Request for Information on the Use of CrowdStrike Software at Callaghan Innovation
john luke made this Official Information request to Callaghan Innovation
The request was successful.
From: john luke
Dear Callaghan Innovation,
I am writing to request information regarding the use of CrowdStrike software at Callaghan Innovation. Specifically, I would appreciate clarification on the following points:
1) Does Callaghan Innovation utilize CrowdStrike Falcon for cybersecurity?
If so, was a risk analysis conducted in compliance with ISO/IEC 27000 or other recognized methods outlined in the New Zealand Information Security Manual (NZISM) prior to the procurement of CrowdStrike Falcon? If available, could you please provide the timestamped document related to this analysis? Additionally, what is the annual cost of using CrowdStrike for Callaghan Innovation?
2) Was Callaghan Innovation affected by the 2024 CrowdStrike incident? If yes, how many computers and staff were impacted? Did any of the affected computers have access to personal information or customer tax data?
3) Were the CEO and executive leadership team of Callaghan Innovation aware of any risks associated with CrowdStrike Falcon before the 2024 incident?
4) Have any Māori businesses been refused R&D services from Callaghan Innovation due to an inability to guarantee data security as a result of using CrowdStrike?
I would appreciate your prompt response to these queries.
Yours faithfully,
John Luke
From: Ministerial Services
Callaghan Innovation
Tēnā koe John
Thank you for your email of 30 August 2024 requesting, under the Official
Information Act 1982, the following information:
I am writing to request information regarding the use of CrowdStrike
software at Callaghan Innovation. Specifically, I would appreciate
clarification on the following points:
1) Does Callaghan Innovation utilize CrowdStrike Falcon for cybersecurity?
If so, was a risk analysis conducted in compliance with ISO/IEC 27000 or
other recognized methods outlined in the New Zealand Information Security
Manual (NZISM) prior to the procurement of CrowdStrike Falcon? If
available, could you please provide the timestamped document related to
this analysis? Additionally, what is the annual cost of using CrowdStrike
for Callaghan Innovation?
2) Was Callaghan Innovation affected by the 2024 CrowdStrike incident? If
yes, how many computers and staff were impacted? Did any of the affected
computers have access to personal information or customer tax data?
3) Were the CEO and executive leadership team of Callaghan Innovation
aware of any risks associated with CrowdStrike Falcon before the 2024
incident?
4) Have any Māori businesses been refused R&D services from Callaghan
Innovation due to an inability to guarantee data security as a result of
using CrowdStrike?
I would appreciate your prompt response to these queries.
A decision on your request will be communicated to you on or before 27
September 2024.
Ngā mihi
Ministerial Services
[1]callaghaninnovation.govt.nz
References
Visible links
1. http://callaghaninnovation.govt.nz/
From: Ministerial Services
Callaghan Innovation
Kia ora John
Please find attached our response to your OIA request.
Ngā mihi
Ministerial Services
[1]callaghaninnovation.govt.nz
References
Visible links
1. http://callaghaninnovation.govt.nz/
Things to do with this request
- Add an annotation (to help the requester or others)
- Download a zip file of all correspondence
Offensive? Unsuitable?
Requests for personal information and vexatious requests are not considered valid requests for Official Information (read more).
If you believe this request is not suitable, you can report it for attention by the site administrators
Report this requestAct on what you've learnt
Similar requests
Overseas travel by government employees of Callaghan Fund & NZ Trade ad Enterprise
To Ministry of Business, Innovation & Employment by Perry Richardson
