The Blog

Axenic’s 2025 year in review: The cyber risks that caught everyone’s attention

By Tim Rosenbrook, on 13 December, 2025

It has been a noisy year on the New Zealand cybersecurity front. Between regulatory shifts, the “always-on” threat of ransomware, and the scramble to secure remote workforces, finding clear, actionable advice hasn’t always been easy.

At Axenic, we’ve spent the last 12 months sifting through the cybersecurity headlines to send you only what matters. We didn’t just want to add to your inbox; we wanted to arm you with “plain English” clarity.

Now that the dust is settling on 2025, we’ve gone back through our data and in this blog we take a look at what actually grabbed your attention.

Turning the C & A process from painful to powerful

By Chathumini Samaranayake, on 19 November, 2025

When you hear certification and accreditation (C & A) you might immediately think of heaps of documents, long meetings, and ticking boxes.

Honestly yes, it can feel like a chore, and just something you do to keep the executives and auditors happy.

But if that is all C & A is to your organisation, then you’re missing the real point.

Cyberattack at an Airport – How Things Can Get Bad, Fast

By Lee Ledesma, on 17 October, 2025

You may have seen in recent news a hack of service provider Collins Aerospace, a provider of baggage and check–in services to several airports in Europe. I was getting ready to travel at the time and was flying out through London Heathrow airport (one of the affected airports), so I kept tabs on the developments. I wanted to be able to adjust my travel plans in case flights out of Heathrow were cancelled or delayed. An announcement on the airline website showed that all services were running normally, but I made plans to get there a little earlier than usual… just in case.

When your vendor gets compromised so do you: The importance of third-party continuous assurance

By Nadeev Silva, on 20 August, 2025

Recently, Qantas found itself in the spotlight—not because of a direct breach to its own systems, but because one of its third-party providers was compromised. This incident is a timely reminder that, your security is only as strong as the weakest link in your supply chain. As someone who recently travelled with Qantas, this incident was an eye-opener for me as well.

Axenic joins the Trust Framework Authority as an independent evaluator

By Terry, on 9 June, 2025

We’re pleased to share that Axenic has been accepted onto the Department of Internal Affairs (DIA) Trust Framework Authority (TFA) panels as an independent evaluator for both the security and privacy panels.

This appointment recognises our deep expertise in information security and privacy assurance, and Axenic’s continued contribution to building trusted digital services in Aotearoa.

Axenic Lightning Talks Series – March 2025

By Axenic Team, on 28 March, 2025

A few years back, we kicked off our own internal lightning talks—our way of having a good old geek-out over cybersecurity topics that get our Governance, Risk, Assurance, and Compliance brains buzzing. Think of it as a slightly more structured version of those deep and meaningful yarns we used to have around the office coffee machine… before COVID did its thing and made us all experts in online meetings awkwardness instead.

These blogposts are not written by one team member. The content is provided to you by the whole Axenic Team – or whomever attended on the day.

Get our news as it happens

Click here to subscribe to our newsletter