Cloudtria brings your simple and effective cyber security strategies with top New Zealand cyber security specialists.

info@cloudtria.com
+64 9 553 6489
Cloudtria Protect
  • Home
  • About Us
  • Services
    • Managed Detection and Response
    • Cloudtria Hosting
  • Blog
Contact Us
    Contact Us
      • Home
      • Blog
      • the cert nz merger: simpler cyber reporting for small businesses

      The CERT NZ Merger: Simpler Cyber Reporting for Small Businesses

      It is a long established fact that a reader will be distracted by the readable content of a page when looking at its layout.

      The CERT NZ Merger: Simpler Cyber Reporting for Small Businesses
      Daryl C
      1 Aug, 2025
      0 Comment

      This week, the government quietly confirmed what many in the cyber security community have long anticipated, CERT NZ has been formally merged into the National Cyber Security Centre (NCSC), creating a single point for incident reporting and cyber advice.

      You’d be forgiven for missing the announcement. The change came with little fanfare, but it marks a major shift in how cyber security will be delivered and communicated in Aotearoa New Zealand.

      The move brings together two of New Zealand’s core public cyber agencies under one umbrella, with a new single reporting point for cyber security incidents:
      • www.ncsc.govt.nz/report
      • 0800 114 115

      The CERT NZ brand and website have now been retired. In their place, the NCSC has assumed responsibility for handling cyber reports from individuals, small businesses, corporates, and critical infrastructure operators alike.

      This structural shift is intended to streamline support and provide better visibility of the threat landscape across the economy.

       

      Why the change?

      For years, New Zealand’s cyber security ecosystem has been described as fragmented. Victims of cyber attacks — from SMEs to enterprise — often found themselves navigating a “merry-go-round” of agencies: CERT NZ, NCSC, Police, the Privacy Commissioner, and more.

      A Cabinet-commissioned report in 2022 from the Cyber Security Advisory Committee (CSAC) highlighted this confusion and recommended a “single front door” for cyber security — a one-stop place to report incidents, get advice, and access recovery support. The report stressed:

      • Victims were unsure who to contact

      • Multiple agencies often duplicated efforts or failed to coordinate

      • Reporting and triage functions were inconsistent

      • Support was generic and lacked tailored, actionable advice

      The new integrated model aims to resolve these issues by creating a consolidated national capability inside NCSC.

       

      What’s different now?

      • One website and phone number for all incident reports
        All reports now go to the NCSC — regardless of whether you're an individual, a school, a business, or a government agency.
      • Updated website experience
        The new NCSC site includes more accessible content for both the public and private sectors, and continues to link to OwnYourOnline.govt.nz for simplified guidance aimed at everyday users and SMEs.
      • More consistent triage and advice
        The centralisation of CERT’s operational team into NCSC is expected to improve case handling, reduce delays, and deliver advice with greater clarity and technical accuracy.
      • Enhanced visibility of cyber threats across the economy
        With one reporting platform, the government can now better analyse threat trends and prioritise support across sectors.

      What’s still at stake?

      While the merged structure ticks the “single front door” box, the success of this model depends on more than just architecture. It must work in practice for those who need it most — the local retailer hit by ransomware, the community trust managing sensitive data, the school dealing with phishing attacks.

      The original CSAC report called for a front door that was:

      • Victim-centric — offering proactive, human-centred case management

      • Inclusive — capable of supporting iwi/Māori, underserved communities, and regional organisations

      • Trustworthy — seen as independent, transparent, and responsive

      As the NCSC assumes this new public-facing role, it must evolve beyond its traditional national infrastructure and intelligence remit to deliver everyday support in a way that builds confidence and trust across the country.

       

      Final thoughts

      This integration marks a significant moment for cyber security in Aotearoa. It simplifies the map — but simplification is not the same as support.

      The success of this model hinges on how well it serves real people in real moments of need. Agencies must now focus not just on visibility, but empathy. Not just on consolidation, but accessibility.

      The front door is built. Now it needs to be kept open, approachable, and well-resourced.

       

      Topic: cyber-security
      Daryl C
      Daryl is the founder of Cloudtria and a seasoned cyber security leader based in New Zealand. With over 20 years of experience across financial services, infrastructure, and enterprise IT, he specialises in practical security strategy, threat detection, and incident response. Through Cloudtria, Daryl helps organisations navigate real-world cyber risks with clarity, confidence, and local expertise.
      Daryl C
      Assessing Data Security Risks in DeepSeek AI Assistant Integration
      Share:

        Category

        • cyber-security
        • Culture
        • consultancy
        • Governance
        • Microsoft
        • cloud
        • migration

        Popular Post

        Assessing Data Security Risks in DeepSeek AI Assistant Integration
        11/04/2025
        Securing Digital Identities: The Key to Protection
        17/07/2024
        The CERT NZ Merger: Simpler Cyber Reporting for Small Businesses
        01/08/2025

        Related Blogs

        Maecenas eget condimentum velit, sit amet feugiat lectus. Class aptent taciti.

        Daryl C Daryl C
        11/04/2024 10:15:00 AM
        Cracking the Code: Identifying Sophisticated Phishing

        In this blog post, we will delve into the world of phishing attacks and uncover the latest trends in email-based cyber threats. From advanced...

        Daryl C Daryl C
        6/04/2024 1:30:00 PM
        The Questions Your Business Should Be Asking About AI

        Explore the essential questions every business should consider when it comes to AI implementation.

        Daryl C Daryl C
        5/04/2024 9:49:09 PM
        6 Easy Steps For Promoting A Culture Of Cyber Security

        Learn how to foster a culture of cyber security within your organization with these simple yet effective steps.

        Subscribe To Our Cyber Briefing

        Get the latest security insights, practical tips, and news from the team — delivered monthly in the Cloudtria Dispatch.

        No jargon. No spam. Just smart updates for smart businesses.

        Cloudtria_h75_rev

        At Cloudtria, we’re here to help New Zealand businesses stay secure, make smart decisions, and move forward with confidence.

        • CLOUDTRIA
          • About Us
          • Blog
          • Terms
          • Privacy Policy
          • Contact Us
        • SERVICES
          • Managed Detection and Response
          • Web Hosting
        • NEED HELP
          • Under Attack?
          • Report to CERT NZ
          • NZ Government Cyber Safety Advice
        CONTACT INFO
        info@cloudtria.com
        +64 9 553 6489
        PO Box 302379, North Harbour, Auckland 0751

        ©2025 Cloudtria Limited. All rights reserved.
        NZBN: 9429050311040