Bridging the gap between business resiliency and cyber security in NZ

The gap between business resiliency and cyber security is narrowing as organisations battle against escalating economic pressures and accelerating societal headwinds in New Zealand.

From an economic standpoint, this is a market officially in a recession and heading into an election cycle following the recent change of Prime Minister. Societally speaking, the devastating impact of the Auckland floods and Cyclone Gabrielle remain while the country continues to emerge from the aftermath of COVID-19.

In other words, ongoing disruption is now the new normal for Kiwi organisations.

“We’ve seen these market factors at play,” noted Frazer Scott, CEO of Plan B. “Economically, this has been a conversation since last October and sales conversions certainly slowed down as a result of that.

“Then the flooding in Auckland had a massive impact on the economy and business confidence. It took a lot of cash out of the market and impacted insurance premiums meaning the cost of actually running a business – whether for IT firms or for customers – increased significantly.”

Such sentiment is echoed by recent PwC findings which highlight that immediate challenges such as inflation and macroeconomic volatility are dominating the agenda for local business leaders in New Zealand.

According to PwC’s 26th Annual CEO Survey, 76% of Kiwi leaders believe New Zealand’s economy will decline over the next 12 months, while only 39% are confident about achieving growth.

“There is naturally hesitation but we’re seeing a lot more interest and investment in the areas where cyber security and business resilience meet,” Scott added.

“We know that cyber security has always been a boardroom item but it’s now very much front and centre in New Zealand. While business resiliency has also evolved from just being point back-up or disaster recovery solutions.

“We’re seeing more appetite from organisations wanting us to interrogate their strategy and roadmap in these areas.”

Building business resiliency, strengthening cyber credentials

In assessing the current market landscape, Scott said resiliency remains a top priority “first and foremost” for local organisations.

“How long can you afford to be down as a business?” he asked. “Whether that’s a critical piece of internal IT going offline on-site or a distributed workforce struggling to gain access, we work through the continuum of that.

“That’s everything from redundancy and connectivity to leveraging technologies such as Starlink to ensure resilience is built-in from a network perspective. Plus, on-premises vs. public cloud vs. hybrid cloud and the stitching all of those different requirements together.”

Despite sizeable public cloud migration interest in New Zealand, Scott said lots of applications remain located across on-premises, hybrid cloud and private cloud environments.

“The conversation was very public cloud heavy 4-5 years ago but now businesses are building a strategy across multiple environments,” he added.

“Some customers still view cloud as ticking a box for a back-up solution – maybe yes but maybe no. We’re seeing that very few organisations are fully in the cloud so we’re pulling apart those plans and assessing what works very well in public cloud and what requires an alternative approach to ensure resiliency.”

Building on a business continuity heritage spanning more than 20 years in New Zealand, Plan B is moving ahead with plans to launch a dedicated cyber security practice in response to increased market demand.

“We’re getting pulled into recoveries from ransomware and crypto events, whether by the customer or by a third-party cyber firm,” Scott outlined. “Organisations have been in very distressing states and we’ve had to basically pick up bread crumbs to try and reconstitute a cake out of the situation.

“We’ve been successful at coming in to help organisations recover these types of environments but you do feel for those customers.”

Amid rising threat levels in New Zealand, Plan B’s cyber security practice is headed up by Rob Holmes – who joined the Auckland-based business in June – and is expected to officially launch in the coming weeks.

“Rob has a very strong pedigree in the industry and understands how to build this type of capability,” Scott added. “Our customers want us in this space given we look after a lot of their environments and we see this as a solution that underpins everything we’re doing in market.”

Under the guidance of Holmes – a security expert with over 25 years of industry experience – the business has restitched platform capabilities leveraging best-of-breed technologies to build immutability into back-up offerings.

“There’s a real focus on resilience in the market currently,” Scott added. “But it’s no longer enough to just have back-up. Rob offers us that advantage of knowing how to build security capabilities in an MSP and the vendors we want to partner with.”

Quoting Diego Nievas – Director of Product and Technology Innovation at Plan B – Scott shared the concept of Schrodinger’s back-up – “organisations don’t truly know if they have strong back-up until they try and use it”.

According to CERT NZ findings, financial losses as a direct result of cyber crime are up 66% across the country, reaching almost $6 million during the first quarter of 2023.

Within that context, 1,968 incidents were responded to by CERT NZ during the three-month period as phishing and credential harvesting, scams and fraud plus unauthorised access and malware attacks take centre stage.

“A few years ago, if a customer asked, who is Plan B? We would talk about being a technology infrastructure provider but we have now evolved into a resilient business company,” Scott added.

“We spend all of our time talking to customers about how they can become highly resilient and efficient. We’ve gone through refreshed products left, right and centre to ensure we are offering customers a good, better and best solution whether that’s across our infrastructure, data centre or cloud platforms.”