(apologies to members of members-discuss(a)internetnz.net.nz for duplication) Yesterday the topic of AusCERT came up on nznog. Many of you probably know that InternetNZ has formed a small group to look at the need/feasibility of a NZ based CERT. It is all in early days yet, but it might be a good time to start looking at some ways of improving security awareness here. We hope to raise some ideas for discussion at the nznog conference next year, but the recent email suggests we could start on some practical matters now. We would like to suggest creating a NZ security community with a nz-sec mailing list, for example. This would have the same sort of intent as the nsp-security mailing list, bringing in people with a genuine interest in security practice and incident handling. We feel that the CCIP list, while valuable, is informative rather than collaborative. The nznog list has been used for security issues where relevant, but network operations is the reason for nznog, not security management. Ultimately the list and list membership, or some variant, would become associated with a NZ CERT if one were to happen, but in the meantime InternetNZ would be happy to host and advertise a moderated list. If you think there would be some value in this, please email me. You can find information about the nsp-security mailing list at https://puck.nether.net/mailman/listinfo/nsp-security) Brendan Murray Chairing the InternetNZ NZCERT Task Force.