- Posted March 04, 2026
- Director-General Speeches
Wednesday 4 March, 2026
Good afternoon Prime Minister and Committee members.
Thank you for the opportunity to provide an update on the work of the Government Communications Security Bureau (GCSB). I have a few opening comments to offer, before I hand to Andrew Hampton for some NZSIS comments, and then we’re happy to take any questions.
Threatscape
Starting globally, over the past year the volatile geostrategic environment and the rapid pace of disruptive technologies have been key factors shaping our core business, which is delivering signals intelligence and building cyber resilience for New Zealand.
This unpredictability is effectively moving the goalposts of what resilience looks like, and it requires a more proactive approach to detecting and disrupting threats in close cooperation with others.
Intelligence
In this changing environment we’ve provided intelligence relating to terrorist activity and to foreign state activity, where that could threaten the safety of New Zealanders and international partners. Conflict and tensions have sometimes arisen with little notice. This week’s major conflict in the Middle East is no exception, and our team has been providing round-the-clock threat intelligence updates to our customers, especially to the NZDF and MFAT.
Closer to home, we provided intelligence about geostrategic and military activity that affects the security of our region and New Zealand more directly.
We also boosted our impact on transnational organised crime in the Pacific, through a dedicated mission under Operation KIWA with Customs, the NZDF, and in close cooperation with regional partners. Just this year, this has already led to the seizure of several tonnes of narcotics at sea.
Domestically, we supported agencies, including the NZSIS, in their efforts to counter terrorist activity and foreign interference.
Cyber
Turning to cyber security, the geostrategic environment and the pace of technology are again key factors shaping our cyber threatscape.
The National Cyber Security Centre recently highlighted five key themes of New Zealand’s current environment. First, that foreign state-sponsored actors continue to be active in targeting our country’s networks; second, that cyber criminals are accessing technologies that allow them to commercialise their activities at a greater scale; third, that issues-motivated hacktivists are targeting New Zealand organisations as a byproduct of global conflicts; fourth, that cyber threat actors are increasingly targeting organisations through their supply chains; and finally but importantly, it is known weaknesses and unpatched vulnerabilities in organisations’ networks that continue to provide threat actors with easy access in many cases.
Recent New Zealand cyber events, including the attacks on Manage My Health and MediMap, fit within these themes.
While the NCSC uses several tools to detect and defeat threats, including CORTEX and Malware Free Networks, which recently clicked over 1 billion disruptions of threats to the country’s networks, these tools are having to adapt as technology and threats change. Of course, we have never been a national firewall and so everyone has a part to play. Over the past year we’ve strengthened our engagement with critical infrastructure providers, who are becoming higher profile targets for malicious actors. Consultation with these key organisations is now underway about potential cyber security regulation. We are also increasing our outreach to South Pacific partners to help lift cyber resilience across the region.
GCSB Resilience
In terms of our own resilience, I am pleased to advise the committee that in June, the new all-of-Government data centre, named Mātai, was opened at Whenuapai in Auckland.
On the financial front, the GCSB has been managing sustainably within its budget, largely absorbing cost pressures to date, although I do note that the competition for talent is getting stronger.
Looking Ahead
Looking ahead the rapid pace of technology development is going to present both security challenges and opportunities. We are already seeing this with AI, but expect this to also happen in the areas of quantum computing and cryptography. Some shifts may be hard to predict and could occur at short notice, meaning that we may have to adapt quickly. So being both proactive and agile will be important.
In that environment, collaborative problem solving with our close international partners will make all the difference, as of course will the talented people at GCSB that I am very fortunate to lead.
I will now hand over to my colleague Andrew Hampton from the NZSIS.