CISO Interview - Sonny Taite - Health Informatics New Zealand

eHealthNews.nz: Information Governance

CISO Interview - Sonny Taite

Monday, 6 February 2023

Share |

VIEW

Sonny Taite Tatahau (Sonny) Taite, Ngāi Te Rangi, Ngāti Awa, is National Chief Information Security Officer (CISO) for Te Whatu Ora, with responsibility for cyber and information security across New Zealand’s health sector.

Q: When did you first become interested in cyber security?
My uncle worked in the communications and security branch of the Royal New Zealand Navy. He encouraged me to join and pursue a similar pathway which I did at 18 – the earliest age possible. Military and defence tend to be early adopters of technology – so, I was introduced to the foundations of security and intelligence that form what we know today as cyber security.

Q: What does being a CISO in New Zealand’s health sector involve?
Advisory and leadership play a large part of the role especially as we move towards Pae Ora. Staying up to date on the threats we are facing goes along with that, acknowledging across New Zealand and Australia, there’s news of cyber-attacks, compromise or data breaches every week in the media. Our strategy needs to incorporate how we respond when a security incident happens rather than “if” it might happen.

The National CISO role is about working together as a national team, planning where we direct our National Cyber Security Uplift programme and workstreams is also a top priority. We need to build on resources to achieve a maturity uplift across the motu so designing nationally and supporting regions to tailor regional delivery is critical.

Q: How are you helping to provide pathways for young people to get into cyber security?
With Māori significantly under-represented I have been working with a collective of people, iwi and organisations to develop a digital apprenticeship framework that will support more rangatahi Māori and non-Māori youth to work in cyber security and the health technology area. Together we’ve developed a NZ Cyber Security Diploma that is delivered by Te Pūkenga.

We are also building a future talent strategy for our Te Whatu Ora data and digital team. The plan is to prototype a ‘Cyber Academy’ in early 2023. This will be a new pathway. Learners in this cohort will work with our National Cyber Security Uplift programme on a collection of exciting and modern security tool implementations.

Q: What kind of difference can robust cyber security practices make in a health setting?
If we get the balance right, a good cyber security approach and culture will allow all of us to move more quickly. We can implement new health focused technologies faster and feel confident we have the right protections in place from day one.

Q: Is there anything you’d like kaimahi to think about cyber security?
I encourage people to think about good cyber security practices as not just a work skill but a life skill. Improve your privacy settings on social media accounts and be more aware that criminals will attempt to trick you into divulging or sharing them.

There were four core messages during this year’s Cyber Smart Week that are really helpful. These are: Long and strong passwords, two factor authentication (like password and an email), boosting your privacy settings on social media and updating the systems on your devices.

Don’t use the same password at home, on socials AND at work. Keep them separate and use a password manager for home so it’s easy to change when the inevitable password breach happens.

Q: When you’re not working in the cyber security space, what do you do in your free time?
If there’s no surf (in the sea not on the net), I spend my time bringing classic motorcycles back to life. Usually 60s-70s Harleys, Triumphs or Hondas but I’ll consider anything that will help me learn. Both of these may be considered more of an addiction than a hobby, but I really find it a lot of fun.