Artificial intelligence has the potential to become both a lifeline and a liability for modern organisations, as a revolutionary tool capable of spotting threats at lightning speed, but also the ultimate weapon in the hands of cybercriminals.
That’s why Spark, the country’s largest telecommunications and digital services provider, has a 100-person strong team employed to help keep its networks and customers safe from complex and evolving cyber threats.
“Too many people assume that they can just spend a million dollars and the job is done,” says Nyuk Loong Kiw, Spark’s Centre of Excellence Lead for Cyber Security, and a 23-year veteran of the company.
“But in cyber security, the defender must get hundreds of things right, while the attacker needs only to take advantage of one slip – one stolen credential or one overlooked vulnerability.”
Nyuk Loong Kiw, Spark’s Centre of Excellence Lead for Cyber Security
Short-circuiting malicious attacks
The result can be a data breach or ransomware attack that’s costly to fix and erodes trust in the hacked organisation. The rise of generative AI tools like intelligent chatbots able to spin up computer code and fake messages in seconds has only made it easier for hackers to supercharge their efforts to infiltrate networks and dupe victims into divulging their login credentials.
“Many Fortune 100 companies have invested billions in cyber security. They all eventually still get compromised in some way,” says Kiw.
For Spark, this hard truth means that detection is all-important, since no defence is infallible. Visibility and rapid anomaly detection are essential. This is where automation and AI become the cyber security team's best friend.
“Having a good security monitoring detection capability in place allows us to know that something's happened and do something about it quickly.”
Spark’s approach: Guardrails, testing, and automation
Spark’s cyber stance on AI includes technical guardrails around both commercially available AI like Copilot and ChatGPT, and their internally developed systems.
“Before we release our AI apps into production, we actually go through white box testing. We penetration test the heck out of it, handing the code to a ‘white hat’ hacker and telling them to go and find the loopholes.”
Spark doesn’t block staff from using unauthorised tools, knowing this only fuels the ‘shadow AI’ problem. “We know that people are looking to boost productivity with these generative AI tools. So we embrace good governance, publishing policies that offer clear guidance around the dos and don’ts if they are using these tools,” says Kiw.
Kiw stresses that cyber security is no longer just the domain of IT teams. Boards and executives need to view resilience as a business enabler – central to protecting trust, reputation and continuity in an unpredictable environment.
There’s a strong focus at Spark on automation, taking the mundane, repetitive tasks off the plate of the cyber security team so it can focus on detecting unusual, suspicious activity and responding to threats.
Spark’s efforts to detect phishing attacks – which see malicious actors try to trick victims into revealing sensitive information, such as passwords or bank details – have had dramatic results.
“Like most large New Zealand companies, we received a large volume of phishing emails,” Kiw says. “Prior to us putting our new automated solutions in, every single reported phishing incident took our Security Operations Centre people 10 minutes to analyse.”
Now, AI takes care of 50% of cyber incidents, intercepting malicious emails and messages. For the rest, AI-powered analysis means the cyber team can evaluate a suspicious message in one minute, rather than ten.
“Automation and AI have saved 10,000 hours of human effort since we embarked on this journey,” says Kiw. “And that’s at a small cost. It is very real how AI can help us with security.”
Spark won WIS Best Place to work in Security 2023
Zero Trust and the changing perimeter
Kiw highlights the importance of modern architectural approaches, especially the Zero Trust practice widely advocated by cyber security experts.
Zero Trust doesn’t assume you are a trusted person just because you’ve successfully logged on to the device or network. “Using an analogy, Zero Trust is like having a security guard at every door inside your office, checking ID every time – because in today’s world, you can’t assume someone is safe just because they’re already inside,” says Kiw.
Kiw’s advice for New Zealand enterprises is to invest in people – to make cybersecurity awareness and training the first line of defence, and adopt Zero Trust methodologies when refreshing your technology lifecycle.
He also points out that regulatory and compliance obligations are tightening in New Zealand and abroad. Spark’s role is not only to help organisations defend against attacks, but also to meet evolving governance standards with confidence.
Talent, burnout, awareness
The complexity from cloud, IoT, and AI, especially at the edge of networks where people are working from home, makes it “100% way harder and more complicated than it used to be,” says Kiw.
The global talent shortage makes cyber security especially demanding, with attacks often landing outside office hours.
“The talent shortage is very real,” says Kiw. “Even with a team of 100, there’s always more than enough to do.”
Spark invests in career growth and partnerships with academic institutions to keep its talent pipeline strong.
Ultimately, says Kiw, AI-enhanced attacks, data leakage, and evolving threats are real and rising. Yet with diligent governance, technical guardrails, robust testing, and a mindset of continuous adaptation, Spark sees AI as a necessary ally.
“Everyone needs to embrace it. We are on that journey and learning every day what works at scale to help keep our people and our systems secure.”
Learn more about Spark’s cybersecurity solutions: www.spark.co.nz
