Today, Australia’s industrial capability in critical and emerging technologies will receive a boost from the strategic integration of Stone & Chalk and AustCyber.

The merger sees Stone & Chalk’s commercialisation services become available to Australian cyber security founders. This includes investment support, customer and talent acquisition, corporate partnerships, ecosystem support and curated mentorship from commercial leaders. Likewise, Stone & Chalk’s emerging technology founders will have access to vital support and expertise from AustCyber to ensure they are ‘secure by design’before they write their very first line of code. 

The merged organisation will provide startups and scale-ups with access to domestic and international customers, talent, expertise and capital. This will accelerate growth and maturity for companies as they become the fastest growing employers in the economy. In turn, this creates new and highly-skilled jobs for Australians and provides a highly attractive means for Australia to retain economic benefit.

The organisation will also provide a powerful voice to better shape the policy and regulatory landscape for critical and emerging technology products and services.

AustCyber will become a wholly-owned subsidiary of Stone & Chalk, retaining its standalone brand, staffing structure and National Network of Cyber Security Innovation Nodes. It will also continue to operate as one of the Australian Government’s Industry Growth Centres. 

“The COVID-19 pandemic has made it clear that Australia can no longer depend so heavily on imported technology which contains critical dependencies in supply chains,” said Stone & Chalk’s CEO Alex Scandurra. 

“In making our two organisations one, we are combining the greatest concentration of cyber security industry expertise in the country with the most developed technology commercialisation infrastructure that Australia has ever built. The integration of Stone & Chalk and AustCyber will enable our joint organisation to pursue a resilient and prosperous future not just for founders, enterprise and governments, but for all of Australia,” he said.

The organisations have joined forces at a time of unprecedented opportunity for Australian entrepreneurs – and unprecedented threats from both cyber criminals and state-sponsored threat actors against Australian public and private sector networks.

“It’s in our nation’s interests to be investing in scalable, flexible and sophisticated ways and means to nurture and propel forward emerging tech industries,” said AustCyber’s CEO Michelle Price. “AustCyber has demonstrated its ability to do this for cyber security and it’s critical we apply similar approaches to other emerging technologies.

“I have long respected the capabilities of Stone & Chalk and know that joining forces will provide our existing ecosystems with the tools they need to evolve, develop and thrive.”

Stuart Ayres, NSW Minister for Jobs, Investment, Tourism and Western Sydney, said the merger of Stone & Chalk and AustCyber will help the state and the nation continue to embrace emerging and critical technologies.

“The integration of these two organisations will see new jobs and investment for NSW, as well as the rest of the country, at a critical time when our economy is recovering from the pandemic. Our government will continue to support the growth of emerging technology and ensure cyber security is built into these new platforms from the ground up. These will be the jobs of tomorrow.”

For more information about the merger, visit www.shapingthefuturetogether.com.au.

In partnership with the NSW Government and Standards Australia, AustCyber is pleased to launch the Recommendations Report of the NSW Cyber Security Standards Harmonisation Taskforce, which commenced in June last year.

The Taskforce, made up of industry leaders, government and business representatives, have compiled a comprehensive list of recommendations that span key industries, including cloud, health, defence, education and financial services.

Cyber security standards play a key role in improving the security of data, assets, systems, networks and critical infrastructure. Well-developed, practical and verifiable standards enable consistency and encourage competitiveness among developers and organisations.

“The digital age is bringing more social and economic opportunities for Australian industry, but with this increasing digital reliance also comes greater security sensitivities and risks. With the report complete, we can now begin working collectively toward implementing these key recommendations,” said Adrian O’Connell, Chief Executive Officer at Standards Australia.

The report compiled by the Taskforce highlights priority areas for standards development, implementation and importantly, outlines how standards can contribute to building a resilient cyber infrastructure across sectors. It also delves into seven priority areas across Australian industry, with specific recommendations for each.

“This is not only about creating jobs, it’s about creating an industry and one we must lead,” said Victor Dominello MP, Minister for Customer Service.

“But as we strive towards this goal we must ensure the correct privacy, security and trust settings are built in – all wrapped around with ethics. The standard to which we hold our service delivery demands nothing less.”

Michelle Price, Chief Executive Officer of AustCyber, said standards are not a panacea.

“However, if used in combination with the latest advances in technology, and embedded across global supply chains, they can assist in guiding base line cyber security requirements. This will help raise the posture of small to medium enterprise (SME), organisations and government agencies to compete in the Australian market and internationally.

“Ultimately, a globally competitive Australian cyber security sector will underpin the future success of every industry in the national economy.”

“Standards Australia is looking forward to continued collaboration with NSW Government, AustCyber, other Australian Government agencies, and the broader taskforce in building stronger cyber security for Australian businesses,” concluded Mr. O’Connell.

Next steps:

The Taskforce is developing a publicly accessible list of standards relating to cyber security that span the seven priority sectors identified in the report. This will include a website that communicates the business benefits around the adoption of standards. The intention is this will be an essential asset for boards, executives and relevant decision-makers and help embed the work of the Taskforce into the economy.

Read the Recommendations Report

Listen to Episode 7 of ‘OzCyber Unlocked’, featuring the Hon. Victor Dominello MP (NSW Minister for Customer Service), Prerana Mehta (Chief of Ecosystem Development at AustCyber) and Dr Jed Horner (Policy Manager at Standards Australia) discussing the benefit to Australia’s economy of having a common set of cyber security standards, high-level takeaways from the Recommendations Report, and how the NSW Government is building a robust cyber security ecosystem.

AustCyber’s Projects Fund grant recipient truuth has been developing a digital identity platform for user identity verification, while protecting user privacy.

truuth uses technology that fragments, salts (injects false information), encrypts and shards user credentials across multiple trusted servers. The platform delivers a wide range of micro-services that improve online safety and eliminate the need to remember many different passwords, whilst ensuring no single entity has access to a user’s biometric data. The truuth platform is being deployed for enterprise customers including Macquarie Bank, NuMobile and Australian Finance Group (AFG).

“Most venture capital funds are focused on scale-ups that already have enterprise customers, while private equity is typically looking to invest A$5-10 million in Series A rounds,” said Mike Simpson, CEO & Co-founder of truuth. “AustCyber complements these by supporting early stage companies with highly innovative technology solutions.”

The truuth suite of digital identity and authentication services addresses deficiencies of current solutions such as reliance on insecure passwords. It also provides enterprises with higher levels of user authentication by using Artificial Intelligence (AI) and Machine Learning (ML) models to verify the user is present during the authentication event.

AustCyber funding support has been integral to the success of truuth.

“The Projects Fund enabled us to match funding from private investors to grow the team more rapidly and deliver our digital identity services far earlier,” said Mr Simpson. “truuth’s successes over the past 12 months would not have been possible without the assistance of AustCyber. Our participation in AustCyber forums has also opened up commercial conversations in the public and private sectors.”

The company provides a range of digital identity services including truuth KYC (Know-Your-Customer), truuth liveness, truuth faceKey and truuth biopass. These services help to safeguard against the recent and rapid rise in ‘deep fake’ identities created by artificial intelligence and machine learning algorithms which are exacerbating fraud risks.

Recent estimates by the Attorney-General’s Department indicate that identity crime costs Australia upwards of $1.6 billion each year, with the majority lost by individuals through credit card fraud, identity theft and scams.¹

This case study is featured in Australia’s Cyber Security Sector Competitiveness Plan 2020, which can be viewed here and downloaded here.

1. AustCyber (2020), trUUth: A next generation solution for digital identity and cyber security. Available at: https://www.austcyber.com/news-events/truuth-next-generation-solution-digital-identity-and-cybersecurity

Understanding how our digital world works, how it is designed to protect us and how we can keep our information safe is critical for both adults and children to learn.

The University of Adelaide (UoA)’s Computer Science Education Research Group (CSER Group) have been operating digital technologies programs for Australian teachers since 2014.

“The entire CSER program, which includes eight MOOCs on various technology curriculum related areas, has attracted over 38,000 enrolments,” said Dr Rebecca Vivian, CSER Project Lead.

This year, they partnered with AustCyber, CSIRO and Google Australia to develop free, self-paced Massive Open Online Courses (MOOCs) to build primary and secondary teachers’ confidence and capacity to integrate the learning of cyber security and awareness into the classroom.

Two new courses – one for primary teachers (K-6) and one for secondary teachers (years 7-10) – contain practical classroom activity ideas and examples of career pathways. Both courses are aligned to the Australian Curriculum (Digital Technologies and ICT Capabilities) and focus areas include data security, encryption, cryptography, networks, information systems and safety, cyber security risks and security measures, and cyber ethics.

“The Cyber Security and Awareness MOOCs for Primary and Secondary Classrooms have been live since mid 2020, with over 770 teachers enrolled to date,” said Dr Vivian. “Given there are over 288,000 teachers in Australia, we have many more to reach. Learning about cyber security not only enables students to adopt safe practices in their own use of technology, but importantly, can inspire a future cyber security workforce.”

In today’s digital world where children are exposed to social media and they consume large amounts of online content at an early age, the need for early and relevant cyber education is crucial. The UoA’s MOOCs are an important tool for building cyber awareness. Nurturing cyber literacy amongst school students also helps grow the sector’s talent pipeline by highlighting the various pathways available to students.

Over the past three years, there has been significant progress in the availability of cyber security courses and training. This momentum needs to continue to meet the growing demand for cyber security professionals, with the workforce estimated to increase to 33,500 by 2024.

Primary and secondary schools play a crucial role in ensuring this demand is met. If schools can encourage students to consider a career in cyber security, while also building early cyber skills, both the quality and number of students looking to undertake cyber security qualifications will improve.

This case study is featured in Australia’s Cyber Security Sector Competitiveness Plan 2020, which can be viewed here and downloaded here.

CyberCX has sought to provide local customers an Australian alternative to large multinational providers for complex cyber security services.

Launched in October 2019 and backed by private equity firm BGH Capital, CyberCX has brought together 15 (and counting) independent cyber security service providers over the course of the past year. Some of these providers are well known Australian names – including Shearwater, CQR, Sense of Security, TSS and Phriendly Phishing.

CyberCX’s approach to scaling – by acquiring and consolidating existing providers who have proven capabilities and prior customer bases – means the organisation has been able to develop into a large and competitive provider within a short period of time.

CEO John Paitaridis said, “CyberCX took a structured and deliberate approach to integrate its group of portfolio companies into a single organisation, building shared systems and a united mission, under a single brand”.

CyberCX’s acquisitions reflect an ambition to unite a complementary set of cyber services. As recently as October this year, CyberCX acquired the publicly listed Cloudten and Decipher Works – who specialise in cloud and identity management, respectively – to meet growing demand around cloud services driven by the COVID-19 pandemic.

“COVID-19 has accelerated enterprises’ cloud migration strategies and highlighted the need for robust identity management solutions,” said Mr Paitaridis¹.

Chief Strategy Officer Alastair MacGibbon has signalled that CyberCX will continue to scale further by expanding overseas in 2021. He said, “CyberCX plans to significantly grow our specialised cyber security workforce across the UK and US to deliver end-to-end cyber security services”.

One of CyberCX’s earliest acquisitions (CQR) had an existing presence across the UK which will help CyberCX scale its presence overseas. The organisation plans to double its cyber security workforce across New Zealand, the UK and US in the next year in an attempt to create a large, globally competitive, Australian cyber services alternative. 

This case study is featured in Australia’s Cyber Security Sector Competitiveness Plan 2020, which can be viewed here and downloaded here.

1. ARN (20 October 2020), CyberCX forks over $25M to buy Cloudten and Decipher Works

Detexian enables small and medium enterprises to manage cyber risks affecting ‘software as a service (SaaS)’ applications such as Office 365, G Suite, Salesforce and Xero.

Founded in 2018, the organisation has established offices in Australia and San Diego, and is exporting to customers in the US, New Zealand, Singapore and Latin America.

Many of Detexian’s customers are small and medium enterprises that provide solutions and services to regulated entities such as large banks, insurance companies and financial services companies. They are heavily reliant on cloud and SaaS technology and handle high volumes of sensitive financial and personal data. Detexian helps these businesses provide proof that security controls are in place at all times to protect their data and gain customer trust.

At the onset, Detexian relied on the word of mouth of their existing customers to win new ones. But the company was quick to leverage the power of digital marketing, social media and strategic alliances to scale its presence internationally.

“Our way to market is quite simple,” said Co-Founder and CEO Tan Huynh. “We have a two-fold strategy to target companies through direct digital marketing and introductions from trusted partners. We’ve also been assisted by AustCyber and The Australian Trade and Investment Commission (Austrade) to connect and meet with potential customers and partners.”

Detexian’s current target export markets are Singapore, New Zealand and the West Coast of the US as there are no issues with timezone coordination, the regulatory environments are mature and business can be conducted 100% online.

In 2020, Detexian has invested significant time and resources studying the Singapore market. “It’s ahead of our home market in terms of infosec regulatory compliance. SMEs constitute almost the entirety of Singapore enterprises, with over 80% having digital transformation strategies in place,” said Mr Huynh. “When we began to target Singapore SMEs through direct digital marketing, we instantly experienced a high degree of interest. Then, through our networks with the help of Austrade, Detexian was introduced to a number of ecosystem partners and potential channels to explore commercial opportunities in Singapore and the wider Southeast Asian region.”

The accelerated learnings have helped Detexian refine its business model to further minimise adoption barriers for both SMEs and their trusted partners such as IT consultants and MSPs who can help recommend Detexian solutions to their clients. Detexian is currently in discussions with a number of IT/security consultants and MSPs looking to expand their capabilities.

“In the wider Southeast Asian region, we are entering into strategic alliances with well-known companies with dominating positions in product verticals adjacent to Detexian. These companies are looking to progress in the value chain and jump start their offerings to provide more value-added technologies to their existing clients,” said Mr Huynh.

This case study is featured in Australia’s Cyber Security Sector Competitiveness Plan 2020, which can be viewed here and downloaded here.