The Summit
s Cybersecurity Landscape
National Policy, Strategy
Gain C-level cyber risk leadership and resilience. Real-World Threats, Real Solutions
Explore AI attacks, live-breach lessons, identityfirst & zero-trust. Peer Insight, Valuable Connections
High-value networking with 400+ delegates. Join roundtables.
Headline sponsor
Nick
Dynon
Chief Editor
Nick has written for NZSM since 2013. He writes on all things security, but is particularly fascinated with the fault lines between security and privacy, and between individual, enterprise and national security.
Prior to NZSM he clocked up over 20 years experience in various border security and military roles.
Contact Details:
Chief Editor, Nick Dynon
Phone : + 64 (0) 223 663 691
Email: nick@defsec.net.nz
Publisher, Craig Flint
Phone: + 64 (0)274 597 621
Email: craig@defsec.net.nz
Postal and delivery address: 27 West Crescent, Te Puru 3575, Thames, RD5, New Zealand
Kia ora and welcome to the April-May 2026 issue of New Zealand Security Magazine! The calendar year is flying past, and a new financial year has already begun!
As always, a very big thanks to our wonderful advertisers. Our advertisers are businesses that are committed to our industry. Through their sponsorship of this magazine they play an important role in contributing to a vibrant and informed security sector.
In this issue of NZSM, we feature a diverse range of news and commentary covering myriad aspects of Aotearoa’s security industry, from AI cyber threats to the “chronically undervalued” work of security officers.
Since my article in the February-March issue of NZSM on New Zealand’s retail crime statistics , my argument that we’re all working off flawed data has gained plenty of attention… and some detractors. Following republication of the article in Newsroom, the argument has been the subject of an RNZ interview and articles in several industry publications in NZ and abroad. The data is flawed, yet many within our industry are clearly okay with that.
The problem with misleading retail crime stats is that they become the basis for sensationalised media reports, misinformed government responses, and dubious security investments. Our supposed retail crime epidemic is providing the justification for investments in obtrusive tech – like facial recognition – that to many New Zealanders has no place in our supermarkets.
Don’t get me wrong. I support the deployment of facial recognition technology in contexts where there is an established social licence for doing so. The available research tells us that the use of FRT to prevent the entry of selfdeclared gambling addicts into casinos, for example, is widely accepted, as is its use at airports and ticketed venues and high-security sites. But just because the tech exists, it doesn’t mean that the public are okay with being subjected to it when buying their groceries.
I’m well aware that my position on this topic is not one widely shared among my security industry colleagues, but there it is… and I welcome for publication any well researched articles that offer contending views.
On the associations front, we feature NZSA CEO Gary Morrison’s most recent newsletter and we catch up with the latest updates from the NZSA Special Interest Groups.
Also inside, recent product releases, New Zealand’s cybersecurity strategy, avoiding the mistakes of the COVID-19 response, the problem with ‘stupid rules’, Charlie O’Donnell calls it a day, Brian Switalla celebrates a double milestone, and much, much more.
If you haven’t already, consider subscribing to our regular eNewsletter THE BRIEF . It’s a great way to keep up to date with the latest. If you’re not already an NZSM subscriber, make sure you visit www.defsec.net.nz to sign up!
Keep safe. Nicholas Dynon, Auckland
Disclaimer:
The information contained in this publication is given in good faith and has been derived from sources believed to be reliable and accurate. However, neither the publishers nor any person involved in the preparation of this publication accept any form of liability whatsoever for its contents including advertisements, editorials, opinions, advice or information or for any consequences from its use.
Copyright: No article or part thereof may be reproduced without prior consent of the publisher.
June/July 2026
Wholesalers and Manufacturers, Perimeter Protection, Alarms, CCTV
Social Media
linkedin.com/company/ defsec-media-limited
Bringing together the right people, the right partners, and the right technology to deliver holistic, integrated services that enable combat-ready forces. Ready bases. Ready people.
The NZSA’s Special Interest Groups (SIGs) play an important role in advancing the security industry. Four SIG Chairs share their most recent updates, including a report from the recently formed HR/Employment Relations SIG.
The NZSA operates a number of SIGs covering critical aspects of the security industry. These include SIGs for Training & Professional Development, Electronic Security, Security Consultants, and HR/ Employment Relations, as well as the New Zealand Information Security Forum (NZISF).
Each SIG consists of a group of volunteers from within the NZSA membership and invited participants with an interest and expertise in particular areas of security and a commitment to advance the industry. The role of the SIGs is to support the Association and its activities and maintain and improve growth and relevancy of the NZSA.
The groups provide support to the key objectives of the association and deliver/support key activities that benefit the wider membership.
Functions performed by the SIGs can include improve the quality of products and services in the industry, providing input into the development of industry guidelines and standards, contributing to NZSA codes of practice and documentation of the Association, promoting career pathway opportunities, developing external relationships, and assisting in the preparation of submissions to regulatory bodies.
Ultimately, they are a forum for members with aligned interests who meet regularly to exercise their expertise – and to enrichen it – in the service of the security industry.
The NZSA newsletter periodically publishes reports by the Chairs of the SIGs. The following updates featured in the Association’s March newsletter:
The New Zealand Security Industry is at an important turning point, and I am encouraged by the progress being made through the collective efforts of the NZ Security Association (NZSA), Service IQ, Services ISB, and our wider industry partners.
The transition to the merged Service IQ and Services ISB has created a more aligned and efficient training system for our sector. From February 2026, updated COA programmes and the enhanced Security Level 3 qualification will begin rolling out, aligned to nationally approved skill standards and designed to lift consistency and quality across the industry.
A key priority for NZSA has been addressing long‑standing variability in entry‑level training. The work underway to establish a nationally standardised COA curriculum is a significant step forward, providing clarity around course duration, delivery, and trainer standards, and giving employers greater confidence in the capability of newly trained officers.
Alongside these national reforms, NZSA is also taking direct, practical action. The Association is making pre‑employment security training available to members at nominal cost, ensuring new entrants can begin their careers with a baseline understanding of professionalism, legal responsibilities, and workplace expectations before they are deployed.
This is an important step in reducing risk, improving behaviour on the frontline, and supporting employers to build safer teams from the outset.
Quality assurance remains a strong focus. Pre‑moderation is already in place, post‑moderation frameworks will shortly be published, and from April 2026 NZSA will introduce annual self‑audits supported by clear codes of practice. These measures are about lifting standards, supporting good operators, and reinforcing trust in our profession.
NZSA continues to advocate strongly for mandated training and licensing, particularly for security officers operating in higher‑risk roles. We remain clear in our position: training is a critical risk control, not an optional extra. Well‑ designed training pathways—supported by clear career progression options—will improve safety, reduce legal risk, and enhance industry credibility.
This work is not just about compliance. It is about investing in
people, strengthening professionalism, and ensuring security officers are properly prepared for the responsibilities they carry.
I encourage all members to engage with these initiatives, support pre‑employment and ongoing training, and see this moment as an opportunity. Together, we are building a safer, more capable, and more respected security industry for New Zealand.
We welcome enquiries from industry participants who would like to participate in the STPDSIG contact Andy Gollings on andy@redbadge. co.nz.
Andy Gollings, STPDSIG Chair
The SCSIG kicked off its year with a meeting on 19 February. Under discussion were the three options for enhancing Security Officer powers being considered by the Ministerial Advisory Group (MAG) on Victims of Retail Crime, the NSW Coroner’s report into the Westfield Bondi Junction attack, and the recent tribunal outcome in Australia in relation to Bunnings’ use of live facial recognition technology (FRT).
With the MAG winding down over the next couple of months, we are looking to understand what the landscape will look like in terms of government industry engagement on retail crime going forward.
The Inquest into the deaths at Westfield Bondi Junction (Volume 2) also makes for worthwhile reading. It’s a long document, but only small sections of it are directly relevant to security consultants and operators. As a recent and ‘near’ example of a tragic armed attack incident in which operator security preparedness and private security personnel played a key role, there are relevant takeaways for us in Aotearoa.
There’s been a lot of media coverage of the Bunnings FRT decision by the Australian Review Tribunal, and much of it points to Australian retailers now effectively having a ‘green light’ to deploy the technology in their stores. As usual, the reality isn’t quite so clear cut. In short, the ART decision provides good detail around the specific considerations relevant in Bunnings’ case, and this is well worth a read.
Closer to home, planning is underway for this year’s Security of Crowded Places Forum, and the NZSA will publish details on this in the near future.
Lastly, due to other commitments, Jonathan Howe has called time on his role as Chair of the SCSIG. On behalf of the SIG, I’d like to express my gratitude to Jonathan for his hard work, strategic vision, and high energy over the past couple of years to nurture the group into what it is today. His are big shoes to fill.
If you have any Security Consultant areas of interest which you feel deserves NZSA focus please contact Nick Dynon on nicholas.dynon@ opticsecuritygroup.com or Gary Morrison on gary@security.org.nz. Nick Dynon, SCSIG Chair
At the last meeting in February the group was updated on, and provided feedback, on a number of matters including progress on the review of AS/NZS Standard 2201.1.2007 Intruder Alarm Systems in Client Premises, the vocational education changes with the move from WDC’s to ISB’s, the voluntary recall notice for asbestos contaminated fire doors, and the potential impact in New Zealand of the recent successful appeal by Bunnings re the use of FRT (Facial Recognition Technology).
Post the last meeting, group members have been provided with the final draft of the revised AS/NZS 2201.1 and identified several areas for further consideration, particularly where specific to New Zealand best practice.
I also note that we have had several resignations from the ESSIG due to
role and employer changes and we are happy to extend an open invitation to those with a passion for the electronic sector and feel they can contribute to lifting industry standards, developing and promoting career pathways, and providing expert guidance to the NZSA executive.
The group meets online bi monthly for one hour and we welcome member participation, and invite those who may be interested to contact either Mike McKim on mike@channelten.co.nz or Gary Morrison on gary@security.org. nz for further information.
Mike McKim, ESSIG Chair
I’m thrilled and honoured to have been appointed Chair for the recently established HR/ER SIG and look forward to working with the SIG and NZSA in lifting standards and compliance across our sector and providing expert guidance in support of submissions to government agencies.
Our initial focus has centred on the confusion that currently exists with the interpretation of Part 6A of the Employment Relations Act which covers the rights of employees to
transfer to a new employer on the same terms and conditions. This is a critical issue for the industry and provides important protection for workers.
The SIG will be working closely with the NZSA Executive to review and develop Good Practice Guidelines that is supported by legal advice and provides a clear set of protocols and directions for all industry employers.
Outside of this focus the SIG is actively monitoring how case law develops with the massive sweep of changes to the Employment Relations Act that received Royal Assent earlier this week and the proposed changes to the Holidays Act. We will provide guidance on industry submissions as required.
As we’re a newly established SIG with a relatively small group of members but welcome expressions of interest from those who would like to participate. We currently meet online bi monthly for one hour so time commitments aren’t excessive. If you are interested please contact myself napat@redbadge.co.nz or NZSA CEO, Gary Morrison on gary@security.org. nz.
Napat Pawapootanon, HR/ERSIG Chair
Marty Rickard, OT Security specialist for Nozomi Networks, states that the recently released national cybersecurity strategy is a good start for improving critical infrastructure security.
“Digital technologies underpin nearly every aspect of our lives and have provided our society and economy with unprecedented opportunities for connection and growth. This connectivity, however, exposes New Zealand to an ever-rising tide of malicious cyber activity.”
This commences the ministerial foreword to New Zealand’s Cyber Security Strategy 2026 2030 by Prime Minister Christopher Luxon in his capacity of Minister for National Security and Intelligence.
A key priority of the Strategy is strengthening the cyber security of New Zealand’s critical infrastructure system, including the adoption of higher and more consistent security and ICT procurement standards across government, and the updating of legislation, threat detection capabilities, and international engagement settings.
Specifically, stated the Strategy, the government “will ensure that New Zealanders can rely on the continuity and security of critical infrastructure services by developing a regulatory regime to improve the cyber security of critical infrastructure.”
“Most people don’t know that New Zealand has experienced critical infrastructure breaches in the last 10 years, because we have had no legal mandate to report these incidents, so they get quietly swept under the rug,” commented Marty Rickard, Tauranga
based Operational Technology Security specialist for Nozomi Networks.
“While public data breaches and incidents in the healthcare industry have been capturing the limelight, those of us working in the OT [operational technology] space know it’s a matter of ‘when’ and not ‘if’ we experience a critical infrastructure breach,” he said. “We rely on sectors such as energy, telecommunications, transport, and water every day, and yet many aren’t aware they could be at risk of a major breach.”
According to Rickard, another common misconception is that industrial control systems – which critical infrastructure rely on – can be maintained and handled like IT systems. “The need for different security systems is often overlooked, and organisations choose to treat their operational technology as if it were an office PC or printer,” he said.
“In reality this equipment runs 24/7 and often uses legacy technology
that is complicated in its design, operation and safety maintenance. These systems then interconnect with business operations in ways which add complexity to already complicated systems.
“More often than not, you are unable to take these systems offline for maintenance without extensive and expensive planning and scheduling. An unplanned outage in the water, power, gas or telecommunications industries has roll on effects that we have not really experienced in New Zealand.
“Our neighbours across the ditch learned this the hard way four years ago after a few major incidents in the telecommunications industry, which prompted reforms to the Australian Security of Critical Infrastructure Act. Other global frameworks such as IEC 62443, and the NIST guidance mean New Zealand doesn’t need to start from scratch. The question is whether we move fast enough to matter.”
Protective Security Advisory Visits and Security Risk Assessments are very different things. But, according to ICARAS Security Consultants, both should adhere to the same principle: every mitigation should exist to address a clearly defined risk.
Organisations rarely struggle because they care too much about security. More often, they struggle because they apply the wrong level of effort at the wrong time. A brief advisory visit is treated as a formal assessment. A full assessment is commissioned where a light touch would have sufficed. Equipment is installed before risks are properly understood. Controls accumulate, but clarity does not.
At the centre of this confusion sit two commonly used approaches: the Protective Security Advisory Visit (PSAV) and the Security Risk Assessment (SRA). Both have legitimate roles. Both can deliver value. Both can also mislead if misunderstood.
The key is not choosing one over the other. It is understanding what each is designed to do, and where each fits within a disciplined physical security risk management approach that connects threats, vulnerabilities, people, information, and organisational response.
The Protective Security Advisory Visit: Insight at pace
A Protective Security Advisory Visit is best understood as a structured conversation informed by experience. It is typically short, observational, and pragmatic. A practitioner visits a site, reviews arrangements, discusses concerns with staff, and offers immediate suggestions.
When used properly, this approach is immensely valuable.
It is quick. It requires little preparation. It imposes minimal burden on operational teams. It often surfaces obvious weaknesses that have
gone unnoticed precisely because they are familiar. A fresh set of eyes can identify issues in access control practices, contractor supervision, information handling, or incident readiness within hours.
This makes the PSAV particularly effective in environments that are still maturing. It helps organisations move from informal practices towards deliberate protective measures. It provides momentum without bureaucracy. It also works well as a periodic health check, ensuring that arrangements remain sensible as operations evolve.
However, the very qualities that make a PSAV attractive also define its limitations.
A PSAV is not a formal risk assessment. It does not systematically analyse threat actors, likelihood, or consequence. It does not usually quantify risk or compare treatment options. Recommendations are often based on professional judgement rather than structured evaluation. That judgement may be excellent, but it is not always defensible when significant investment decisions are required.
This becomes particularly important when controls are expensive, intrusive, or operationally disruptive. Without a structured assessment, it
can be difficult to explain why one measure is necessary and another is not. The organisation risks drifting into a collection of well intentioned improvements rather than a coherent protective posture.
In short, the PSAV is excellent for direction, but not for determination.
A Security Risk Assessment takes a different path. It begins not with observation, but with definition. What assets matter most. Who might seek to exploit them. What vulnerabilities exist. How likely an event may be. What the consequences would be. Only then does it consider mitigation.
This disciplined sequence matters. It ensures that every control can be traced back to a specific risk. Access control arrangements are linked to insider threat. Visitor procedures are tied to information exposure. Screening measures relate to hostile reconnaissance. Crisis arrangements address organisational resilience. Personnel practices support trust and assurance. Information handling reinforces protective intent.
The result is not simply a list of improvements, but a structured understanding of risk and treatment
options. This enables prioritisation. It supports governance decisions. It provides a defensible rationale for investment. It also helps avoid over engineering, which is just as important as avoiding gaps.
The drawback is effort. A proper assessment takes time. It requires engagement with stakeholders across operations, facilities, people management, and information custodianship. It involves analysis, documentation, and validation. For smaller organisations, or lower risk sites, this can feel disproportionate.
There is also a more subtle risk. If conducted poorly, a formal assessment can become theoretical. It may produce matrices and scoring without practical insight. The process becomes compliance theatre rather than operational guidance.
This is why methodology matters as much as outcome. The strength of a Security Risk Assessment lies not in the template used, but in the discipline applied when connecting risk to mitigation.
A common challenge emerges when organisations attempt to blend the two approaches. They want the defensibility and prioritisation of a full assessment,
but with the speed and cost of an advisory visit. This often manifests as a request for a “PSAV plus”, or an expanded advisory visit that includes elements of formal risk analysis.
The intention is understandable. The outcome is usually problematic.
Once threat analysis, consequence evaluation, and structured risk treatment are introduced, the work quickly becomes an assessment in all but name. Stakeholder engagement increases. Assumptions must be validated. Mitigation options must be compared. Documentation must support decisions. The effort grows accordingly.
Attempting to compress this into the footprint of a PSAV risks creating something that appears rigorous but lacks analytical depth. It also creates unrealistic expectations about cost and timeline. The result can be neither a true advisory visit nor a defensible assessment.
Clarity at the outset avoids this tension. A PSAV provides informed guidance. An SRA provides structured analysis. Blending them rarely delivers the benefits of either.
A further complication arises when organisations align themselves exclusively with the concept of advisory visits. This is often not a deliberate choice, but a reflection of familiarity. Short visits are easier to
commission, easier to digest, and easier to repeat. Over time, they become the default.
In some cases, the terminology itself becomes blurred. Advisory visits are described internally as risk assessments. Reports are approved as formal analysis when they are, in reality, observational. The distinction gradually disappears. This matters because decision makers may assume a level of rigour that is not present. Investment choices are made on the basis of recommendations that were never intended to be definitive. Residual risk is accepted without structured evaluation. The organisation believes it has undertaken formal assessment when it has not.
None of this diminishes the value of advisory work. It simply reinforces the importance of using the right label for the right purpose, and understanding what each approach can legitimately deliver.
Another persistent misconception is that a PSAV can later be expanded into a full assessment, or that completing an advisory visit reduces the effort required for formal analysis. In practice, this is rarely the case.
A PSAV is observational and qualitative. An SRA requires structured identification of assets, threat scenarios, vulnerabilities, and consequences. It demands
stakeholder engagement, validation of assumptions, and comparison of mitigation strategies. These activities must be conducted deliberately and systematically. They cannot be inferred from a brief advisory engagement. While a PSAV may highlight areas of concern, the analytical work required for an assessment still needs to be undertaken in full. Treating the advisory visit as the first phase of an SRA often leads to duplicated effort, or worse, gaps in analysis.
It is more accurate to view a PSAV as a trigger. It may indicate that deeper analysis is warranted. It does not materially reduce the work required to perform that analysis properly.
International best practice consistently treats advisory visits and formal risk assessments as complementary, not interchangeable. Conducting regular PSAVs does not remove the requirement to undertake a structured Security Risk Assessment, nor does it replace the need to periodically review and update that assessment as circumstances change.
Threat environments evolve. Organisations grow. Facilities are modified. Roles change. Information holdings expand. Operational dependencies shift. These developments alter risk in ways that cannot be captured through observational visits alone.
A PSAV may identify emerging issues, but it does not re baseline risk. It does not formally reassess consequence. It does not re evaluate treatment options. Only a structured assessment can do this. For this reason, mature organisations maintain a cycle in which formal risk assessments are periodically refreshed, with advisory visits used in between to provide assurance and identify change.
Treating PSAVs as a substitute for this cycle creates a false sense of maturity. It suggests that risk is being actively managed, when in reality the underlying assessment may be years out of date.
Many organisations encounter a third, unofficial category. The free or low cost security review. These are often presented as equivalent to advisory visits or even risk assessments, yet they frequently follow no structured methodology at all.
They typically begin with equipment. Cameras are suggested before surveillance risks are defined. Access control upgrades appear before insider threat is considered. Perimeter measures are proposed without examining adversary intent. The result can be persuasive, particularly when framed as quick wins.
Yet controls installed without a defined risk rarely age well. They solve
symptoms rather than causes. They create maintenance obligations. They introduce operational friction. Most importantly, they leave underlying vulnerabilities untouched.
A mature approach reverses this logic. It ensures that each mitigation exists for a reason, and that reason is documented, understood, and proportionate. The emphasis shifts from selling solutions to managing risk.
When viewed through a structured protective security framework, the PSAV and SRA become complementary rather than competing tools.
A PSAV works well at the beginning. It provides orientation. It identifies obvious weaknesses across physical measures, personnel practices, information handling, and preparedness. It helps determine whether deeper analysis is required.
An SRA follows when decisions carry weight. This may involve new facilities, sensitive operations, executive exposure, valuable information holdings, or environments where consequences are significant. The assessment ensures that mitigation measures are proportionate, coherent, and defensible.
After improvements are implemented, PSAVs can return as assurance checks. They confirm that controls remain effective, that practices
are followed, and that changes in operations have not introduced new vulnerabilities.
This cycle maintains momentum without unnecessary complexity. It also avoids the trap of conducting one comprehensive assessment that sits on a shelf while the organisation moves on.
Ultimately, the choice between PSAV and SRA is less important than the discipline behind them. Effective physical security is not defined by the presence of cameras, barriers, or procedures. It is defined by the clarity of the link between risk and response. When that link exists, controls make sense. Investment is easier to justify. Operational teams understand why measures exist. Leadership can accept residual risk with confidence. Crisis arrangements align with realistic scenarios. Personnel practices support protective intent. Information is handled with deliberate care.
Whether the journey begins with a short advisory visit or a full assessment, the objective remains the same. Every mitigation should exist to address a clearly defined risk. When that principle is applied consistently, security becomes not just stronger, but smarter.
This article was originally published on the ICARAS Security Consultants website.
A recent article by the International Security Ligue highlights a global challenge for the private security sector: what it calls the “job prestige disconnect”, writes Nicholas Dynon.
Nicholas Dynon is chief editor of NZSM, and a widely published commentator on New Zealand’s defence, national security and private security sectors.
Security work is “chronically undervalued,” despite its growing importance in an increasingly complex risk environment. That’s the argument put forward in the article The Job Prestige Disconnect: Why Security Work is Chronically Undervalued (And What To Do About It).
It’s an argument that resonates with many a security practitioner. Many of us are all too aware of the perception issues the private security sector faces, from the many customers who consider security a grudge purchase to the public in general who are often confused about what it is we actually do.
At its core, the article identifies a fundamental mismatch. Security professionals are tasked with safeguarding people, assets, and public spaces—often operating at the frontline of risk—yet the role is still widely perceived as low skill and low status. As it bluntly observes, “the societal perception of security work has not kept pace with its real world responsibilities.”
It’s a mismatch that’s quantified in a research article published in 2024 in the peer reviewed scholarly journal Research in Social Stratification and Mobility. The article, authored by Professors Gemma Newlands and Christoph Lutz, measured the ‘occupational prestige’ (an occupation’s societal status and respect) and
‘occupational social value’ (an occupation’s usefulness and positive contribution to society) of 576 occupations in the UK.
The authors then ranked each occupation according to their prestige and their social value. The ‘security guard’ occupation’s occupational prestige score of 39.61 (below average) and its occupational social value score of 53.68 (above average) gave it one of the most negative ‘prestige social value differences’ ( 14.06) among all occupations. In other words, society’s need for security guards significantly exceeds the level of respect it gives to the security guard occupation.
This mismatch of low prestige but high social value, places security officers among a group that includes childcare workers, home and health aides, hospital admissions personnel, and other jobs that are essential to societal functioning but are often overlooked or undervalued in terms of status and remuneration.
This disconnect is not merely reputational; it has operational consequences. When security is undervalued, it is underpaid, undertrained, and underinvested. The result is a cycle familiar to us here in New Zealand: high staff turnover, inconsistent service quality, and ongoing difficulty attracting skilled personnel.
The Ligue’s article captures this in terms of a vicious cycle: “low prestige drives low investment, which in turn reinforces low prestige.”
One of the most significant contributors to this problem, it suggests, is procurement behaviour. Security services are still too often purchased as a commodity. Contracts are awarded on price rather than performance, capability, or outcomes. The old ‘security as a cost centre’ chestnut.
The commoditisation of security services discourages innovation and professionalisation, and it places reputable providers at a disadvantage against operators willing to cut corners. Regulatory frameworks, such as those overseen by the Private Security Personnel Licensing Authority (PSPLA), have helped lift baseline standards. But, compliance alone does not equate to professional recognition.
In New Zealand, even with increasing scrutiny by the PSLSA and the excellent work done by the NZSA to promote voluntary standards, the sector continues to battle perception challenges, and despite the overwhelming majority of practitioners operating professionally.
With procurement and public policy identified in the Ligue’s article as the systemic drivers of the vicious
cycle, its authors suggest that the lack of prestige afforded to security guards is policy driven rather than resulting from limitations within the occupation itself. In short, “policy choices, not inherent occupational limits, determine whether security work is properly valued.”
Given this, the Ligue suggests that a correction of the ‘social prestige’ –‘social value’ mismatch is possible, but that it should be driven by government and buyers in the areas of regulation enforcement, quality focused procurement criteria, and the funding of career pathways.
Its focus on the government as having a key role to play is likely informed by its April 2025 publication, the Global Security Barometer 2025
“Global differences in public opinion toward private security officers underscore the fact that governments give shape to those attitudes, through the standards they set and by whether or not they aggressively regulate bad actors in the industry,” stated the authors of the Barometer.
The Barometer called on governments to:
• Understand citizens’ level of trust in (and satisfaction with) private security officers.
• Develop regulatory frameworks to improve public trust and enhance the industry’s image.
• Create standards designed to promote occupational prestige and ensure an adequate baseline of quality and training.
• Update their taxonomy for security (to match industry jobs which have become more specialised) to improve its ability to support the industry and collect data on it.
• Promote visibility of private security officers’ critical role in security governance through police private security partnerships and to classify them as essential workers.
Ultimately, the Ligue sees the ‘prestige gap’ as not just a branding problem, but as a structural one that’s beyond the security industry itself to resolve. Given this, it sees that government has not just a role to play in closing the gap but indeed a responsibility to do so.
A quarter (24%) of New Zealand businesses say staff using AI improperly is one of their biggest cyber security challenges, according to new research from Kordia.
In 2025, digital transformation and AI continued to reshape how New Zealanders live and work, but cyber threats have escalated just as quickly. Globally, AI-powered cybercrime has surged, with phishing volumes up 1200% since 2022. Organisations are now targeted every 39 seconds, causing daily global losses of $18 million.
These trends are mirrored at home, with recent high profile breaches putting cyber security firmly in the spotlight.
• One in 10 (8%) paid a ransom or extortion demand. However, of the companies that had a ransom demanded of them, 42% paid the ransom. Additionally, a third (32%) of businesses said they would consider paying such a demand.
• A fifth (21%) of businesses hit by a cyber attack said they suffered disruption to their business (such as inability to access systems or serve customers).
Kordia-owned Aura Information Security.
Now in its 10th year, the 2026 Kordia New Zealand Business Cyber Security Report surveyed nearly 250 businesses (of 50+ employees) and found that:
• The number of cyber attacks carried out through AI vulnerabilities has more than doubled, from 6% in 2024 to 14% in 2025.
• Nearly half (44%) of businesses said they were subjected to a cyber attack in the past 12 months – a decline from the previous year (59%).
• Nearly a fifth (17%) of cyber incidents resulted in personal information being accessed or stolen.
• One in five businesses (19%) impacted by a cyber incident faced financial extortion by a cybercriminal – an increase from 14% in 2024.
One in four (24%) businesses said improper AI use was among their top three challenges to improving cyber security, up from 16% the previous year. Patrick Sharp, General Manager of Kordia owned Aura Information Security, says this is often down to vulnerabilities caused by businesses implementing AI systems without sufficient consideration of security.
“Insider threats, whether accidental or malicious, have always been a factor in cyber incidents and data breaches,” said Sharp.
“But shadow AI – the unauthorised use of AI tools by employees – is growing into a massive problem. Individual staff members are copying confidential data into AI systems –information they would never put into Google – without understanding the risks and without guidance from their organisation.
“Business leaders are telling us it’s keeping them up at night. Nearly half (43%) said employees accidentally
exposing data or AI driven processes is the biggest cyber risk to their business, making it the top concern by quite a margin.
“In addition, many New Zealand and international organisations are implementing sanctioned AI tools without sufficient security governance and practices.”
There was a decline in the proportion of businesses reporting they’d been subjected to a cyber attack: 44% in 2025, compared to 59% the year prior.
This seems to corroborate data from the National Cyber Security Centre’s (NCSC) Cyber Threat Report 2025, which recorded 5,995 incidents in 2024/25 compared to 7,122 in 2023/24.
Sharp points out that while the NCSC has reported that the quantity of incidents has been declining, the financial impact has been increasing. According to the NCSC, $12.4m in direct financial loss was reported in Q3 2025, up 118% from the previous quarter.
“Organisations need to work out a response strategy long before they’ve suffered an incident, and they need to
spend time practising it,” said Sharp. “Who will manage the incident, who makes decisions according to the level of severity, and who, when, and how will you communicate with staff, customers, and regulators.
“Engaging with Government entities like the NCSC and the Privacy Commissioner isn’t just about being transparent. It also helps the New Zealand Government and businesses understand the scale and impact of this criminal activity,” he said.
Many businesses agree. A third (36%) have called for mandatory reporting requirements for business impacted by major cyber attacks, similar to what Australia has introduced.
“As challenging as it can be, it’s critical that business directors and officers recognise their accountability before they’ve been breached. There are many passionate and capable cyber security professionals in New Zealand who can guide effective business advice on cyber resilience.”
As recent high profile breaches have shown, personal information remains one of the key targets for
cybercriminals. A fifth (17%) of businesses said personally identifiable information was accessed or stolen, and a similar number (21%) were worried about this stolen data leading to blackmail or extortion.
Concerningly, one in three businesses said they would be willing to pay a ransom to a cybercriminal.
“Nobody wants to be faced with a ransom demand, but they can appear to make the immediate problem go away,” said Sharp.
“However, once a ransom is paid, there’s no guarantee a cybercriminal will honour the deal. For instance, they might still re sell any data they’ve stolen. Paying ransoms ensures extortion remains a reliable form of revenue for cybercriminals, and as long as it works, they will keep doing it,” he continued.
“The best strategy is to work with the experts to build your cyber resilience, so you can continue operating and recover from an incident without having to give into criminal demands.”
The costs – financial and otherwise –of suffering a cyber attack cannot be
understated. Nearly two thirds (61%) of businesses that faced cyber incidents suffered a disruption to their business operations.
Cybercriminals are increasingly targeting supply chains, as disrupted operations can be effective leverage in ransom demands. This was demonstrated by the high profile Jaguar Land Rover (JLR) cyber attack in the UK last year. A fifth (20%) of New Zealand businesses said their supply chain was interrupted through a cyber attack.
Several high profile overseas examples from last year, such as the Asahi breach in Japan and Marks & Spencer in the UK, show the significant impact cyber attacks can have on operations.
Other costs incurred by cyber attack victims include insurance claims (17%), fines by a regulatory body (11%), and legal action (9%).
Where and when should Government step in?
Businesses also gave their thoughts on the role of Government in improving New Zealand’s cyber security posture. According to Sharp, cyber resilience is a matter of both business and national significance, and there is a real part for Government to play.
“New Zealand’s cyber security legislation lags far behind our global peers,” said Sharp.
“Following the JLR hack, the UK Government stepped in by underwriting a £1.5 billion loan. This was to prevent the failure of the huge ecosystem of small businesses, and protect the thousands of jobs, that make up JLR’s supply chain,” he explained.
“A similar attack on New Zealand shores isn’t out of the question. How prepared are we, and are we investing enough into our collective cyber defence?”
The most requested form of Government support from businesses was more education programmes on cyber security best practice (38%). Businesses are also showing demand for harsher penalties and fines for business that fail to protect personal data (36%) and legislation to make it illegal to pay ransoms to a cybercriminal (27%).
Steps to resilience: What New Zealand businesses should focus on in 2026
1. Security starts at the top Directors and executives are facing growing legal and commercial accountability for cyber resilience, as incidents can disrupt operations, damage trust, and carry increasing financial cost. Strong cyber security depends on risk awareness, informed decision making, and confidence that controls are correctly specified and effective.
Cybercrime is complex and ever changing – organisations must seek qualified advice and set clear expectations for suppliers to ensure cyber risk is being professionally managed.
2. Upskill your people for an AI-first world
Organisations need to update training, policies, and processes to reflect the evolving cyber threat of AI. Staff should understand how modern scams like vishing and deepfakes work and have clear guidance on acceptable AI use.
Coding, supply chain, and data handling practices must also be updated so data is properly classified and protected, and third party use of AI with your data remains under your control.
3. Securing identity is key
Cloud services and remote working have removed traditional network boundaries. Attackers now target user identities instead of infrastructure, using highly targeted, AI driven social engineering.
Strong identity controls, such as phishing resistant multi factor authentication (MFA), least privilege access, continuous verification, and robust password reset processes, can significantly reduce risk by preventing account takeover. Remember: most attackers don’t hack in, they log on.
4. Multi-layered protective and detective controls
Attacks typically string together a sequence of techniques, exploiting design flaws, code bugs, and pressured people. Organisations need a combination of layered security controls, validation of their effectiveness, appropriate monitoring, and practiced incident response.
A full copy of the 2026 Kordia New Zealand Business Cyber Security Report is available on the Kordia website.
Kordia works across New Zealand, Australia, and the Pacific to deliver mission critical technology in cloud, cyber security, broadcasting, maritime communications, and other areas.
New flagship fisheye cameras deliver intelligent 360° coverage with easy, intuitive context-rich searches and proactive alerts.
With the new X‑series fisheye cameras, i‑PRO extends generative AI from its 2025 post‑event investigation offering into daily security operations, such as live incident detection and real‑time alerting, running directly on the camera without reliance on cloud services or analytics servers and enabling faster operator response.
At the core of the new fisheye cameras is a generative AI engine running fully on the edge, utilising Ambarella™’s CV72 AI vision SoC, enabling real‑time free‑text detection based on natural‑language descriptions. Detection logic and feature extraction are performed entirely on the camera, without reliance on cloud services or external servers.
For live monitoring, operators can describe what they want to detect in plain language, such as “person lying down” or “delivery truck,” and the camera continuously monitors for those conditions, triggering alerts when detected. Because detection runs directly on the camera, the system delivers low‑latency response, simplified deployment, and reduced infrastructure complexity.
“Free text interaction changes the way people work with video,” said Gerard Figols, Chief Operating Officer at i‑PRO. “By embedding generative AI directly into the cameras, i‑PRO simplifies operators’ work by delivering real‑time insights that support faster, more confident decisions, regardless of system size or complexity, while keeping data local, secure, and fully under the customer’s control.”
For forensic investigations, generative‑AI‑powered free text search enables operators to locate people, vehicles, or objects across recorded video by typing a natural‑language description. Feature extraction and metadata generation are performed on the camera, while the free text search itself is executed via i‑PRO Active Guard using this on‑camera metadata.
For VMS integration, i‑PRO Active Guard performs free text search across recorded video, while real‑time free text detection and feature extraction remain fully on‑edge. This architecture ensures sensitive video data remains on‑premises, supporting privacy, compliance, and data‑sovereignty requirements.
Additional AI capabilities include AI On‑Site Learning to adapt detection to the unique characteristics of an environment, and AI Processing Relay, which brings AI analytics to non‑AI cameras through the new X series models.
The cameras feature a true 12.5MP fisheye sensor, delivering clear, detailed panoramic views in both indoor and outdoor deployments. AI Noise Reduction significantly reduces noise and motion blur in low‑light conditions, delivering clearer and more detailed images even in dark or nighttime environments.
Built on i‑PRO’s open architecture, the new cameras support Docker containers, allowing secure deployment of custom or third‑party AI applications directly on the device. Advanced cybersecurity features such as Secure Boot, signed firmware, and FIPS 140‑3 Level 3 compliance make the camera suitable for high‑security environments.
Outdoor models include an IK11 and IP69 rated rugged housing, ensuring reliable operation in harsh conditions ranging from transportation hubs and industrial facilities to campuses and public venues.
The ink is fresh on a global reseller agreement between Securitas Technology and Ambient.ai touted as a pathway to scaling “Agentic Physical Security” globally.
Securitas Technology has announced a global reseller agreement with Ambient. ai. The partnership will see Ambient.ai’s platform integrated into Securitas Technology’s global offering, enabling customers to transition from traditional, reactive security models to proactive, intelligence-led operations.
At the heart of the agreement is Ambient.ai’s “Agentic Physical Security” platform, which applies artificial intelligence to continuously perceive, interpret and respond to real world events in real time. The platform is designed to actively analyse environments and support decision making alongside human operators.
For Securitas Technology, the move aligns with a broader strategy to embed AI across its portfolio. The Ambient. ai solution joins a growing suite of advanced offerings, including cloud based video surveillance platforms such as SecureStat® Cumulus AI, reinforcing the company’s focus on delivering integrated, data driven security outcomes at scale.
Tony Byerly, Global President and CEO of Securitas Technology, said the partnership reflects the company’s commitment to innovation in an increasingly complex risk landscape. He noted that AI is enabling faster, more accurate security outcomes while also delivering operational
efficiencies and deeper business insights for clients.
Ambient.ai CEO and co founder Shikhar Shrestha described the agreement as a pathway to scaling “Agentic Physical Security” globally. He emphasised that the technology is designed to reduce reliance on manual monitoring by allowing AI to handle complexity, freeing operators to focus on higher value tasks.
With organisations having invested heavily in cameras, access control systems and monitoring infrastructure over the past decade, the sheer volume and complexity of data generated by these systems is now outstripping the capacity of traditional tools and human operators to manage it effectively.
This has created a growing gap between what security teams are expected to protect and what they can realistically detect and respond to in real time. Legacy systems, built primarily for recording and retrieval,
are increasingly inadequate in environments where rapid situational awareness and response are critical. AI is positioned as the mechanism to close this gap. By continuously analysing video and sensor data, identifying patterns and understanding context, AI enabled systems can detect anomalies and trigger responses as events unfold.
A key differentiator in the Securitas Technology–Ambient.ai partnership is the focus on operationalisation.
The partnership aims to deliver not just technology, but a fully supported pathway to implementation—covering integration, orchestration and lifecycle management.
The offering is likely to appeal to enterprise environments such as corporate campuses, data centres and critical infrastructure, where security systems must operate reliably at scale and integrate seamlessly with existing infrastructure.
unbreakable universal mounting
•Low power consumption - low operating temperature
•One product suits floor and wall mounting
•Universal armature - offsets to 55º to suit doors opening past 90º • Wall mount extensions available •12 & 24 VDC selectable • Push off button with no residual magnetism • Oversize armature for easy alignment • Emergency release button
•Electroless nickel plated armature and electromagnet
•Stainless fastenings • Full local support and back up
10 YEAR GUARANTEE*
Designed, tested and produced in New Zealand to AS4178
B)Wall
Surface and Recess mounting
This device enhances an outstanding range of unbreakable products which conveniently hold open fire doors. When a smoke/fire alarm is activated the magnet instantly releases the door to the closed position to prevent the spread of smoke and fire. These units feature a choice of 3 covers for optimum aesthetic appeal and durability. The installer can utilise one device for surface mounting or for recess mounting.
Bunnings Warehouse is introducing FRT to combat what it claims is a rising number of thefts and threatening incidents in its stores, writes chief editor Nicholas Dynon.
Hardware behemoth Bunnings Warehouse is introducing live facial recognition technology (FRT) in all of its New Zealand stores . Targeting Two Hamilton locations initially (Te Rapa and Hamilton South), the nationwide deployment aims to combat theft and protect staff from aggressive, repeat offenders.
With the Hamilton store roll out constituting Phase 1, Phase 2 will cover the remainder of the North Island, and Phase 3 will then see South Island Bunnings customers having their facial biometrics collected once they walk past the sausage sizzle.
The move comes several months after a New Zealand Privacy Commissioner report on the Foodstuffs North Island Limited live FRT trial determined that such FRT deployments – if implemented with appropriate safeguards – may meet the requirements of the Privacy Act. It also comes hot on the heels of the Australian Administrative Review Tribunal’s reversal of a 2024 ruling by the Australian Privacy Commissioner that had found Bunnings breached privacy laws by scanning hundreds of thousands of customers’ faces without their proper consent.
Bunnings in Australia had deployed facial recognition in 62 stores in New
South Wales and Victoria between January 2019 and November 2021, after a two month trial in one store in 2018.
News reports and commentators described the recent ART ruling as a “green light” to Bunnings and to other retailers to deploy live facial recognition.
Alex MacDonald, a former Bunnings employee and currently Director of Australian facial recognition solutions provider, Vixels, which implemented Bunnings’ facial recognition solution, stated that the decision “provides much needed clarity for other businesses facing similar challenges, confirming that facial recognition technology can
be implemented responsibly, with appropriate safeguards in place.”
Scott Harris, founder of Workforce Resilience, a training provider that delivered safety and security workshops for Bunnings, posted on LinkedIn that the retailer – along with Foodstuffs North Island [in New Zealand] – “have been leading the way in FRT, and their work now paves the way for other retailers across Australia and New Zealand.”
Despite the ruling in Bunnings’ favour, the ART agreed with the Privacy Commissioner that Bunnings had failed to comply with several privacy principles, including that the retailer had not properly notified customers that their faces were being scanned, that it had not conducted a risk assessment in relation
to the use of FRT, and that it had failed to put in place minimum standards or similar policy.
“We accept that Minimum Standards were subsequently developed, however that was a significant time after the implementation of the system,” stated the ART. “Considering the steps taken by Bunnings in totality, we find that Bunnings fell short of implementation of practices, procedures and systems relating to Bunnings’ functions or activities that would have ensured that they complied with the Australian Privacy Principles.”
Although the ruling had given Bunnings the green light it needed to proceed with its FRT plans, it had also provided the retailer with plenty of homework to do in order to enable any future deployment to tick the privacy legislation boxes.
Survey data used to support rollout
Supporting its decision to implement live FRT in its New Zealand stores, Bunnings states that it completed a Privacy Impact Assessment, engaged a Māori digital sovereignty expert to ensure its approach aligns with tikanga Māori and Māori data sovereignty principles, and commissioned independent research to understand what New Zealanders think about FRT.
The research, which included focus groups, interviews, and a “nationally representative survey of 1,000 New Zealanders”, indicated that support
for FRT is strongest “when people understand how FRT works and how personal and biometric information is protected.”
According to Bunnings, the research found that more than nine in ten (93 percent) respondents supported FRT “if it improves safety by more than 10 percent,” and more than six in ten (64 percent) supported it when smaller improvements were considered. Fewer than one in 10 (seven percent) respondents opposed it in principle.
The results are not dissimilar to an earlier survey of 1,007 New Zealand consumers conducted on behalf of Foodstuffs in support of its FRT trial by branding and consumer insights consultancy One Picture.
That survey found that 66% of respondents said they would accept FRT even if the harm minimisation is very small, 79% would accept it even if it only achieved a 0.7% reduction in harm, 86% would accept it if it achieved a 3% reduction in harm, and 89% would accept FRT if it achieved a 10% reduction in harm.
Despite the broad consistency between the two retailers’ survey results, they fly in the face of established international data on FRT public acceptability published in several peer reviewed survey based academic research studies. In the US, for example, which typically has relatively higher rates of public comfort with FRT, recent studies indicate that the acceptability of crime targeted FRT in retail stores sits at between 54% and 59%.
The results also appear wildly inconsistent with a biennial privacy survey of over 1,200 New Zealanders released by the Office of the Privacy Commissioner in March 2025.
In that survey, 41% of respondents stated that they were concerned or very concerned about the use of facial recognition technology in retail stores to identify individuals. 25% were neutral on the topic, 31% were either not concerned or not really concerned, and 3% were unsure. 49% of Maori respondents indicated concern over FRT in retail.
It’s a glaring inconsistency that warrants a closer look, and it echoes contradictions in the crime data used by FRT vendors and FRT deploying retailers to justify the use of FRT as a proportionate measure to combat crime in their premises.
According to Bunnings, retail crime and serious threatening behaviour towards retail workers is increasing across New Zealand. “The scale of retail crime in New Zealand is accelerating and shows no signs of stopping,” stated Bunnings manager Melissa Haines in an article published by RNZ on 07 March.
Yet, according to recent NZ Police Victimisation Time & Place data, victimisations occuring in retail premises have fallen significantly since historic highs in January 2025.
Concerns have also been raised about the potentially misleading nature of heavily inflated retail crime data that has informed moves by large retailers in New Zealand towards FRT.
The COVID-19 response showed that epidemiological and economic models are developed separately. An integrated approach to modelling may make future responses better, writes University of Auckland’s Professor Paula Lorgelly.
Professor Paula Lorgelly is Chair in Health Economics at the University of
Auckland.
This time six years ago, as officials prepared to move New Zealand into lockdown, the public was suddenly introduced to the complex and somewhat bewildering world of pandemic modelling. These highly mathematical models mapped out how COVID 19 might spread , projecting potential infections, hospitalisations and deaths in stark scenarios, sometimes making for alarming news headlines.
But the models told us much less about the wider economic and social consequences of the decisions being made in those crisis weeks and months.
As the recently released Phase Two report of the Royal Commission on COVID 19 concluded, New Zealand’s pandemic response was ultimately effective.
Yet it also acknowledged the significant social and economic impacts of both the virus and the response –including strains on trust and social cohesion – and singled out areas for improvement .
That included the need for better modelling, data and frameworks to help decision makers weigh those society wide impacts more effectively.
Notably, the inquiry recommended a new strategic function – based in either the Treasury or the Department
of the Prime Minister and Cabinet – to help guide New Zealand through the next pandemic.
It might be asked how such a function could sit outside the Ministry of Health, which was central to the initial COVID 19 response.
But in these emergencies, decision makers shouldn’t be choosing between health and the economy. Pandemics affect both – and understanding the full impacts requires all perspectives.
If the inquiry made one thing resoundingly clear, it is that in the next pandemic – and there will be one – leaders must be able to make faster, better informed calls.
So, what if, next time, New Zealand had the modelling tools it needed to weigh up all the potential impacts at once?
The British statistician George Box famously said that “all models are wrong, but some are useful”.
In essence, models may never perfectly capture the complexities of the real world, but they remain valuable tools for decision‑making and prediction.
Pandemic responses are largely informed by epidemiological models , which help us understand how disease spreads through populations, and which simulate the impact of different control measures. But they
also have limitations, including the difficulty of capturing human behaviour.
During COVID 19 and earlier events, these models were typically developed separately from economic modelling, each serving distinct purposes. Increasingly, however, there is recognition that integrating these approaches can provide a more complete picture.
Reflecting this shift, the UK based Institute for Government has examined the benefits and challenges of so called “epi econ” models, which combine epidemiological and economic analysis.
Rather than simply assessing cost effectiveness , these more sophisticated models aim to capture both the public health and broader economic impacts of policies such as lockdowns, border closures, vaccination programmes and wage subsidies.
They can simulate how such measures may affect infections, hospitalisations and deaths, as well as their possible impacts on inflation, employment and economic growth.
They can also take both short and long term perspectives, capturing the complex, dynamic interactions between public health crises, the interventions used to manage them and their broader macroeconomic consequences.
Such modelling can take several forms. Computable general equilibrium (CGE) models, for instance, simulate how households, firms, government and markets interact across the economy.
They have been recently used to assess the impacts of tariffs introduced by US President Donald Trump; earlier, they helped New Zealand’s government model the economic impacts of fuel outage scenarios.
To be useful in a pandemic, however, these models need to be “ dynamic” – or able to track how conditions and intersections within the model evolve over time rather than offering a static snapshot.
Dynamic CGE models have been used to assess impacts on sectors such as food security and tourism , as well as wider economic effects across countries.
They are increasingly incorporating factors such as behaviour and resilience, helping understand the impacts of businesses closing and reopening , how illness affects the workforce , and how fiscal stimulus can assist recovery.
The COVID 19 response showed us that when epidemiological and economic models are developed separately – and often with different assumptions – decision makers are left weighing conflicting advice.
An integrated epi econ approach makes those trade offs explicit and better informs the choices policymakers must make.
They can also reveal hidden non linear effects – for example, how shutting non essential activity can ripple through to workers in essential services . They can incorporate feedback loops too, showing how economic
support measures during downturns might influence the spread of infections.
In the UK, early pandemic policies showed how such incentives could unintentionally accelerate spread
Importantly, the inquiry also recommended that future governments ensure greater transparency and communication around decisions, including the science and evidence underpinning them.
The UK Institute for Government argues that combined epi econ models should be accessible across ministries and departments, ensuring decision makers are working from a shared evidence base.
Risk and uncertainty are inherent in these models. If New Zealand adopts them, ministers need to be able to understand the models’ inbuilt uncertainties and clearly communicate these to the public.
The Ministry of Health is leading the response to the Royal Commission’s final report and will advise the government on how to act on its recommendations.
In doing so, there is an opportunity to look beyond traditional epidemiological models and consider the added value of integrated approaches.
New Zealand will need stronger collaboration across government, academia and industry so that when the next crisis comes decisions are better informed from the outset.
This article was originally published in The Conversation on 23 march 2026.
Compatible with Gallagher Command Centre v9.40 and above, the new F5 and F6 Fence Controllers can operate independently or seamlessly integrate with the Gallagher Controller 7000 series and Command Centre ecosystem.
Gallagher Security announced on 19 March the release of its new F5 and F6 Fence Controllers, marking the latest generation of its safety monitored pulse fence technology.
Engineered to set a new benchmark in safety, performance, and reliability, the F5 and F6 Fence Controllers introduce advanced safety features designed to meet the demands of modern security environments.
Purpose‑built for high‑performance perimeter protection, the new fence controllers provide intelligent intrusion detection, flexible deployment options, and enhanced safety functionality in line with current international safety standards.
They are built to comply with IEC 60335 2 76 as well as multiple regional variants to ensure long term operational viability.
“Gallagher’s perimeter solutions are designed to deter, detect, and delay intruders, providing robust, flexible protection tailored to each site’s unique requirements,” said Dave Solly, Gallagher Security Senior Product Manager.
“Regardless of what you are securing, whether critical infrastructure like utilities, remote facilities like mining, or transport and logistics yards, the new F5 and F6 Fence Controllers take safety to the next level, with enhanced features
like smart synchronisation enabling compliance to the newly introduced ‘safe limits’ for operation of energised fences,” he said.
The F6 series introduces enhanced features including:
• Smart Synchronisation
• Safety Extra Low Voltage (SELV) readiness to detect movement at sensitive areas without deterrence
• Dual Pulse Peak Measurement (DPPM) which brings enhanced alarm functionality for high specification fences using dual pulse configuration
According to Solly, the new controllers are compatible with Gallagher Command Centre v9.40 and above, while maintaining consistency with earlier models for streamlined installation. A key design priority was ensuring adaptability across a wide variety of sites.
“The F5 and F6 series are designed to operate independently or seamlessly integrate with the award winning
Gallagher Controller 7000 series and Gallagher Command Centre ecosystem, giving End Users a scalable pathway from single zone protection to layered, multi zone, and multi controller installations,” he said.
He added that the rapidly evolving security environment means end users require more intelligence and flexibility from perimeter systems.
“The new series delivers advanced features and future ready capability, along with Smart Sync technology, which maintains consistent pulse synchronisation along the fence and automatically adjusts energy levels if a sync signal is lost. This ensures the fence continues to provide the safest form of deterrent in all conditions,” Solly said.
“With support for standalone or networked installations, dual‑zone configurations, and full integration with Gallagher Command Centre, the F5 and F6 Fence Controllers provide unmatched scalability and adaptability for sites of any size.”
The New Zealand Security Association is asking its member organisations to complete a 30-second survey on the size and power classification of their vehicle fleets.
The Government released its strategy for fuel reserves on 27 March, reassuring businesses that there are appropriate stock levels. However, the NZSA suggests that should the conflict in the Middle East become extended, businesses should be giving consideration to their plans.
The National Fuel Plan developed in response to fuel supply uncertainty driven by the conflict in the Middle East has four phases, explaining how the government monitors fuel supply, when it would act, and what you can expect at each phase.
New Zealand is currently operating at Phase 1, which means fuel is available, fuel supplies are continuing to arrive, and there is no need for you to change your behaviour today or buy more fuel than usual.
The government expects that almost all situations will be managed at Phases 1 or 2, with Phases 3 and 4 used only if necessary. “If we were to move into Phase 3 or 4, there will be priority bands to manage how fuel is allocated.”
Fuel allocation would be prioritised in accordance with the following proposed bands:
• Band A: life supporting services – uncapped supply
• Band B: economically important services
• Band C: essential services
• Band D: other commercial customers
• Band E: general retail sales to consumers
According to the NZSA, security services are deemed to be essential services and will be prioritised, however, “from the Government statement, there may be some
differentiation between essential services and life supporting services (which may include some security services).”
The Association also pointed out that prices are rising due to global market changes, and that organisations may need to make decisions around how they operate differently.
According to a government advisory, petrol and diesel prices are expected to climb in the coming weeks, with higher prices potentially affecting businesses’ operating costs, transport and logistics, and travel patterns.
“Every business will need to approach this differently,” says the advisory. “For some, it may mean reviewing transport and logistics, for others adjusting budgets, schedules, or how work is organised. What matters most is taking the time to consider what works best for your operation, your workforce, and the communities you support.”
The advisory provided links to tips to reduce fuel consumption and a step by step guide to business continuity planning .
To assist the NZSA in preparing for a discussion with MBIE if the situation arises, the Association is seeking to understand the size and power classification of its members’ fleets. It has created a 30 ‑second online survey and is asking members to complete it by providing details on their vehicle fleet.
In his March newsletter, NZSA CEO Gary Morrison talks Coroner’s report into Westfield Bondi Junction attack, new NZSIS threat levels, facial recognition technology, complaints against unlicensed security providers, and more.
Gary Morrison is CEO of the New Zealand Security Association (NZSA). A qualified accountant, Gary was GM of Armourguard Security for New Zealand and Fiji prior to establishing Icon Security Group.
The year certainly seems to have kicked off in a positive manner. Many members have advised that they are extremely busy and that a lot of work that had been on hold is now starting to get approved. Certainly, the economic indicators support an improved outlook which is very positive.
Interestingly, staffing requirements currently seem fairly stable despite the increased work volumes, presumably attributable to staff being less transient and tending to seek the security of having a job during a period of high unemployment. This is backed up by the annual report from the PSPLA where the number of CoA applications last year dropped significantly from prior years, despite the industry still experiencing growth.
As you will see from my report below, there is a lot happening currently and similar to our members, it looks like a busy year ahead for the NZSA!
Introducing new NZSA staff member Lucy Nichols
We are thrilled to announce the appointment of Lucy Nichols to the new role of Membership and Content Manager, commencing Monday 9 March.
Dual winners in Global OSPAs (Outstanding Security Performance Awards)
Congratulations to both Ruth Tongotongo and Shaun Laifone for winning their respective categories in the inaugural global rendition of the OSPA’s.
Ruth, who is also one of our Board Cadets, deservingly won The Global Outstanding Young Security Professional 2025, and Shaun was recognised as The Global Security Officer of the Year 2025.
Many of you will have seen or heard recent press concerning the early winding up of the Ministerial Advisory Group (MAG) and allegations of a dysfunctional relationship between the board chair, Sunny Kaushal, and several of the board as evidenced by the recent resignation of three members.
I have had numerous meetings with Sunny and the Policy Advisers to the MAG over the last sixteen months and whilst Sunny can be polarising, you certainly can’t fault his commitment and passion towards the cause of reducing the impacts of retail crime.
Putting personalities (and politics) to one side, the effectiveness of the MAG should be judged on the outcomes achieved and in that respect they have delivered. They have made five recommendations to Minister Goldsmith and three of those have been adopted and are working their way through the legislative processes, and the other two are still under review.
The MAG has two reports still to submit, and both will significantly impact onto the security industry.
The first concerns the greater use of FRT (Facial Recognition Technology) in controlled retail settings and the second will provide recommendation on increased powers for security officers around search and detainment of offenders.
As reported in our last newsletter, the NZSA has provided significant input into both of these issues and I’m very confident that the final recommendations being put forward to the Minister will be very closely aligned to the positions we have promoted, namely that any additional powers MUST be reinforced with an appropriate training and licensing regime.
On 13 April 2024, Joel Cauchi attended Westfield Bondi Junction (WBJ) and about 3.30pm, commenced an attack during which he stabbed 16 people in just under three minutes. Six of the victims tragically lost their lives that day. Approximately six minutes after Mr Cauchi commenced his attack, he was fatally shot by a member
of the NSW Police who had attended in response to calls from emergency services.
An inquest was held into the deaths, and the findings of the New South Wales Coroner (Magistrate Teresa O’Sullivan) have recently been released.
Whilst a lot of the findings and recommendations within the report relate to Mr Cauchi’s mental health history and treatment, there are also pertinent findings (but no recommendations) specific to Scentre Group (owner operator of WBJ) and their contracted security provider (Glad Group). These findings obviously have relevance to those involved in operating and protecting crowded places, including the operators of venues and security providers.
In general terms, the Coroner found that Scentre Group’s security, emergency practices, policies and procedures were comprehensive and constituted excellent practice, including the use of contracted security officers to observe, report, and escalate incidents. Unfortunately, the efficacy of the practices, policies and procedures were somewhat compromised by the
unapproved promotion of one security officer into the key role of CCTV Control Room Operator (known as CR1).
In her report, the Coroner states “CR1 was not competent to be in the CCTV Control Room unsupervised on 13 April 2024. There is clear and cogent evidence before me that CR1 was not equipped to carry out the critical duties required of the CCTV Control Room Operator on 13 April 2024” and “I accept that CR1 being on duty in the CCTV Control Room unsupervised on 13 April 2024 was the result of deliberate managerial decisions made by Scentre and Glad. In placing her in that role on the day they were aware, or should have been aware, that she did not have the skills necessary to respond to the circumstances that arose on 13 April 2024.”
This certainly provides clear messaging on the obligations and responsibilities of both the venue operator and the security provider in ensuring that staff have the skills and competency needed in such circumstances.
The Combined Threat Assessment Group (CTAG) has adopted new language to define the national terrorism threat level.
The new definitions aim to explain the terrorism threat level in a more meaningful and accessible way for the public. NZSIS are also aware that some communities did not feel that the old definitions were a true reflection of the threats they faced.
The new definitions retain the five levels as previously used, but with new language for each level. Whilst the current threat level remains unchanged, the previous level of LOW has now changed to POSSIBLE under the new language.
For more information refer to the NZSIS website.
Threats to New Zealand are becoming increasingly borderless, and this is especially true in the cyber domain.
2026–2030
Embracing cyber security to enable innovation, drive a prosperous economy and protect our digital way of life
FEBRUARY 2026 | CYBERSTRATEGY@DPMC.GOVT.NZ
Adopting a whole of society approach is how we will build a cyber secure and resilient New Zealand.
The Department of the Prime Minister and Cabinet has released New Zealand’s Cyber Security Strategy 2026 2030 which provides a blueprint for collective action against cyber threats focusing on strengthening foundations and protecting our long term cyber security through four key objectives:
1. Understand: We are well aware of the cyber risks and how to protect ourselves.
2. Prevent and prepare: We manage cyber risks to prevent harm and are well prepared when incidents occur.
3. Respond: We react effectively and decisively to adverse cyber incidents.
4. Partner: Our resilience to cyber threats is bolstered by strategic and targeted cooperation.
The strategy can be found here
Bunnings win appeal re use of FRT (Facial Recognition Technology)
A recent decision by an Administrative Review Tribunal in Australia has found that Bunnings use of a facial recognition system was lawful. This overturns an earlier finding by the Australian Privacy Commissioner that the company had unlawfully collected personal information using facial recognition technology.
Bunnings position was that the implementation of facial recognition technology was specifically to keep
team members and customers safe and to prevent serious retail crime. The Tribunal found that the use was proportionate when used ethically and responsibly.
Whilst the decision does not directly apply to New Zealand, our Privacy Act 2020 very much mirrors the Australian legislation and does set some precedents for the use of the technology, and will no doubt be part of the recommendations being put forward by the Ministerial Advisory Group for Victims of Retail Crime (as mentioned earlier).
The NZSA fully supports this decision and backs the use of facial recognition technology, with appropriate controls, to combat serious retail crime and to protect staff, customers, and security officers from violence, abuse and intimidation in retail environments.
It also needs to be noted that the Tribunal upheld findings that Bunnings did in fact breach legislation by failing to manage the rollout of the technology in an open and transparent manner and by not adequately notifying customers that their images were being collected. It also found that Bunnings should have undertaken a formal, structured, and documented risk assessment addressing the privacy impacts of the system.
Several years ago, the NZSA and Master Electricians developed a joint position statement providing guidance on the application of legislation covering registration and licensing pertinent to electricians and security technicians.
The statement can be accessed here, but pertinent details include:
• A registered electrician is exempt from requiring a CoA as a Security Technician for the install or service of security systems including intruder alarms, access control and camera systems.
• Where a registered electrician for valuable consideration enters a premise (other than their own) for the purpose of selling a security system, or advising the owner or
occupier on having a security system installed, they are deemed to be acting as a Security Consultant and must hold a CoA in the category of Security Consultant.
• Where an electrical company has an employee acting as a Security Consultant and is required to hold a CoA in that class, it follows that the company must also hold a Company Security License in that category.
It is recommended that where an electrical company or registered electrician holds a licence or CoA as a Security Consultant, they should also include the Security Technician category when applying for the license or CoA.
Historically the majority of complaints about non licensed security providers related to electricians selling and installing security systems, however over recent years the convergence of IT, cyber and security services has seen many IT and cyber companies including security cameras within their service portfolios.
Unfortunately, many of these companies are either unaware of the licensing requirements under the PSP&PI Act 2010 or conveniently feign ignorance of the obligations.
The NZSA encourages our members to let us know about these operators so that we can proactively follow up and ensure compliance.
I currently receive on average of three to four complaints each month and where it appears that there may be genuine ignorance of the licensing, I contact the business owners, make them aware of the legislation and implications of being investigated, and request that they correct the situation by promptly submitting a licence application.
If subsequent follow up of the PSPLA Public Register (normally one month following) fails to record a license application I will escalate by submitting a written complaint to the PSPLA.
Where I am confident that the provider has knowledge of the licensing
requirements, I will immediately submit a written complaint.
All complaints received by the PSPLA are considered by the Registrar (Authority) and when considered to have merit and meet the complaint parameters they are forwarded to the CIPU (Complaints, Investigations and Prosecution Unit) team within the DIA for follow up and investigation.
Where the complaint is substantiated, the Registrar has a range of powers including fines (up to $60k for a company or $20k for an individual or sole trader), cancellation of licence or CoA, suspension, warnings or reprimands and imposing conditions.
For those who hold the view that the Act has no teeth, I would recommend reading through the complaint decisions published on the PSPLA website as they make for interesting reading and show that the Authority is not averse to cancelling or suspending licenses and imposing fines (even if well below the maximum levels stated). The case referred to in the next section further validates the level of fines and penalties now being imposed.
Unlicensed Auckland security operator handed hefty fine Details have recently been published of the conviction and fining of Capper Alefaio, the owner and operator of Great One Security Limited.
Mr Alefaio pleaded guilty to three charges under the Private Security Personnel and Private Investigators Act 2010 and one charge of obtaining by deception under the Crimes Act 1961 when he appeared in the Auckland District Court and was fined $14,000 and sentenced to 180 hours of community work.
The Chief Investigator for the Complaints, Investigation and Prosecution Unit at the Department of Internal Affairs, Marty Greentree, stated that Mr Alefaio had unlawfully provided crowd control and property protection services for two years and the fine and sentence is a reminder to anyone providing unlicensed security services that if you break the law you will be held accountable.
Despite widespread communications since 2023, there have been recent reports of customers being surprised and caught unaware that their security or health alarm, navigation system or other devices reliant on cellular connection may be compromised by the network 3G shutdowns.
It is our understanding that 2Degrees completed its shutdown in early February and One NZ will be completed by mid‑March with Christchurch (3 March), Auckland (10 March) and Wellington (17 March) still pending.
Australia
Standards New Zealand have signed a new Standards Development and Distribution Agreement and Standard Operating Procedures, supporting a more coordinated trans Tasman standards system.
With over 2,000 joint standards in place, this will provide a more efficient and transparent system, and when participating in review committees, smoother collaboration, clearer expectations and stronger support for delivering high quality standards.
The NZSA supports joint standards and with the voluntary support of members, we have had significant engagement and input into the current review of AS/NZS2201.1.2007 Design, installation, commissioning, and maintenance of intruder alarm systems in client premises. The original Standard was well dated and the review, which is nearing completion, will provide fit for purpose guidance for current technology and processes.
In 2024 the NZSA launched a Board Cadet programme where we have the
opportunity for representatives from two member organisations to join the board in a non voting capacity.
The programme is targeted at talented individuals who have been identified as having leadership potential and have a strong interest in developing their own skills and capabilities, particularly in governance based roles, and are focused on raising standards across the industry.
We have also found that the programme has bought greater diversity around the board table and has enabled board members to actively encourage, support and develop individuals who have the talent and capability, but may not normally have the opportunity for appointment to board positions.
Our original Board Cadet appointee, Joel Walsh, will complete his two year term in the next few months and we will shortly begin advertising for his replacement, with appointment effective at this year’s AGM.
Watch out for our communication seeking nominations, but in the interim if you have any questions on the role or the selection process, please feel free to reach out to me on gary@ security.org.nz.
This bill is currently before government and has passed its first reading. There are several key components to the bill.
The first involves a move away from an approach of expecting everyone to address every possible risk, towards one in which WorkSafe provides guidance on the critical risks a workplace must address to meet their obligations under the Act.
The second promotes the adoption and use of industry specific ACOPs (Approved Codes of Practice). The bill looks to make ACOPs “safe harbours” for compliance, meaning that if a business has followed their sector’s ACOP, they have done enough to meet their health and safety requirements, and cutting out confusion about whether they’ve met their obligations.
This seems to be a logical decision that will ease costs of compliance without compromising safety outcomes and the good news for the security industry is that we have a quality ACOP already in place and readily accessible. The NZSA developed the Security Industry Good Practice Guideline approximately five years ago with input from WorkSafe and industry stakeholders and can be found on the NZSA website.
We are currently well into planning for a follow up to the Security of Crowded Places Forum that we hosted in July last year.
This year’s Forum will be held on 21 and 22 July and again located at Eden Park in Auckland.
This is a “must attend” for the owners and operators of venues and crowded places, and security providers, and attendance numbers will be limited. More information will be provided over the next few months, but I strongly recommend that you lock the dates into your diary.
NZSA Membership renewals will be sent out next month. We have applied a 3% increase to the annual subscription in line with CPI.
As always, we welcome all comments and feedback on NZSA or industry issues and activity.
We live in a dense jungle of rules that can be irksome and ineffective. What we need is more authority, writes University of Auckland Professor Natasha Hamilton-Hart in a new book.
“Rules, I have come to believe, can be stupid. Rules are stupid when they prevent us from delivering what we are supposed to get done,” writes University of Auckland Professor Natasha HamiltonHart in her new book Stupid Rules: Reducing Red Tape and Making Organisations More Effective and Accountable
It may be an odd time to be arguing for fewer rules and more authority, admits the Business School academic, but, she says, as strange as it may seem, authority is what we need more of.
“Nobody wants to be governed by a deranged dictator or to work for a tyrannical boss, and rules beckon as a safeguard, a way of holding the powerful to account. The problem is that rules themselves don’t hold anyone to account”.
Stupid rules, says Hamilton Hart, are prevalent in all areas of society;
red tape restricts councils trying to do good by the environment, hotel managers specify the exact number of seconds housekeepers can hold eye contact with a guest, and senior leaders find themselves unable to progress projects due to cumbersome processes.
All too often, she says, modern organisations are structured along lines of responsibility and reporting, where those higher up actually lack the authority to get the important things done.
“If leaders can’t make decisions about who is part of their work team, for example, or about how they will do their work – if they lack the authority to assess work performance according to their own estimation of what is or is not adequate – then they lack crucial authority.”
The book argues authority is necessary if good rules are to work.
“Getting rid of rigid, restrictive, stupid rules requires us to accept a greater role for authority. This actually creates space for more freedom, as well as more efficient and accountable ways of getting things done.”
Authority is also necessary, Hamilton Hart writes, if we want people to have accountability for their decisions.
“A person hemmed in by rules acquires immunity from real accountability. This explains why, despite often grumbling about excessive rules, people sometimes resist initiatives that give them greater decision making authority.”
For more than 20 years, Hamilton Hart mostly studied systems of government and business in Southeast Asia: from bureaucracies to patrimonial systems.
After returning to New Zealand, she began looking into “supposedly developed countries” and how their rules and laws operated. She says despite scoring highly on measures of the rule of law and democracy, countries such as New Zealand seemed to be visibly struggling.
“After some years of living in God’s own country, it dawned on me that we had evolved rulebooks to provide legal cover for practices that were widely recognised as corrupt in the countries of Southeast Asia. But we didn’t call it corruption, because it was all perfectly legal.”
Alarm Watch has developed a new integration with Network Optix’s NX Witness, Wisenet Wave and Digital Watchdog Spectrum after deciding existing options weren’t delivering what was needed in the real world.
“We could see what we wanted,” said Alarm Watch CEO Wade Coneybeer, “but it wasn’t coming fast enough, and we were at the mercy of manufacturers to like our ideas, and do it on their time line.”
The decision to build the integration came from Alarm Watch’s strong monitoring background and its experience in working closely with technicians in the field.
“We know what works for operators, but we’re also influenced by technicians. That made it pretty clear what needed to be built.”
A big issue was the cost and friction of existing video verification setups. Many solutions are priced per camera or require extra hardware on site.
“That was becoming prohibitive for rollout. It slows everything down,” said Coneybeer. “But the new integration removes this friction.”
If a site already has NX Witness, Wisenet Wave or DW Spectrum, it can be connected without adding hardware or paying per camera.
Development of the platform kicked off last October. It was built by New Zealand Computing Solutions and launched in March.
Setup takes around 30 seconds. It also works with IRFast, so it integrates with Inner Range’s Concept and Integrity panels, which is important in the Australia and New Zealand markets.
One of the key features of the platform is AI filtering. Installers can type, in plain English, what they want the system to look for. When a clip is generated, AI reviews it first and only passes it to the operator if it sees something relevant.
“You type in what you’re worried about and it filters it before it even hits the operator,” says Coneybeer. “That saves time and cost.”
“It’s lightning quick and easy to use. We’re basically giving operators eyes on site,” he said. “Instead of working off signals alone, they can see what’s happening and act faster.
From an installer point of view, the integration makes every NX Witness, Wisenet or DW Spectrum system a potential source of recurring income. Even basic health monitoring can now be turned into a repeating sale.
In practice, one of the biggest wins is linking alarms to video. If an alarm trips, the system grabs footage
at the same time so operators aren’t working blind or sending guards unnecessarily.
It can also run purely off camera analytics, effectively turning a camera system into a monitored alarm.
“You don’t even need a traditional alarm system on site. We still get instant eyes.”
It is also useful scheduled checks, like confirming a gate is closed at certain times and only alerting if something is wrong.
“This isn’t about live streaming. Solutions like Actuate, Secury360 and Cawamo are built for that,” said Coneybeer. “This is about what happens after an event, or at key times, and making that information useful without overloading operators.”
The integration was launched at Alarm Watch’s Bureau Day in March and drew strong interest from installers. Feedback from that event is already shaping what comes next.
Milestone Systems announces significant advancements to its XProtect video management software (VMS) and BriefCam video analytics.
The XProtect App Platform, a new containerised application platform for VMS, and a new BriefCam analytics engine are designed to deliver increased reliability, more efficient hardware utilisation, and readiness for Generative AI and analytics.
New XProtect App Platform
The new XProtect App Platform is set to bring the latest VMS applications – including solutions such as AI, analytics, and access control – into a surveillance system without friction. According to Milestone Systems, the new platform amplifies existing infrastructure by enabling customers to unlock insight from new AI tools, customise their systems quickly and safely, and install updates without downtime.
Built on a Linux based, containerised architecture, the platform runs alongside
existing XProtect installations and extends what the system can do without changing how it operates. Because each application and service runs in its own container, isolated from the core VMS and from other apps, customers can install apps and updates without requiring a full system restart or disrupting live operations.
BriefCam analytics engine
BriefCam’s new engine has been redesigned to deliver scalable analytics capabilities – with significant improvements to real‑time processing, scalability, and workflow efficiency. With better resource utilisation, users will see an improvement of 38% in real time throughput. All processing can be run on premise with no cloud dependencies.
The new engine enables investigators to translate witness statements into searches using plain language instead of filters, identify key moments to reduce review time
and turn fragmented video into a connected narrative, and train BriefCam with custom categorisations to match their needs.
Keeping pace with AI growth
“The rapid growth of AI in video security has created an urgent need for platforms that can keep pace,” said Andrew Burnett, Chief Technology Officer, Milestone Systems.
“The XProtect App Platform and the new BriefCam engine are two major steps forward – giving organisations the flexibility to adapt quickly and confidently, as well as powerful on premise intelligence that doesn’t compromise data sovereignty or operational control.”
The XProtect App Platform runs applications from the Milestone App Center — the home for applications developed by both Milestone and our technology partners. The App Center enables customers to browse, test, and install verified applications that extend the capabilities of their XProtect VMS. This makes it easier to discover new functionality, add AI analytics, or test emerging innovations without risk to live operations.
To support this Milestone is introducing a new set of tools for developers and technology partners across the ecosystem. The Milestone Developer Portal consolidates everything developers need to build applications for the open platform in one place.
General availability is currently planned for late 2026.
The qualification develops and advances critical research, critical thinking and writing, analytical best practice as well as exploring relevant twentieth and twenty-first century intelligence operations. It is aimed at those wishing to develop advanced critical skills in relation to their existing or prospective intelligence sector careers in New Zealand.
Graduates of this year long programme will possess an advanced knowledge of intelligence analysis processes, be grounded in relevant previous operational intelligence experiences and have a critical understanding of the ethical and professional issues involved.
The programme of study consists of two 30-credit courses:
Qualification Requirements
Semester ONE, 294741: Intelligence in the International Security Environment
A critical examination of intelligence theory and practice, focusing on key concepts and methodologies of intelligence collection and analysis, analytical tools, frameworks and concepts applied to investigations and operations in the contemporary international security environment.
Course Controller:
Dr Rhys Ball, Centre for Defence and Security Studies (Auckland)
Semester TWO, 294744: Intelligence Operations
A comprehensive grounding in the operational intelligence environment in the second half of the 20th century, into the 21st century. Participants will consider the development of intelligence practices both in New Zealand and around the world, from the evolution of intelligence contributions from the end of World War Two, to the intelligence challenges of the 2020s. Intelligence operations are critically reviewed, including intelligence success and failure, espionage against friends and allies, and policing and private intelligence formats.
Course Controller:
Dr John Battersby, Senior Fellow, Centre for Defence and Security Studies (Wellington)
To enroll in this qualification, students must have been awarded or qualified for a relevant Bachelor's degree, or be able to demonstrate scholarly work in conjunction with extensive relevant professional experience for Admission with Equivalent Status.
For further information, please contact John: j.m.battersby@massey.ac.nz, or Rhys: r.ball@massey.ac.nz.
Daniel Toresen, new Chair of the New Zealand Institute of Private Investigators, has acknowledged Ron McQuilter, who recently stepped down after several years as Chair of the Institute.
“Ron’s work left the Institute in solid shape, and the current committee is focused on moving things forward with clear intent,” said Mr Toresen on LinkedIn.
“The connection between NZIPI and the broader security sector matters more than ever. We share common ground with NZSA on regulation, accountability and public trust, and strengthening those ties will be a priority during my time as Chair,” he said. “The work of professional investigators continues to change, and our standards and support structures need to keep pace.”
Mr Toresen highlighted the recent launch of the new NZIPI website as a genuine effort to improve how NZIPI communicates with members and the public. A members only area, which is currently in development, will provide practical tools and resources for day‑to ‑ day investigative work.
Regulator engagement is another area in which the Institute is stepping up its efforts. “With NZTA introducing annual declarations and spot auditing of Vehicle Register access, NZIPI has stepped in to help members meet those compliance requirements,” he noted.
“We now hold quarterly meetings with NZTA to work through operational issues and emerging concerns, providing a direct line for advocacy. Members are encouraged to raise challenges so they can be tackled collectively.
“The NZIPI Buddy System is also gaining traction. Designed so no member has to face a difficult situation
alone, it’s particularly useful for those dealing with PSPLA enquiries, but extends to broader mentoring and peer support across the profession.”
Mr Toreson stated that his focus as Chair is to support members, raise professional standards, and give private investigators a stronger voice within the security and regulatory landscape.
This year marks a double milestone for Brian Switalla — 20 years with FIRST Security and more than 40 years in the security industry.
Mr Switalla began his career in Dunedin in 1982 as a security guard and patrol officer. He progressed through the ranks, holding key roles in Christchurch and Auckland before moving into business development.
In 2017, he was appointed GM Strategic Accounts, where he oversees FIRST Security’s national accounts across Aotearoa.
“A respected leader and committed mentor, Brian has played a significant part in shaping the careers of many across our organisation,” stated an announcement by FIRST Security.
“Thank you, Brian, for your outstanding service, leadership, and commitment to FIRST Security over the past 20 years.”
Mike Metcalfe rejoins Milestone Systems
Milestone Systems has announced the return of Mike Metcalfe, who has rejoined the company as key account manager South Pacific.
Based in Australia, Mr Metcalfe will take responsibility for the New Zealand market while also developing
business across key industry sectors in Australia. He will focus on enterprise and public sector opportunities across Australia while supporting partner engagement and market development throughout New Zealand.
His remit includes sectors such as critical infrastructure, government, law enforcement, transport networks and large commercial environments.
Mr Metcalfe returns to Milestone Systems with experience gained in senior roles at Everbridge and Irisity, where he worked with a range of technologies including critical event management platforms, AI driven analytics and enterprise software systems.
The March ASIS New Zealand Chapter meeting featured speakers Ruth Tongotongo and Nicholas Dynon, who shared the journeys that led them to becoming finalists and winners of last year’s NZ The Outstanding Security Performance Awards (OSPAs).
Ms Tongotongo, who also won a Global OSPA, talked about the role of protector that she has carried with her since childhood, and the importance of hearing “no” – and turning it into an opportunity.
Mr Dynon spoke on the importance of professional certifications, such as the ASIS Board Certifications, and he encouraged his colleagues within the industry to submit nominations for industry awards, including the OSPAs and the NZSA’s New Zealand Security Awards.
“Overall, a brilliant session full of insights, honesty, and inspiration,” said Reck Diogo, ASIS International New Zealand Chapter Secretary. “If you’re in security and haven’t attended an ASIS Chapter meeting lately… consider this your friendly nudge.”
Thomas James has announced that he has joined Ron McQuilter CFE, Wayne Kiely and the team at investigations firm Paragon New Zealand.
“This transition is an intentional pre planned strategy to strengthen Paragon’s long term capability, particularly with adding the existing resources of both Secure Collections
& Investigations Limited and Tony Lowe Investigations in Wellington,” said Mr James in announcing the move.
Mr James is an experienced investigations and enforcement professional with over 12 years in the industry, specialising in private investigations, process serving, commercial debt litigation, and repossession services across New Zealand and Australia.
Quick thinking actions by Armourguard Security Officer
Anton prevented a potentially violent confrontation during a Waikato noise control incident, according to a recent Armourguard LinkedIn post.
“After issuing an Excessive Noise Direction at a property, Anton saw someone from that address aggressively approaching the complainant’s home, shouting threats of physical harm.
Anton recognised the imminent danger and acted swiftly by positioning his vehicle between the aggressive woman and the intended victim. At the same time, the aggressor’s husband—known to have gang affiliations—stood on the opposite side of Anton’s vehicle, adding significant risk to the situation.
Ultimately, Anton skilfully de escalated the situation, ensuring the complainant’s safety and preventing an assault
Wesco Anixter promotes Chris Fair
“I am absolutely over the moon to share that I have been made Director of Sales Wesco Anixter New Zealand at Wesco Anixter NZ!” Chris Fair announced recently.
“I have been extremely fortunate to have had the very best mentorship over the last 8 years here at Wesco Anixter NZ and consider it an absolute privilege to be given this role,” he said.
Mr Fair emphasised that he is looking forward to working even closer with Wesco Anixter’s channel partners and vendors and ensuring that the distributor “continues to lead the technology distribution market here in New Zealand.”
According to the International Security Ligue, 12 March is designated Global Cash Day, an international awareness initiative highlighting the continued importance of cash for consumers, businesses, and economies worldwide.
“Cash means freedom of choice, inclusion, safety, independence, resilience, and reliability,” said the Ligue’s Tanja Kulisch Ziemens. “In recognition of its value, we are proud to celebrate the first Global Cash Day.”
The global initiative aims to highlight the continued importance of cash by asking people to (first) withdraw cash and (second) use it for purchases on March 12.
The initiative also urges people to “tell others about the benefits of using paper money in today’s digital age, like maintaining privacy, helping the poor, and providing resilience during natural disasters, and power outages,” explained Professor Jay Zagorsky at Boston University’s Questrom School of Business in an announcement video at the campaign’s website.
By sharing participation online with the hashtags #getcash and #paycash, people can amplify the popular movement to ensure cash remains accessible and universally accepted and is additional evidence of a growing backlash against governments and businesses pushing a cashless future, stated the Ligue.
The Government Communications Security Bureau (GCSB) has announced the appointment of Catriona Robinson as the head of the National Cyber Security Centre (NCSC).
“I am delighted Catriona will be leading the NCSC,” said Director General GCSB Andrew Clark.
“Catriona brings extensive leadership experience, the ability to work collaboratively with domestic and overseas partners and stakeholders and has a strong commitment to service and integrity.”
“Catriona has worked in a range of national security roles across the public service and understands New Zealand’s National Security system. She is well prepared to lead the NCSC in its work providing cyber security services to all New Zealanders.”
Ms Robinson is currently the Associate Deputy Secretary Immigration at the Ministry of Business, Innovation and Employment (MBIE). Prior to this, she was General Manager Operations for Immigration New Zealand.
Preceding her time at MBIE, Ms Robinson spent five years at the Department of Prime Minister and Cabinet (DPMC) as the Director of National Security Systems.
Ahead of starting her new role, Ms Robinson said she is committed to the purpose of the GCSB and understands the importance of the role NCSC plays in cyber security.
“The continued advances of technology means NCSC’s operating environment is often dynamic and fast paced, and I am looking forward to leading the team in the great work they do.”
Ms Robinson will commence her new role on 26 March.
After over four decades in the security industry, Charlie O’Donnell has announced his retirement effective 01 April.
“Over this period I have had the privilege to work in the Commercial and Public sectors, in both management and consulting roles. I have for many years been involved with a few professional entities as a member and volunteer, including ASIS International and ASIS New Zealand,” he wrote in a LinkedIn post.
“I know I leave this industry in much better shape than when I joined it and I hope that in some way I have contributed to that.”
“I wish to thank my employers and my customers, past and recent, thank you for the opportunities presented to me, the trust and confidence bestowed, and for the learnings and knowledge, it has been vast over these many years and has majorly contributed to the skills and results that I have been able to return to you.
“Thank you to the Business partners, Manufacturers, Distributors and Integrators of this great industry, and to my industry friends and colleagues, you have all supported me in many ways through my journey and for that I am eternally grateful.”
Many were quick to post their comments in response to the announcement.
Daniel Talbot, SVP at Luxriot Technologies referred to Mr O’Donnell as “one of the industry’s great leaders. “Your professionalism & business acumen is first class and you will be leaving a great legacy,” he wrote.
“Happy retirement Charlie,” wrote ASIS International New Zealand Chapter great Rehan Du Toit. “It was a privilege to know and work with you. You have made huge contributions to the NZ security industry, and we are forever grateful.”
“I look forward to my next adventure working our little piece of rural paradise,” quipped Mr O’Donnell. “It will be busy with a lot of new skills to hone, all unhurried projects.”
New Zealand Security Magazine whishes Charlie all the best on his retirement and thanks him for his contribution to the industry.
Red Badge Group recently celebrated “two incredible wāhine” – Francesca Hindmarsh and Maia Te Whaiti.
Both Red Badge employees have graduated from the Upskills He Muka Tangata Wāhine Toa programme, a leadership course designed to empower frontline Māori
wāhine leaders, earning their Level 4 NZ Certificate in Business after six months of study.
“This milestone is not just about qualification, but about leadership, resilience, and stepping forward with confidence,” stated the update from Red Badge Group.
“A special thank you also to the managers who supported them along the way – Ash, Ruby (and Kitiara), John and Andy – for creating the space and support needed to balance work, study, and noho marae commitments. The feedback from organisers spoke volumes about the support behind them.
“We’re incredibly proud of Fran and Maia and excited to see where this journey takes them next.”
The Australian Security Association (ASIAL) is calling on “pioneers, strategists, and thought leaders” to join the Security ASIAL Conference 2026 as speakers.
Taking place from September 2 4, 2026, at the ICC Sydney, the event will bring together “the brightest minds in security to address the challenges of our rapidly evolving landscape.”
ASIAL is looking to speakers to share their insights on critical topics such as advanced threat intelligence and cybersecurity strategies, emerging technologies, integration of AI and machine learning in security systems, risk management and compliance in a changing regulatory environment, resilience planning for critical infrastructure, and sustainability and diversity in security panel discussions.
Speakers stand to benefit by establishing themselves as a thought leader in the security industry, gaining exposure to a diverse audience of security professionals, decision makers, and innovators, and contributing to the advancement of security standards and best practices. Learn more here .
Employers are facing increasing and shifting substance use risks across New Zealand’s regions, according to a recent quarterly report from The Drug Detection Agency.
TDDA recommends that companies review and update substance use policies at the start of the year, ensure pre-employment testing is embedded into recruitment processes, and maintain regular random testing programmes. That’s based on the results published in its most recent quarterly workplace drug trends report. The company, which provides a workplace substance testing, education and policy service, found:
• Cocaine detections rose sharply by 148% quarter on quarter, now present in 3.7% of positive tests (up from 1.5% in Q3).
• Cannabis remains the most prevalent substance, present in 67.5% of positive tests, easing 3.6% from its Q3 peak.
• Amphetamine type substances (ATS) were present in 24.5% of positive tests (up 1.2% from Q3).
Regionally, it reported, trends are diverging. Cocaine rose sharply in Bay of Plenty, Auckland West and Waikato, ATS increased across several regions, while cannabis eased in many areas after its Q3 peak, with some rebound in Gisborne and Canterbury.
In Q4, 4.01% of screens conducted by TDDA indicated the presence of drugs (Q3: 3.75%). Although cannabis remains the most prevalent substance detected in workplace drug testing, detections of it eased in many regions following a Q3 peak, and ATS detections reflected a modest quarter on quarter increase.
Among all positive TDDA results, the most prevalent substances detected were:
• Cannabis: present in 67.5% of positive tests, down 3.6% from 71.1% in Q3 2025.
• ATS, including methamphetamine: present in 24.5% of positive tests, up 1.2% from 23.2% in Q3 2025.
• Opioids, including oxycodone: present in 18.6% of positive tests, up 0.02% from 18.6% in Q3 2025.
• Benzodiazepines: present in 2.9% of positive tests, up 0.7% from 2.2% in Q3 2025.
• Cocaine: present in 3.7% of positive tests, up 2.2% from 1.5% in Q3 2025.
The data points to three broad shifts in substance use patterns nationwide: (i) increasing regional divergence in amphetamine type substances (ATS), (ii) easing THC
(Cannabis) detections after a Q3 peak, and (iii) a concerning rise in cocaine, significantly in Bay of Plenty, Auckland West and Waikato.
“We warned employers in previous quarters that cocaine use was increasing across the nation, and Q4 data shows that this trend nearly doubled over the festive season,” said Glenn Dobson, CEO of TDDA.
“This increase was particularly evident in Bay of Plenty, Auckland West, and Waikato. Businesses in the Bay of Plenty area need to take action immediately, as cocaine detections, which barely registered previously, rose to 9% of positive tests.
Cocaine causes overconfidence, reduces focus and concentration, correlates with bad judgement and causes erratic behaviour. If you’re doing business in an affected region, employee education and testing are immediately advised. There’s significant risk for businesses with heavy machinery, you don’t want your workers operating chainsaws while on cocaine.
Q4 data shows that drug trends are increasingly diverging by region. ATS recorded sharp increases, particularly in Auckland West, Gisborne, Hawkes Bay, Northland, Southland, and Wellington, while easing in some areas including Canterbury, Manawatū Whanganui and Taranaki.
Cannabis detections declined in many regions after peaking in Q3, although some areas, including Gisborne and Canterbury, experienced a bounce back. Opioids use also increased across multiple regions, especially in Otago, Taranaki, Tasman and Wellington, reinforcing the need for closer monitoring.
“What this data reinforces is the need to stay proactive,” said Dobson. “As the year gets underway and businesses recruit, onboard new staff, or adjust workforce needs, clear expectations become critical.
Fit for purpose substance use policies, supported by pre employment testing, regular testing programmes, and ongoing training and education, help organisations manage risk early and prevent issues from arising on the job.
“When growth in detection continues across successive quarters, or when drug trends change significantly, it’s a signal employers shouldn’t ignore,” Dobson said.
“As summer months continue past the holidays, the priority is stopping trends from becoming established behaviours in your workplace. That requires clear expectations through policy, consistent testing, and early intervention, particularly as people move into new roles or return to work after long weekends.”
According to TDDA, employers should review and update substance use policies at the start of the year, ensure pre employment testing is clearly embedded into recruitment processes, and maintain regular and random testing programmes.
They also recommend that employers invest in training and education to empower managers to identify when testing is appropriate, particularly following extended leave periods or during onboarding.
With people moving between roles and workplaces, a proactive approach to policy review, pre employment testing, and workforce education can help employers reduce risk, protect their people, and maintain safe workplaces throughout the year.
Tests from 27 sterile clinic locations and over 60 mobile clinics throughout New Zealand were used. All tests were taken between 1 October and 31 December 2025. Data from preemployment, post incident, regular and random testing was combined. Testing methods included urine and oral fluid screening.
Data is anonymised and aggregated using TDDA’s Imperans system, an IT platform for testing services, data recording, and reporting. The company tests for amphetamines, benzodiazepines, cocaine, methamphetamine, opiates and opioids, cannabis, and synthetic drugs.
Established in 2005, TDDA has 300 staff across 90 mobile health clinics and 65 locations throughout Australasia.
A pioneering technology developed by South Australia’s Flinders University delivers low cost, sustainable, repairable and recyclable lenses for infrared imaging.
A high-performance lens for infrared cameras invented by Flinders University researchers is emerging as a lower cost, more sustainable option for industries that use thermal imaging cameras, including security and surveillance, electronics, defence and autonomous vehicle operation.
The new infrared thermal imaging lens, made from readily available and low cost sulfur and other materials, replaces the need for traditional lenses which use expensive elements such as silicon and difficult to source germanium, according to new research in high ranking international journal Nature Communications . Thermal imaging cameras, which detect infrared light emitted from hot objects, are expanding in many practical applications and advanced technologies – from fire detection and wildlife monitoring and driver assist or self driving features in cars to energy saving smart appliances.
“As demand for thermal imaging in consumer products rises, there is an increasing need for lower cost optics. Our polymer lens provides a more sustainable alternative to more expensive inorganic materials such as germanium, silicon or chalcogenide glass,” said project director Professor Juston Chalker from Flinders University.
This new polymer can be moulded like a plastic – a critical capability for mass production – and made from abundant and low cost elemental
sulfur, and an organic co monomer material.
According to Professor Chalker, millions of tonnes of surplus sulfur are produced every year, and the goal is to convert this abundant byproduct from petroleum refining into value added materials and sustainable technologies.
“Some of the traditional lenses made from germanium cost hundreds or thousands of dollars and cannot be repaired if damaged. In contrast, our polymer lens is made from materials that are significantly cheaper. Even more, our polymer lenses can be moulded rapidly like a plastic for mass production, and they can be repaired and recycled,” he said.
“In fact, the raw materials used to make this lens can cost less than 1 cent per unit, so it represents an extremely cost effective, competitive alternative for the thermal camera and sensor market.”
According to first author Dr Samuel Tonkin, the latest advances of the new
lens will expand its appeal and use in consumer products such as smartphone IR cameras, fire detectors, driver assist technology to detect pedestrians and animals at night and energy saving air conditioners which increasingly rely on thermal imaging.
“This pioneering Flinders technology addresses the challenges by being low cost, sustainable, repairable and recyclable.”
The research team is working with collaborators at NASA to guide its use in imaging applications relevant to planetary science.
“This research is another big step forward in performance for this class of polymers,” added coauthor Dr Harshal Patel. “Once these imaging systems reach consumer level prices, they may be commonplace in fire detection systems, smart appliances, and other technologies. I’ll personally be using them to search for wildlife.”
ASIS accredited certifications can help you reach your career goals.
Validates your ability to conduct security investigations through the effective use of surveillance, interviews, and interrogations. Designed for those with 5 years of related experience.
• Provides independent confirmation of your specialized skills in security investigations
• Gain global recognition by your peers and industry
• Get a competitive edge in the marketplace
• Enhance your career and earnings potential
• Enjoy personal satisfaction and professional achievement
Be one of the many ASIS board certified practitioners who are leaders, mentors, and trusted strategic partners, serving both their organizations and the profession.
“PCI is an important element in the ASIS C ertification programme, dovetailing into both CPP a nd PSP for a comprehensive understanding of broader security industry objectives. An effective and reliable investigation depends on objectivity, thoroughness, relevance, accuracy and timeliness. PCI helps identify critical investigative outcomes, including evidence collection, case management, and the process of offender detection, iden tification, interview and prosecution. Good physic al security designs, together with robust policies and procedures are key elements in a successful investigation. The PCI certification p rov ides an insight into how these pieces interrelate."
- D avi d H orsburgh, MSc CPP PSP PCI
• Build a strong, dedicated team committed to high standards and continuing professional development
• Promote ongoing education of critical job knowledge and skills
• Feel confident that your staff are using best practices
• Recruit the most qualified professionals
• Reinforce or elevate your organization’s reputation and credibility
Increase the competency level of your staff by supporting your security professionals in their certification journey.
