Information Security Archives

Axenic’s 2025 year in review: The cyber risks that caught everyone’s attention

By Tim Rosenbrook, on 13 December, 2025

It has been a noisy year on the New Zealand cybersecurity front. Between regulatory shifts, the “always-on” threat of ransomware, and the scramble to secure remote workforces, finding clear, actionable advice hasn’t always been easy.

At Axenic, we’ve spent the last 12 months sifting through the cybersecurity headlines to send you only what matters. We didn’t just want to add to your inbox; we wanted to arm you with “plain English” clarity.

Now that the dust is settling on 2025, we’ve gone back through our data and in this blog we take a look at what actually grabbed your attention.

New year, new cybersecurity!

By Jan Richardson-Tsoy, on 14 January, 2025

“New year, new you”, lets flip this and look at “New year, new cybersecurity”.

What are some of the assumptions and unconscious biases about cybersecurity that we can pull out and look at?

The New NIST Cyber Security Framework Is Coming

By Doug Newdick, on 8 August, 2023

We think that the new version of NIST’s Cyber Security Framework is a significant improvement. There’s one big change, but it is the lots of little changes that add up to a massive overall improvement. New Zealand organisations will still need to do some work to plug some of its idiosyncratic gaps, however. Read More

Kickstart Your M365 Implementation – Five Key Configurations

By Axenic Team, on 13 September, 2022

M365 implementations are common among organisations of varying sizes. We have recently completed an engagement to review the security configurations of one and decided to create a review framework. This post covers five key configurations that kickstart the security configuration of your M365.

The Russian invasion of the Ukraine raises a few cybersecurity questions

By Doug Newdick, on 28 February, 2022

Cybersecurity Impacts of the Recent Invasion

Primarily the story about the Russian invasion of the Ukraine is one of great human tragedy. Nothing I write here is supposed to take away from the fact that the main story is about the suffering of the Ukrainian people.

Even at the other end of the world here in Aotearoa New Zealand, however, there will be impacts. Though they may just be echoes of the fury in Europe. It’s no secret that cyber attacks are part of Russian military strategy, nor that New Zealand organisations have been the victims of Russian cybercriminals. So what effects – if any – will the war in the Ukraine have on cyber security here?

The Grass Looks Greener from Here: Cyber Security Should Be Like Health and Safety

By Doug Newdick, on 7 December, 2021

All the experts agree – cyber security should be an organisation-wide concern. And yet, in my experience too many organisations, and too many people in those organisations think that cyber security is solely the concern of (a) the security team, or (b) the IT/digital team. In case you need convincing my favourite response is that if there is a cyber-attack (or incident) then it is not the IT team’s job that is at risk, but part of the organisation (if the HR system is compromised it is the HR team who won’t be able to work, not the IT or security teams). Who knows what the impact is of an attack? It’s not IT, that’s for sure. And who is best placed to balance off the needs of the organisation with the cyber risks? It’s not security: if you left it up to me, I’d turn everything off! That’s the only way to be sure (and I get no benefit from it being on, so…)

The Blog

Category: Information Security