cybersecurity expert put it plainly<\/a>: “Too much of cybersecurity is focused on lower consequence breaches from financially motivated enemies, while we’re increasing our exposures to nation states and other enemies who seek to disrupt and destroy.”\u00a0<\/p>\nThis is a wake-up call for local businesses,\u00a0 many of which operate as part of international supply chains, use US-based cloud platforms, or partner with companies that do.<\/p>\n
[\/et_pb_text][et_pb_text _builder_version=”4.27.6″ _module_preset=”default” custom_padding=”20px|20px|20px|20px|false|false” border_radii=”on|10px|10px|10px|10px” border_width_all=”2px” global_colors_info=”{}” theme_builder_area=”post_content”]<\/p>\n
The Attack Vector: Email First, Everything Else Second<\/strong><\/p>\nSecurity experts confirm that phishing remains Handala’s primary attack method. That means that one of the most sophisticated geopolitical cyberattack of 2026, one that crippled a $25 billion global company, almost certainly began with someone clicking a link in an email.<\/p>\n
Stryker’s own statement confirmed a severe, global disruption across its Windows environment impacting both client devices and servers. <\/span>\u00a0The attack targeted the Microsoft environment.\u00a0 That’s the same platform most New Zealand businesses run their operations on every day.<\/p>\n[\/et_pb_text][et_pb_text _builder_version=”4.27.6″ _module_preset=”default” global_colors_info=”{}” theme_builder_area=”post_content”]<\/p>\n
What This Means for Your Business<\/strong><\/h2>\nThe Stryker incident reinforces three disciplines that Kinetics has long advocated for local businesses:<\/p>\n
Assume you are a target.<\/strong> Threat actors scan broadly. Being a smaller business in New Zealand is not a shield.<\/p>\nYour people are your perimeter.<\/strong> Security awareness training isn’t a box-ticking exercise. It is the difference between a suspicious email being deleted and an organisation being taken offline.<\/p>\nBusiness continuity must be tested, not just documented.<\/strong> Stryker had continuity plans in place. The question is whether yours would hold up under a real-world disruption at scale.<\/p>\nBuilding Resilience Before You Need It<\/strong><\/p>\nKinetics’ KARE Foundation service is designed precisely for this environment.\u00a0 It’s layered, proactive cybersecurity that addresses not just technical vulnerabilities but the human and operational factors that sophisticated attackers exploit. From managed endpoint detection and response to security awareness training and backup integrity, it’s the foundation that gives businesses confidence when the threat landscape shifts, as it has this week.<\/p>\n
The lesson from Stryker isn’t that every Kiwi business should be afraid. It’s that being prepared is a business decision, not just an IT one.<\/p>\n
[\/et_pb_text][\/et_pb_column][et_pb_column type=”2_5″ _builder_version=”4.27.6″ _module_preset=”default” background_color=”rgba(61,61,61,0.1)” custom_padding=”10px|10px|10px|10px|false|false” border_radii=”on|10px|10px|10px|10px” border_width_all=”1px” box_shadow_style=”preset1″ global_colors_info=”{}” theme_builder_area=”post_content”][et_pb_text _builder_version=”4.27.6″ _module_preset=”default” hover_enabled=”0″ global_colors_info=”{}” theme_builder_area=”post_content” sticky_enabled=”0″]<\/p>\n
4 methods to test your BCP<\/h3>\n
1. Tabletop exercise<\/strong>\u00a0Gather your leadership team and IT around a table. A facilitator presents a scenario: “It’s 8am Monday. Half your staff can’t log in. Your IT team finds the Handala logo on login screens. What do you do?”<\/em> Walk through every decision. Who do you call? What’s the chain of authority? Where are the phone numbers stored? Are they in a system that’s now offline?\u00a0 \u00a0This costs almost nothing and reveals gaps immediately.<\/p>\n2. Component testing<\/strong> Test individual pieces in isolation. Can you actually restore from your backups? How long does it take? Is the restored data complete? Many businesses discover at this point that their backup regime looked good on paper but the restores are partial or weeks out of date. (KARE Backups are regularly tested)<\/p>\n3. Parallel recovery simulation<\/strong> Run a simulated recovery alongside<\/em> normal operations.\u00a0 Don’t take production systems offline, but work through the recovery process as if you had to, measuring time and identifying blockers. This gives you realistic recovery time estimates without the risk of a full cutover.<\/p>\n4. Full simulation (red team\/live fire)<\/strong> The most rigorous test: an external party attempts to simulate an attack while your team responds in real time. Expensive and disruptive, but for businesses with genuine high-stakes dependencies (finance, healthcare, critical infrastructure supply), it’s the only way to know for certain.<\/p>\nThe questions your test must answer<\/h3>\n
Regardless of method, a cyberattack-specific BCP test should stress-test these specifically:<\/p>\n
Communications<\/strong>: If email and Teams are down, how do you coordinate? Do staff know to go to a pre-agreed out-of-band channel (a personal group chat, a phone tree)? Is the phone tree stored somewhere other than the systems that are offline?<\/p>\nAuthority and decisions<\/strong>: Who is authorised to shut down systems? To communicate externally with customers? To engage a cyber incident response firm? Decision paralysis in the first hour of an attack causes enormous additional damage.<\/p>\nData recovery hierarchy<\/strong>: Not everything can be restored at once. What comes back first?\u00a0 Is that priority list documented and agreed before<\/em> an incident?<\/p>\nVendor and partner notification<\/strong>: Which of your suppliers or customers need to be told, and how quickly?<\/p>\n[\/et_pb_text][\/et_pb_column][\/et_pb_row][\/et_pb_section]<\/p>\n","protected":false},"excerpt":{"rendered":"
Lessons from the Stryker Cyberattack A global medical technology company. 56,000 employees. Operations in 60 countries. And in March 2026, systems wiped across every one of them \u2014 not because of a data breach or ransomware, but because of a school bombing in Iran. Employees of Stryker Corporation arriving at work found an unfamiliar black-and-white […]<\/p>\n","protected":false},"author":5,"featured_media":11716,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_et_pb_use_builder":"on","_et_pb_old_content":"","_et_gb_content_width":"","footnotes":""},"categories":[4,5],"tags":[],"class_list":["post-16086","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news","category-security"],"_links":{"self":[{"href":"https:\/\/new.kinetics.co.nz\/index.php?rest_route=\/wp\/v2\/posts\/16086","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/new.kinetics.co.nz\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/new.kinetics.co.nz\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/new.kinetics.co.nz\/index.php?rest_route=\/wp\/v2\/users\/5"}],"replies":[{"embeddable":true,"href":"https:\/\/new.kinetics.co.nz\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=16086"}],"version-history":[{"count":0,"href":"https:\/\/new.kinetics.co.nz\/index.php?rest_route=\/wp\/v2\/posts\/16086\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/new.kinetics.co.nz\/index.php?rest_route=\/"}],"wp:attachment":[{"href":"https:\/\/new.kinetics.co.nz\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=16086"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/new.kinetics.co.nz\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=16086"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/new.kinetics.co.nz\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=16086"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}