Electricity generator and retailer Meridian Energy has become an early adopter of PwC New Zealand's managed cyber defence (MCD) service.
The company told Parliament's transport and infrastructure committee it had engaged PwC to provide 24x7x365 monitoring of all endpoints and Microsoft cloud services using MCD, which is delivered using a follow-the-sun model from the UK and New Zealand locations.
MCD uses Palo Alto Network's extended detection and response (XDR) and security orchestration, automation and response (SOAR) monitoring service stack. The required Palo Alto agents and cloud integrations were fully deployed in auditing mode at the gentailer.
PwC's MCD arrived in New Zealand last year, prompting Palo Alto to build scale locally. The number of "boots on the ground" had tripled over the last 18 months, Palo Alto NZ managing director Misti Landtroop told Reseller News last March.
“This partnership will allow organisations to redeploy their IT teams to other crucial recovery or growth-enabling initiatives while ensuring the business is protected with an automated, enterprise-grade security service delivered in-country,” Landtroop said.
Like most organisations, Meridian continued to be subject to many phishing attempts over the last year.
"These attempts are either generic but large-scale or specific but at a smaller scale. The latter are called spear-phishing attacks," the company told the committee.
"Some Meridian staff have been targeted by spear-phishing emails; however, none of these attempts has been successful in causing a significant security incident due to our Microsoft Defender Advanced Threat Protection (ATP) email service, ongoing security awareness training and monthly phish simulation exercise."
Emails are passed through Microsoft Defender's ATP infrastructure and its associated security controls before entering Meridian's environment, delivering mail filtering, spam control, IP blacklisting and anti-malware security controls.
Earlier today, cyber defence agency Cert NZ reported another surge in threats and attacks.
Malware was up 1030 per cent from the third quarter, phishing was up 28 per cent and scams and fraud were up 16 per cent. Direct financial losses totalled $6.6 million, the highest total ever recorded by Cert NZ.