Parliament appoints first CISO, outlines ICT plans
- 26 July, 2018 08:00
With hostile state and non-state actors increasingly targeting democratic governments, New Zealand's Parliament is boosting its cyber security defences with a specialist team.
Parliamentary Services' first chief information security officer (CISO) arrived this month to lead a small team of specialists shoring up the legislatures's defences.
After a career in Police, newly-minted CISO Steve Honiss moved to Interpol in Singapore, where he was national cyber review manager, according to his LinkedIn profile.
Most recently Honiss worked as cyber security manager in "the New Zealand government sector".
In that role he managed "high performing teams of cyber threat analysts, incident responders and forensic analysts" and had "operational critical incident command" involving multi-agency responses.
The new CISO role was funded in Budget 2017 along with four additional cyber security positions and further changes to some job descriptions and reporting lines - appointments to the other new cyber security roles are expected during this financial year.
The service also told Parliament it has developed a cloud adoption and migration strategy, budgeted at $825,000 among other projects.
The cloud project began in 2017/18 to ensure the service follows a "controlled and managed pathway" to the adoption of the cloud within existing base spending - design and development kicked off this month.
"The objective is to deliver the streamlined information system and technology operational model that leverages modern cloud-based infrastructure capabilities (IaaS, PaaS and SaaS) with neutral or beneficial impact on total cost of ownership," the service said.
"Impact on funding will be considered at each phase of the project."
The service is also part way through a multi-year programme to simplify the parliamentary environment, to rationalise and standardise systems before transitioning them to the cloud.
A particular emphasis is making the parliamentary precinct network more resilient and improving the digital security posture of the precinct.
Meanwhile, a number of new projects are also planned for delivery during the year to ensure applications and infrastructure remains stable and supportable.
A core network refresh to be implemented next year is budgeted at $770,000. CRM enhancements are expected to cost $360,00 while human resource systems strategy will be created and systems streamlined for $390,000.
Core application upgrades are expected to cost $543,000.