179

1.1.2. Workforce

The NCSC comprises of a team of cyber security focussed relationship, technical, policy and incident coordination professionals.

1.1.3. NCSC Customers

Primarily New Zealand government agencies, law enforcement, Critical National Infrastructure operators, registered New Zealand Network Operators and other key industry stakeholders, in addition to wider engagement with other customers in the private sector. 2. Activities and Operations

2.1. Incident handling reports

In 2014, the NCSC received a total of 70 incident reports which met the reporting criteria. The largest category of Incident Report type fig 1.1 was scam and scam related incidents, these made up 26 of the incidents captured. BotnetMalware and Spear Phishing with the second most reported categories making up 16 and 11 of incidents respectively. Attempted network intrusionscompromises and Denial of Service attacks also made up a significant number of incidents reported at 10 each. 180 Fig 1.1 Of the customers that were targeted fig 1.2 the New Zealand Government reported the majority of the incidents. The private sector reported slightly less than half of the incidents reported to the NCSC at 44. The Government and Private sector customers incidents reported represent 96 of all of the incidents reported to the NCSC in 2014. This highlights the NCSC’s increased focus on both the Government and Private sectors. 181 Fig 1.2

2.2. The Telecommunications Intercept Capability and Security Act TICSA

The Telecommunications Interception Capability Act TICA was replaced in 2014 with the Telecommunications Interception Capability and Security Act TICSA. The TICSA is designed to assist network operators and the NCSC to work co-operatively and collaboratively with each other, so that network security risks can be identified and addressed as early as possible. The NCSC works together with New Zealand network operators in an on-going dialogue based on good faith to ensure the TICSA network security process is implemented and operates in a pragmatic and practical way for the New Zealand telecommunications industry. The NCSC has worked in consultation with New Zealand telecommunications industry to provide guidance to the TICSA and has published the TICSA guidance paper. The guidance paper can be located at http:www.ncsc.govt.nzassetsTICSATICSA-Guidance-July-2014.pdf The TICSA process fig 2.1 can also be found in the TICSA Guidance paper. 182 Fig 2.1 The TICSA came into effect on 11 May 2014, there are now 138 registered Network Operators with a good number of TICSA notifications of proposal being submitted to the TICSA team within the NCSC for consideration. Common feedback from the Network Operators includes that the TICSA has 183 assisted with enhancement of the existing Security Industry best practices and that Network Operators are making use of the NCSC TICSA team as an extension to their existing Security Governance checks. The TICSA has contributed to further enhanced awareness on the importance of Security for all Network Operators.

2.3. Additional Activities during the period