New Zealand Police say they have made “significant progress” in tightening internal information security following a rapid review of system controls earlier this year.
The review, completed in June, led to a six-month remediation plan comprising 26 actions, eight of which have already been completed, according to Chief Information Officer Matt Winter.
The initiative was launched after concerns over inappropriate content access and potential misuse of police systems. Winter said the new safeguards include improved monitoring and random audits to detect improper activity, as well as updated website blocking categories and stricter approval for exemptions. “The new monitoring and alerting approach has already been successful at identifying use of concern which is now under investigation,” he said.
Among the reforms, exemptions to usual web restrictions must now be signed off by an Assistant Commissioner or Executive Director. Specialist devices previously operating outside the enterprise network are being moved under tighter oversight, with all procurement now subject to ICT and Chief Security Officer approval. Police also confirmed ongoing work to strengthen network defences against insider and external threats.
While Police have released the remediation plan publicly, some parts have been redacted for “security reasons”. The Executive Leadership Team continues to oversee implementation, with all remaining actions expected to be completed by the end of December 2025.
Yeah, bring in Digital ID …