Incident Response Solutions – 2024 Review
As 2024 ends, this bulletin reflects on the year’s key milestones in our Incident Response services and the progress made in supporting our clients’ cybersecurity readiness and resilience.
Workshops and Strategic Initiatives
Australia Collaboration. The year began with trips to Australia, conducting workshops to enhance incident response preparedness and attending a significant cybersecurity conference. This event highlighted the latest Australian Cybersecurity Strategy, setting the tone for ongoing client engagements throughout the year when either responding to cyberattacks or advising on emerging trends in risk mitigation.
Ransomware Preparation. February also saw a number of workshops with boards and executives to assist them in better understanding how they can best prepare for the ever-increasing risks associated with Ransomware. By using published frameworks supplemented by our extensive experience in assisting clients navigate a Ransomware attack, it has been pleasing to see considerable developments be made in this space across New Zealand boardrooms.
Cyber Governance for Professional Services. Following several high-profile ransomware attacks affecting professional services over the last few years, we were invited to numerous conferences to detail the extent of cyber crime in New Zealand. We received a record number of follow-on enquiries, which has resulted in a significant uptake of our cyber governance services. Using a proven methodology, we supported firms in navigating their IT providers, conducting cybersecurity self-assessments, and drafting actionable roadmaps to achieve their improvement goals.
Incident Simulation Workshops. Client feedback underscores the value of cyber incident simulations as a critical investment. If you’re looking for new ways in 2025 to raise the awareness and preparedness of your organisation, please feel free to contact us to discuss a cyber incident simulation. We typically see a follow-up simulation being booked shortly thereafter to leverage and progress the benefits of the initial workshop.
Incident Trends and Mitigation
Business Email Compromise and MFA Token Theft. New Zealand organisations again fell victim to a significant number of serious cyber incidents in 2024, with business email compromises (BEC) and multifactor authentication (MFA) token theft leading the trend. In our May bulletin, we detailed mitigation strategies, but recent cases indicate gaps in implementing Microsoft’s recommended safeguards. We urge organisations to address these vulnerabilities immediately to reduce risk exposure.
Ransomware remains amongst the top types of attack, and while we’ve seen some disruption as a result of the good work of local and international law enforcement, organisations must ensure they are appropriately equipped to respond to an attack be it on their own environment or a third party, such as a cloud service provider.
Innovative Solutions
This year, we have continued to use advanced AI tools to enhance our offerings. For instance:
- Organisations have also sought more guidance from us in relation to effective cybersecurity awareness programs. In response, we launched cybersafehq.com in 2024, offering content tailored to the CIS Controls along with upcoming modules for law firms. To enhance the experience, we are featuring video content from resources such as OpenAI’s ‘Sora.’
- Our AI-enhanced investigation and e-discovery solution allows investigators and legal teams to interrogate datasets securely and efficiently, uncovering critical evidence.
- Our newly developed Post-Incident Review (PIR) platform automates participant feedback collection, root cause analysis, and trend identification. This innovation delivers executive-ready reports at a fraction of traditional costs, enabling actionable insights with greater affordability.
We have been assisting law firms to better understand how to get the best out of AI tools in 2024 and beyond, contact us if you would like to learn more.
Whistleblower Platform
New Zealand’s updated Protected Disclosures Act drove increased adoption of our whistleblower platform in 2024. This low-cost, high-quality service remains an effective tool for uncovering fraud and misconduct, helping organisations maintain integrity and accountability.
Looking Ahead
As we prepare for 2025, we look forward to continuing to help organisations strengthen their cybersecurity posture. If you’re seeking ways to elevate awareness, preparedness, or governance, please contact us to discuss your needs.
About the Bulletin:
The NZ Incident Response Bulletin is a monthly high-level executive summary containing some of the most important news articles that have been published on Forensic and Cyber Security matters during the last month. Also included are articles written by Incident Response Solutions, covering topical matters. Each article contains a brief summary and if possible, includes a linked reference on the web for detailed information. The purpose of this resource is to assist Executives in keeping up to date from a high-level perspective with a sample of the latest Forensic and Cyber Security news.
To subscribe or to submit a contribution for an upcoming Bulletin, please either visit https://incidentresponse.co.nz/bulletin or send an email to bulletin@incidentresponse.co.nz with the subject line either “Subscribe”, “Unsubscribe”, or if you think there is something worth reporting, “Contribution”, along with the Webpage or URL in the contents. Access our Privacy Policy.
This Bulletin is prepared for general guidance and does not constitute formal advice. This information should not be relied on without obtaining specific formal advice. We do not make any representation as to the accuracy or completeness of the information contained within this Bulletin. Incident Response Solutions Limited does not accept any liability, responsibility or duty of care for any consequences of you or anyone else acting, or refraining to act, when relying on the information contained in this Bulletin or for any decision based on it.
Incident Response Solutions 