The guidelines address the risk of foreign entities stealing intellectual property or technology
The New Zealand intelligence agencies have released a new set of security guidelines aimed at protecting the country’s emerging technology companies from threats, particularly those posed by foreign state actors.
The Secure Innovation: Security Advice for Emerging Technology Companies guide was jointly published by the New Zealand Security Intelligence Service (NZSIS) and the Government Communications Security Bureau’s (GCSB) National Cyber Security Centre (NCSC).
The guidance targets the New Zealand tech sector, including start-ups. It aligns with best practice advice from intelligence agencies in other Five Eyes nations, including Australia, Canada, the United Kingdom, and the United States. This release follows a 2023 summit in Palo Alto, California, where Five Eyes intelligence leaders underscored the increasing threats to technology firms and introduced the “Five Shared Principles” for their protection.
Andrew Hampton, NZSIS director-general of security, emphasised that the new guidelines offer practical, cost-effective measures to embed security into everyday business operations without hindering innovation. “The idea is that security becomes built into everyday business practices right from the start in a way that doesn't inhibit innovation, but rather supports a start-up to be more robust, resilient, and ultimately more attractive to investors and customers,” Hampton stated.
The guidelines address the risk of foreign entities aiming to steal intellectual property or technology, potentially advancing their own industries or military capabilities. Hampton highlighted that espionage could be conducted both in person and through cyber channels, making it crucial for start-ups to prioritise security.
Andrew Clark, director-general of the GCSB, noted the dual challenges of New Zealand’s success in building a world-class technology sector and the associated risks. “New Zealand start-ups can be an attractive target for espionage and malicious cyber activity from state actors, but also competitors seeking commercial advantage, and criminal gangs looking to profit from weak security in order to exploit data relating to assets, customers, and people,” Clark explained.
This initiative aims to reinforce collaborative efforts among Five Eyes nations to counter common threats faced by tech businesses globally.