Air New Zealand operates over 400 flights daily across 49 domestic and international destinations, moving more than 16 million passengers annually with a fleet averaging 8.7 years old. The carrier is the country's national airline and maintains a Baa1 credit rating from Moody's. Its Airpoints loyalty programme has over four million members - each one a stored-credential attack surface if you're thinking about it that way.
For a cybersecurity team, the threat model is broad and real: critical infrastructure designation, operational technology across a modern fleet, payment systems spanning loyalty and booking, and the identity and access challenges of a workforce that touches everything from airport ground ops to executive travel platforms. The organization operates within New Zealand's regulatory and critical-infrastructure framework, which means compliance isn't optional and incident response timelines are measured in minutes, not days.
The company signals a culture grounded in Manaaki - a Māori concept of care - which in practice shapes how cross-functional teams collaborate and how security is positioned relative to operational resilience rather than as a gatekeeping function. Investment-grade financial stability suggests sustained capability to fund security tooling, threat intelligence, and the kind of red-team discipline a carrier of this scale requires.