Primesure Newsletter: March 2024

Kia ora and welcome to our first newsletter of 2024

Can you believe we are into March already!!

All the crew are back on deck and we have some exciting things coming this year. We are looking to bolster our numbers with hopefully 3 new staff members shortly.

We have lost Angela Black unfortunately as she is focusing on family and wish her all the best. She has been a huge asset to the company for a number of years and we are sad to see her go.

Currently we are looking into a new system that will enhance our speed and delivery of the services we offer, this will hopefully be coming September this year.

Its not often you get to say this but we had a client turn 100 in the past couple of months as well.

Hope you enjoy the newsletter and find the information of benefit.

Cheers, 
Cameron Hollis

Article:
Tree feller fined for dangerous work practices although no one was harmed

A Nelson man has been convicted and fined $56,000 after he carried out tree felling directly adjacent to State Highway 60 without any warning signage or traffic management in place. Fortunately, no one was hurt. WorkSafe said the man should have taken several steps, including not felling trees within two lengths of a public road, putting in place temporary traffic management controls with the authorisation of the Road Controlling Authority and ensuring all workers were adequately trained.  He was also required to notify WorkSafe before he began the tree felling.

It is highly likely that the decision to prosecute the man and the sizable fine was influenced by the long history the man had with WorkSafe.  This included four Prohibition Notices and 28 Improvement Notices since 2013 for unsafe tree felling, failing to notify of tree felling work, workers having inadequate qualifications and having an insufficient health and safety system. He was also convicted in 1998 for failing to ensure the safety of an employee.  

At sentencing, the Judge was critical of the man’s dismissive attitude, commenting that ‘you are a person who has put your concerns around financial costs involved in completing work ahead of important safety considerations.’

Article: Cybersecurity challenges for NZ business

Expert outlines strategies to navigate cyber threat environment: 

A study published by telecommunications company Kordia has brought to light the toll of cyberattacks on New Zealand's large businesses.

The survey, targeting firms with a workforce exceeding 100, disclosed that 36% of those experiencing cyberattacks in 2023 saw significant interruptions to their operations, while 29% faced breaches involving personal data.

 

Key insights from Kordia survey

The survey yielded several key insights:

  • Nearly a third (28%) blamed incidents on failures or security lapses from third-party vendors.

  • A substantial 70% of executives admitted they would consider paying off cybercriminals.

  • Issues such as cloud misconfigurations or vulnerabilities in software were at the heart of 39% of the cyber troubles.

  • For about 46% of the affected firms, resolving cyber incidents stretched beyond a month.

  • Furthermore, the survey found that 69% of businesses acknowledged the repercussions of cyber incidents, with 46% indicating a recovery period exceeding one month.

Shift in cybercriminals' tactics

Alastair Miller, principal consultant at Aura Information Security, Kordia's cybersecurity advisory and testing consultancy, pointed out a shift in cybercriminal tactics towards targeting operational disruptions as a form of extortion, reflecting trends seen in global cyber incidents.

“Cybercriminals are financially motivated. What's interesting in this survey is it highlights the beginning of a trend where hackers are targeting operational downtime over stealing or encrypting data as a means of extorting their victims. This is in line with what we're seeing overseas, such as the recent DP World cyberattack in Australia,” he said.

Miller underscored the dire financial and operational stakes of such cyber disruptions, noting their potential to paralyse businesses swiftly and inflict extensive damage on supply chains and the broader economy.

Any cyberattack disruptive enough to cause a business to completely go offline can cripple a business in days, but the reality is that a major incident can take months to resolve – with costs running into the hundreds of thousands. For large businesses and critical infrastructure providers, like the ones we surveyed, operational downtime impacts can have knock-on effects for whole supply chains and our economy,” he said.

Human cost of cyberattacks

The study also shed light on the wide-reaching effects of cyber threats on New Zealand's populace, illustrated by a significant breach affecting 1 million local individuals.

The shortage of skilled cybersecurity professionals and the mental strain on employees within affected organisations were underscored as significant concerns.

How to navigate the cyber threat environment

To navigate the challenging cyber threat environment in 2024, Kordia advised businesses to focus on five key areas:

  • Effective recovery strategies

  • Incorporating security in cloud transformations

  • Adopting a risk-based approach to cybersecurity investment

  • Fostering a security-aware culture

  • Ensuring cybersecurity is a board-level priority