NZ Cybersecurity Firm wins top international award as NZ security chief warns of rising cyber espionage threats

Embargoed until 6am Thursday November 20, 2025

DEFEND recognised for world-leading cybersecurity while keeping focus on protecting New Zealand

In 2017, friends Nigel Everett and Wenzel Huettner were convinced advanced cybersecurity could be implemented more efficiently and effectively. So they started DEFEND to act as an accelerator, not a handbrake, for New Zealand organisations navigating an increasingly complex digital world.

They backed Microsoft’s cybersecurity software, which would soon become world-leading, and were the first cybersecurity firm in the world to achieve all four Microsoft’s Security Advanced Specialisations. Wenzel Huettner, now Chief Technology Officer, has been leading the technology strategy of DEFEND. He says that “effective cybersecurity has always been about enabling organisations to deliver their services securely and being clear that cyber resilience is a business challenge. The partnership between DEFEND and Microsoft has always been key to that by enabling businesses to securely embrace cloud, AI, and productivity services”.

Fast-forward to 2025 and DEFEND employs more than 140 staff across New Zealand, is the trusted cybersecurity partner for some of New Zealand’s most notable companies and government departments, and has just this week beaten some of the world’s largest IT and cybersecurity companies to be announced global winner of Microsoft’s Security Partner of the Year.

DEFEND won Microsoft’s Security Partner of the Year award after submitting a case study where it embedded top cybersecurity software for a NZ government department, including defensive agentic AI.

Chief Operating Officer Shiv Prasad has worked in the business from DEFEND’s early days and has travelled to Microsoft’s Ignite Conference in San Francisco where the awards are being announced. He says the key to DEFEND’s success is a continued focus on ensuring a cyber-resilient New Zealand.

“At DEFEND we’ve always had a kiwi mindset of doing what needs to be done to stay ahead of international cybercriminals here in New Zealand. It’s quite humbling to find out that while we’ve had our heads down we’ve been recognised as a global leader.”

Prasad says cybercrime is growing rapidly and is increasingly sophisticated, noting New Zealand’s Security Intelligence Service Chief recently urged the private sector to step up its cybersecurity as part of a broader national effort to safeguard the economy against increased cyber espionage attempts from foreign actors.

“Cyber criminals have budgets many times New Zealand’s annual GDP, and with the emergence of new technologies such as agentic AI, these threats are only increasing in frequency and intensity. These can cause a lot of strife for Kiwi organisations, in some cases more catastrophic than a natural disaster like an earthquake or flood.

“Without robust cybersecurity in place, businesses can unwittingly provide a back door for foreign cyber espionage agents seeking sensitive state data, so there is still a lot of work for DEFEND to do in the private sector.”

It’s not DEFEND’s first award, having won back-to-back national awards across 2020, 2021 and 2022. However, it is DEFEND’s first international award and is the only company in Australasia to have won it.

In 2022, DEFEND caught the eye of One NZ who bought a majority stake in the business and in 2023 deployed DEFEND’s sophisticated threat management system, SHERLOCK, across One NZ’s network to block spam texts and cybercrime attempts.

In February 2025, Greg Patchell was appointed as CEO. He says he is “incredibly proud of the team”.

“To be recognised on the global stage with this award is an incredible achievement not only for our team but for New Zealand. It proves that world-leading cybersecurity can be delivered right here and NZ organisations can work with a New-Zealand-based security partner that meets the highest international standards.”

He says that while DEFEND’s growing reputation has resulted in taking on international clients, they have always had a focus of ensuring a cyber-resilient New Zealand.

“The reason we started was to keep New Zealand safe from cybercrime and that’s not changing any time soon.”

ENDS

Shiv Prasad is available for interviews from Microsoft’s Ignite Conference in San Francisco on Thursday November 20 from 6am:

• The need for businesses to help protect NZ against cyber espionage
• The three main cyber threats: Crime, Espionage and Hacktivism
• The Top 5 trends in cybercrime and cybersecurity in 2025

For interviews contact:
John Watson
021 564 653
john@goodmahi.co.nz

Information For Editors: New Zealand Businesses Urged By NZ Security Chief To Step Up Cybersecurity To Help Protect Against Cyber Espionage

• New Zealand’s Director-General of the New Zealand Security Intelligence Service (NZSIS) recently urged the private sector to step up cybersecurity as part of a broader national effort to safeguard the economy against increased cyber espionage attempts from foreign actors, who target businesses as a weaker back-door into government departments. “The increasingly porous boundary between public and private sector vulnerabilities has sharply elevated the stakes for corporate New Zealand, particularly as foreign espionage grows more sophisticated.”
• “The NZSIS sees “multiple examples of foreign states conducting espionage to seek covert access to a range of information from Government policy positions to technological innovations and research.”
• Government Communications Security Bureau (GCSB) director-general Andrew Clark also recently revealed the increasing threat, saying: “New Zealand has recorded around one serious cyber incident a day over the past year, with state-backed hackers behind roughly a quarter of them.”

Information For Editors: Top 3 Cyber Threats

• Cyber Crime: Motivated by financial or personal gain, Includes identity theft, ransomware, fraud, hacking, and online scams. Example: Encrypting company data and demanding ransom
• Cyber Espionage: Typically conducted by governments or state-sponsored actor, and motivated by political, military, or economic gain. Example: Stealing trade secrets or defense plans from another country
• Cyber Hacktivism: Unauthorized digital defacement or disruption of websites, systems, or data, usually intended to cause damage, embarrassment, or make a statement rather than financial gain. Example: Replacing a government website’s homepage with a political statement

Information For Editors: Top 5 Trends In Cybercrime & Cybersecurity 2025

1. The cyber battlefield is increasingly AI vs AI. Agentic and generative AI are being deployed both offensively by cyber-criminals, and defensively by cyber-security firms. Generative AI can create convincing phishing emails, deep-fakes, or malicious code at scale, giving cybercriminals new tools to deceive and attack. At the same time, defenders are using AI to fight back, developing agentic AI systems that can analyse threats, automate responses, and adapt in real time.
2. The new security perimeter is around you, not the office: As more businesses move to the cloud, office networks and firewalls no longer cut it. Security now follows the user and the device.
3. Supply chain and third-party risks are rising. Put simply, cybercriminals are increasingly targeting third-party suppliers as a way to reach larger organisations, for example by impersonating a customer, contractor, or service provider.
4. Regulation and board-level accountability are increasing. Governments are introducing tougher cybersecurity and privacy laws, and boards are being held more accountable for cybersecurity breaches. Security is no longer just an IT issue, it’s a governance, compliance, and reputation issue.
5. Zero Trust is the new approach: Organisations are moving to a Zero Trust model — never automatically trusting any user or system, even inside their own network. That means as well as multi-factor authentication, there is continuous monitoring of users and devices, and ring-fencing networks, meaning that if one IT system or department goes down, other systems or departments aren’t affected.

Information For Editors: The Recent Un Convention Into Cybercrime

Sixty five countries signed the first global treaty to combat cybercrime—the UN Convention against Cybercrime—last month on October 25, 2025. The treaty aims to create a framework for
international cooperation, establish legal standards, and enhance countries’ abilities to respond to crimes committed online.

• Creating a framework for international cooperation: Facilitating cross-border investigation and prosecution of cybercriminals.
• Establishing legal standards: Setting consistent definitions and laws for cybercrime across participating nations.
• Enhancing countries’ abilities to respond to online crimes: Strengthening law enforcement, cybersecurity infrastructure, and judicial mechanisms.
• Promoting information sharing: Encouraging nations to exchange intelligence on cyber threats and criminal activity.
• Protecting individuals and organizations: Aiming to safeguard personal data, financial systems, and critical infrastructure from cyber attacks.
• Encouraging capacity-building: Supporting less-developed countries in improving their cybersecurity and legal frameworks.