Cyber threat detection rolled out nationwide

eHealthNews.nz: Information Governance

Monday, 4 December 2023

Share |

NEWS - eHealthNews.nz editor Rebecca McBeth

A national cyber threat detection system will cover all Te Whatu Ora districts by the end of the year, with the highest severity threats investigated within 15 minutes, the national chief information security officer (CISO) says.

Sonny Taite presented at the closing of Digital Health Week 2023 and said the national cybersecurity team is focused on three strategic priorities; defence, resilience and capability.

The team now has greater visibility of what is happening across the motu using an Intelligent Threat Informed Defence system, which is on target to cover all Te Whatu Ora districts by the end of December, including some of the shared services agencies and major programmes.

In November, this detected 87 billion security signals of which around 28,000 were threat intelligence signals and 5000 determined to be security events of interest.

You’ve read this article for free, but good journalism takes time and resource to produce. Please consider supporting eHealthNews by becoming a member of HiNZ, for just $17 a month.

Those are rated in severity, and the highest are investigated by the national security operations team within 15 minutes.

Taite told attendees the use of AI is promising in terms of cybersecurity response.

“Generative AI is going to help us look at the 87 billion signals and start to investigate whether there are any other things inside that data set that we need to know about and take notice of in terms of security,” he told the audience.

A new Cybersecurity Coordinated Incident Management Team within Te Whatu Ora has been developed to respond to security incidents and its first test was during Cyclone Gabrielle.

“We were not quite ready at that point to provide a really centralised and coordinated response, but we started learning immediately,” Taite said.

From that experience, 50 groups of actions were picked up and 70 percent have been implemented, with 100 percent completed by the end of this year.

Some of those learnings have been incorporated into a new booklet and poster to help primary care providers with cyber incident response advice, which was launched at Digital Health Week in Hamilton.

Taite spoke about the need for ‘security by design’ to enable the relatively small security team to manage the scope and scale of major digital programmes.

He said security is often seen as a “gate to go through”, but they are working to build it into the entire process, starting at the proposal stage.

He said a survey of Te Whatu Ora employees revealed that 82 percent believe caring for patient data is as important as caring for the patient and 89 percent said protecting patient data is top of mind when they work.

More than 109,000 people across the organisation have now been onboarded to a new security awareness platform, which provides phishing simulations and education on other security threats.

By the end of 2023 more than 200 people will have been trained in the Coordinated Incident Management System (CIMS), of which 60 were from the Primary Health Organisation space.

A Cyber Academy, in collaboration with Te Pūkenga, Microsoft, Tokona Te Raki and TupuToa, has also been developed to boost diversity in the security workforce.

This year, seven of the Māori Pacific cohort spent three months at Te Pukenga and three months training as apprentices at Te Whatu Ora. They all graduated in November are now working in the national cybersecurity teams.

“We are looking to expand this in the next phase to have a more data and digital focus. Cybersecurity will become one module and we need to work out what other modules should be put inside the programme,” Taite said.