Lifecycle

Purpose. Executive summary

Dated 3 rd of November 2017 MEMORANDUM OF UNDERSTANDING SIERRA LEONE NATIONAL ehealth COORDINATION HUB

KENYA SCHOOL OF GOVERNMENT EMPLOYMENT OPORTUNITY (EXTERNAL ADVERTISEMENT)

Marine Institute Job Description

The Government IT Profession: Embedding IT Professionalism in Your Organisation

Public Sector Cyber Security Series

Update on the Government of Canada s Information Technology Transformation Plan

Meeting of the BBC Audit and Risk Committee SUMMARY MINUTES. Thursday 22 June, 2017 New Broadcasting House, London

Cloud solution consultant

IMPLEMENTING SECURITY, PRIVACY, AND FAIR DATA USE PRINCIPLES

BHConsulting. Your trusted cybersecurity partner

NATIONAL INFRASTRUCTURE COMMISSION CORPORATE PLAN TO

National Council for Special Education. NCSE Support Service Assistant National Coordinator Job Description and General Notes

Governance Structure and Terms of Reference for Climate Technology Centre and its Network

ASSEMBLY, No STATE OF NEW JERSEY. 217th LEGISLATURE INTRODUCED FEBRUARY 4, 2016

Cloud solution consultant

HPH SCC CYBERSECURITY WORKING GROUP

WA Govt Changing Cyber Security Landscape

PIPELINE SECURITY An Overview of TSA Programs

Public Sector Cyber Security Series

THE CYBER SECURITY ENVIRONMENT IN LITHUANIA

MEMBERSHIP POLICY SCA (Qld) Board adopted - 18 November 2014

National Council for Special Education. NCSE Support Service Advisor Job Description and General Notes

Cybersecurity in Asia-Pacific State of play, key issues for trade and e-commerce

New Zealand National Cyber Security Centre Incident Summary

IT Governance ISO/IEC 27001:2013 ISMS Implementation. Service description. Protect Comply Thrive

VOTE INTERNAL AFFAIRS WRITTEN RESPONSES TO THE ANNUAL REVIEW SUPPLEMENTARY QUESTIONS 2016/17

GLOBAL INDICATORS OF REGULATORY GOVERNANCE. Scoring Methodology

SSR Staff Information Sessions Information Technology

National Policing Community Security Policy

UNCLASSIFIED. National and Cyber Security Branch. Presentation for Gridseccon. Quebec City, October 18-21

World Climate Conference-3

Programme. Legal Instruments for the Internet Economy. Building Capacity and Implementing Regulation. Malta, 14 th to 19 th September, 2015

TRANSFORMING HEALTHCARE. & Facing Challenges Together in 2017

ISACA GEEK WEEK SECURITY MANAGEMENT TO ENTERPRISE RISK MANAGEMENT USING THE ISO FRAMEWORK AUGUST 19, 2015

Strategic and operational threat analysis at Europol's EC3

Oregon Fire Service Conference Enterprise Security Office Update. October 26, 2018

Key Findings from the Global State of Information Security Survey 2017 Indonesian Insights

Technical Conference on Critical Infrastructure Protection Supply Chain Risk Management

Call for Expressions of Interest

The value of visibility. Cybersecurity risk management examination

Panel 1 National CSIRT Experience

Accreditation Services Council Governing Charter

Security and Privacy Governance Program Guidelines

BHConsulting. Your trusted cybersecurity partner

John Snare Chair Standards Australia Committee IT/12/4

Revised November EFESC Handbook

Vademecum of Speakers

UNITED STATES OFFICE OF PERSONNEL MANAGEMENT

Regulating Cyber: the UK s plans for the NIS Directive

BACKGROUND NOTE ON ACTION PLANS

TURNING STRATEGIES INTO ACTION DISASTER MANAGEMENT BUREAU STRATEGIC PLAN

Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure

Terms of Reference for National Health Promotion (IEC/BCC) Technical Working Groups

MEMBERSHIP POLICY SCA (Qld) Board approved - 9 Feb 2016

B-BBEE ICT SECTOR COUNCIL. MS NOKUZOLA EHRENS CHAIRPERSON ;

NATIONAL DEFENSE INDUSTRIAL ASSOCIATION Homeland Security Symposium

NZTECH ADVANCE SECURITY SUMMIT: ADDRESSING A CRITICAL

CYBERSECURITY. The Intersection of Policy and Technology YOU RE HERE TO MAKE A DIFFERENCE ṢM

Cybersecurity Presidential Policy Directive Frequently Asked Questions. kpmg.com

COMMENTARY. Federal Banking Agencies Propose Enhanced Cyber Risk Management Standards

Network and Information Security Directive

ENISA s Position on the NIS Directive

ANZPAA National Institute of Forensic Science BUSINESS PLAN

The Role of the Data Protection Officer

In Accountable IoT We Trust

Cyber security. Strategic delivery: Setting standards Increasing and. Details: Output:

Briefing for the Incoming Minister of Broadcasting, Communications and Digital Media. Communications and the Digital Economy 26 October 2017

From the E-readiness Assessment and Analysis to an Action Plan and Policies Recommendations. Gabriel Accascina

JOINT STATEMENT BY THE MINISTRY OF ENERGY OF THE RUSSIAN FEDERATION AND THE INTERNATIONAL ENERGY AGENCY

DIT DSO Defence & Security Symposium 2017

cybersecurity in Europe Rossella Mattioli Secure Infrastructures and Services

European Code of Conduct on Data Centre Energy Efficiency

ISO 27001:2013 certification

Response to Wood Buffalo Wildfire KPMG Report. Alberta Municipal Affairs

Brussels, 19 May 2011 COUNCIL THE EUROPEAN UNION 10299/11 TELECOM 71 DATAPROTECT 55 JAI 332 PROCIV 66. NOTE From : COREPER

National Strategy for CBRNE Standards

New CEPIS Mission

300 Riverview Plaza Odysseus Marcopolus, Chief Operating Officer Trenton, NJ POLICY NO: SUPERSEDES: N/A VERSION: 1.0

Transcription:

Office of the Minister of Broadcasting, Communications and Digital Media Chair, Cabinet Appointments and Honours Committee CERT NZ Establishment Advisory Board Extension and Appointments Proposal 1. This paper outlines my decision to extend the term and appointments of the Computer Emergency Response Team (CERT NZ) Establishment Advisory Board to September 2018. The Board consists of nine members, including the Chair. Background 2. CERT NZ was established in April 2017 as a branded business unit of MBIE, and sits within MBIE s Market Services branch. 3. CERT NZ provides economy-wide services to businesses, organisations and individuals who are affected (or may be affected) by cyber security incidents. It collates a profile of the cyber security threat landscape in New Zealand, and provides trusted and authoritative information and advice. 4. CERT NZ sits at the centre of New Zealand s cyber security architecture. It works with other agencies with cyber security responsibilities (including Department of Prime Minister and Cabinet, the National Cyber Security Centre, NZ Police, Department of Internal Affairs and Netsafe) and ensures a coordinated response to cyber security threats in New Zealand. 5. In August 2016, the CERT Establishment Advisory Board (the Board) was appointed to support the establishment of CERT NZ, and to enable CERT NZ to access the expertise in cyber security within the private and NGO sectors [APH-16- MIN-0156 Minute refers]. Purpose of the CERT NZ Establishment Advisory Board 6. The Board provides advice to the Minister of Communications and the Deputy Chief Executive (Market Services) of the Ministry of Business, Innovation and Employment on enabling the involvement of the non-government and private sector in the operation of CERT NZ; the longer-term organisational form of CERT NZ; and as required, any other matters relating to the operation of CERT NZ (for example, if advice is required on the development of new service offerings). Composition and extension of term 7. The Board has no less than five and no more than nine members at one time. Members will be reappointed until 30 September 2018. Additional information on members experience and expertise is included with the candidates CV forms. 8. I have contacted the existing Board members (outlined in Annex Two) to offer an extension of their appointment to September 2018. This will ensure that CERT NZ will continue to have access to private sector and NGO expertise on cyber security

issues, while a more enduring advisory mechanism for government is considered as part of the current Cyber Security Strategy and Action Plan Review. 9. I will report back to the Appointments and Honours Committee (APH) if further appointments need to be made to ensure that the Board is well-balanced and representative. Remuneration 10. The Board is classified as a Group 4, Level 3 - all other committees and other bodies under the Cabinet Fees Framework (CO (12) 6). The fees for the Board Chair will be $320 per day and the fees for the Board members will be $250 per day (plus GST if applicable). These fees are consistent with the Cabinet Fees Framework. Commencement and expiry of appointments 11. Each of the members will be appointed from 1 April 2018 until 30 September 2018. Appointment process and consultation 12. I can confirm that an appropriate process was followed in selecting the Board members when the Board was established in 2016, in terms of the State Services Commission Appointments Guidelines. 13. I propose to carry-over existing members (subject to their availability). This approach is appropriate because members are being extended in the same role, providing continuity of service, and maintaining the experience of members over a short space of time. As a general guide, State Services Commission Appointments Guidelines note that members can be reappointed for further terms if the Minister considers there are sound reasons for doing so. 14. The revised terms (draft version in Annex A) provide for the Board to be extended for a six month term and advise CERT NZ on strategy, policy and service delivery with the objective of ensuring it remains focused on engaging with the private sector to deliver cyber security services. The Board s focus would be limited to engagement with regard to CERT NZ s role; it would not have a broader crossgovernmental cyber security mandate. Representativeness of appointment 15. At the time of initial appointment, consideration was given to the need to achieve appropriate gender, age, geographical and ethnic balance. I am satisfied that the members provide for a well-balanced Board in terms of gender, age, ethnicity and geographic representation, and an appropriate mix of skills and experience. Conflicts of interest 16. Several members identified memberships to other Boards and employment relationships in initial conflict of interest assessments, which are noted in the attached candidate forms. I consider these conflicts to be appropriate given that the Board is intended to enable private sector and non-government cyber security experts to provide advice on the development of CERT NZ. 17. As part of extending the Board s term, available members will be asked to complete a new conflict of interest assessment. The extended appointments will not be

finalised before appropriate enquiries concerning conflicts of interest have been carried out in accordance with the SSC appointment guidelines and will be reported back to Cabinet should any issues arise. 18. The following regime will continue to deal with conflicts: members will be required to keep the Chair and Secretariat informed of any potential conflicts of interest, which will be recorded; the Chair will consult with the Ministry of Business, Innovation and Employment on the management of conflicts of interests; and conflicts will be managed in accordance with the Auditor General s Guidance Managing conflicts of interest: Guidance for public entities. Timing and Publicity 19. The communications approach around this paper and associated issues will be managed by my Office, in consultation with other Offices as appropriate once the membership of the Board has been confirmed. Consultation 20. No other agencies have been consulted on this paper as the Boards role continues to relate to CERT NZ only under its revised Terms of Reference. Recommendations 21. It is recommended that the Cabinet Appointment and Honours Committee: 1. note my decision to offer an extension of appointment terms to the following members of the CERT NZ Establishment Advisory Board: i. Sarah Ellen BURKE ii. iii. iv. Jonathan DUFFY David Frederick EATON Adrian Peter Anthony VAN HEST v. Paul Jonathan MCKITRICK vi. vii. viii. Deborah Louise MONAHAN Kendra Leanne ROSS Richard John Simon SHERA; 2. note my decision to offer an extension to the appointment of Michael Franz WALLMANNSBERGER as Chair of the CERT NZ Establishment Advisory Board; 3. note I will report back to APH if further appointments need to be made to ensure that the Board is well-balanced and representative; 4. note that new appointment terms will commence 1 April 2018 and continue until 30 September 2018.

5. note the Candidate CV Forms and the Membership Form are compiled and attached. Authorised for lodgement Hon Clare Curran Minister of Broadcasting, Communications and Digital Media

Annex One: Current CERT NZ Establishment Advisory Board Members a. Sarah Burke: Sarah is Head of Technology Platforms at ANZ New Zealand. Sarah was previously Head of Information Security and Technology Risk for ANZ New Zealand. Sarah has an understanding of customer needs, and has experience in organisational and system change. b. Jon Duffy: Jon is currently the Head of Trust and Safety at TradeMe. He is Deputy Chair of Netsafe and on the Board of Consumer New Zealand. Jon has a strong consumer and SME voice. c. David Eaton: David is Associate Director, Cybersecurity (NZ) at Datacom. He is the Chair of the ICT Advisory Committee at the Manukau Institute of Technology. He was the Chief Technology Officer at Hewlett Packard Enterprise and has been a long-time advocate of improving New Zealand s cyber security and has had extensive involvement in the development of the New Zealand Cyber Security Strategy and ongoing action plan. d. Adrian Van Hest: Adrian is the National Cyber Leader at PwC. He has experience in IT managing security and implementing security operations centre. He also has strategic development and project management experience. e. Paul McKitrick: Paul is the Principal Program Manager Development of ICEBRG Inc and the previous Senior Security Strategist at Microsoft. He cofounded the New Zealand Internet Taskforce and authored the FIRST.org Information Exchange Policy framework. He has previously employed at the GCSB where he represented New Zealand on a number of international CERT networks. Paul is currently based in the United States and has vast global technical experience. f. Deborah Monahan: Deborah (Debbie) is a cyber security consultant. She was the.nz Domain Name Commissioner for 15 years. She is a member of the New Zealand Internet Taskforce. Debbie has been a long term supporter of a national CERT. g. Kendra Ross: Kendra co-founded and is the Director of Duo NZ Ltd (a Security Distributor), PS Duo Ltd and Duo International Pty Ltd. She co-founded 1 st Tuesday Security Club, which is a network for senior security professionals across New Zealand. Kendra is also the co-founder and Chair of isanz (Information Security Awards New Zealand). Kendra understands and would represent the views of small business. h. Rick Shera: Rick is a Partner at Lowndes Jordan, a corporate and IT lawyer. He is the Chair of NetSafe and a founding director of Network for Learning Ltd. Rick is also on the Board of DigitalNZ. He has extensive board experience, and knowledge of legal issues within governance and IT. i. Michael Wallmannsberger (Chair): Michael is a cybersecurity consultant. He has previously been the Chief Information Security Officer at Wynyard Group, the director of the New Zealand Domain Name Registry Ltd and a councillor on the Standards Council and Internet New Zealand. Michael is also the Board Chair of OUTLine NZ Inc.

Annex Two: Establishment Advisory Board Terms of Reference, 2018

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback