AWS targets continuous security compliance with new service for NZ government

AWS targets continuous security compliance with new service for NZ government

Continuous compliance boosted based on GCSB blueprint.

Tim Dacombe-Bird (AWS)

Tim Dacombe-Bird (AWS)

Credit: Supplied

AWS has launched a new security service, based on a blueprint developed with the Government Communications Security Bureau (GCSB), to help protect government agencies.   

The service aims to ensure agencies are continuously compliant across all security controls. 

Tim Dacombe-Bird, New Zealand country manager for the public sector at AWS said the New Zealand Information Security Manual (NZISM) Conformance Pack for AWS, would help government agencies and New Zealand organisations to assess the compliance of their AWS cloud environments against more than 150 NZ Information Security Manual controls. 

This enabled all AWS customers to make compliance a "continuous activity", he said.  

"These initiatives are part of AWS’s ongoing investment in New Zealand, which began eight years ago with the opening of our first local operations in Aotearoa," Dacombe-Bird said. 

AWS had tens of thousands of active customers in New Zealand using its services, he said.

New Zealand Government chief information security officer (GCISO) and Amazon Web Services collaborated to develop the resources

"For any organisation taking part in the digital world, it’s vital they take steps to ensure they do so in a way that is safe and secure for their staff and customers," Dacombe-Bird said. 

"Without the right protection, security incidents can cause harm, disruption and financial loss." 

Customers were bolstering their cyber security postures by moving from point-in-time compliance, to one of continuous assurance.

The New Zealand Information Security Manual (NZISM) Conformance Pack for AWS showed the real-time status of their environment in a user-friendly dashboard style report to help customers make compliance a continuous activity. 

Developing the NZISM Conformance Pack involved several public sector agencies, and it was accompanied by a comprehensive training and support program, Dacombe-Bird said.

"Our world-class core infrastructure is built to satisfy the security requirements for governments, global banks, and other high-sensitivity organisations," he said. 

In May, AWS launched the AWS security and privacy knowledge hub for New Zealand and Australian customers to build knowledge, capability, and security skills through local information, expert advice, and practical resources. 

This was part of AWS' commitment to invest in education and initiatives that support customers, partners, and industry, and help them build skills to unlock the full potential of the cloud. 

AWS also offers over 40 training and certification courses, self-paced labs, an AWS certified security specialty certification.

AWS NZ customers included Air NZ, BNZ, Contact Energy, Deloitte, Department of Conservation, Orion Health, Sharsies, UneeQ, University of Auckland, Vodafone, and Xero.

Several of these, including BNZ, are also users of Microsoft's Azure cloud services as they pursue multicloud adoption models.

AWS NZ now employed more than 100 people, Dacombe-Bird said.

Follow Us

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags complianceAmazon Web ServicesAWSGovernment Communications Security BureaugcsbCloudsecurity



Show Comments