DEFEND adds ISO 27701 Certification

Auckland, 06/06/2024

DEFEND Strengthens Privacy Resilience by adding ISO 27701 to Current SOC2 Type II and ISO 27001 Certifications

DEFEND, New Zealand’s leading cybersecurity provider, has successfully achieved ISO 27701 privacy certification, demonstrating a robust and embedded approach to privacy management across all operations. This milestone affirms DEFEND’s commitment to protecting personal data and ensuring compliance with both national and international privacy regulations. It provides clear assurance to customers and partners that privacy and the resilience of their supply chain is a top priority.

This certification builds on DEFEND’s existing ISO 27001 certification as well SOC2 Type II attestation. By adding this achievement, DEFEND is setting the standard in New Zealand for cybersecurity service providers and raising the bar for customer expectations. This is part of DEFEND’s commitment to building cyber resilient supply chains in alignment with the guidance from the National Cyber Security Centre (NCSC) which can be referenced here.

What is ISO 27701 and Why Does It Matter?

ISO 27701 is the internationally recognised standard for privacy information management. As an extension of ISO 27001, It establishes a robust Privacy Information Management System (PIMS), adding dedicated requirements and controls for the collection, processing, storage, and deletion of Personally Identifiable Information (PII).

This framework is designed for both PII controllers and processors, supporting compliance with regulations such as the New Zealand Privacy Act 2020, GDPR and other privacy laws worldwide.
With privacy regulations rapidly evolving and enforcement intensifying, organisations face significant risks, both reputational and financial, for non-compliance. ISO 27701 provides a clear, auditable path to compliance, reducing the risk of data breaches and regulatory penalties while building trust with all stakeholders.

Achieving ISO 27701 certification gives a competitive advantage by showcasing a mature, externally validated privacy Chief Technology Officer, Wenzel Huettner says: “At DEFEND we know all too well the supply chain risk faced by organisations today.

“We believe that our SOC2 Type II attestation combined with our ISO certifications sets the standard that service providers should aim for in providing privacy and cyber resilience reassurance and validation to their customers. We are all part of supply chains, and we all have an accountability to ensure we work together to improve resilience one link at a time.”