Cyber security is big business globally

Digital technology has created priceless efficiencies by moving systems, information and processes online. The ability to connect, share and access data easily brings many opportunities. But it's exposed enormous vulnerabilities that weren't anticipated of the scale and scope we are grappling with today, globally.

 

Saab Australia's Marc Tapping and Travis Klose, joined the Australian Government's cyber security mission to the United States last month. With the Austrade delegation they attended the world's most influential cyber security event, the RSA conference in California.

Marc and Travis also visited some of the world's largest cyber and technology companies to learn strategic directions being considered and challenges faced on a global scale. On their return we spoke to Marc Tapping, who heads Saab Australia's cyber business, to ask what he learnt from the mission.

Who attended the Austrade mission and what was the purpose?

Sixty-five plus delegates made the Australian Cyber Security Mission to the US. This was a combined fact finding, pitch, networking, marketing exercise for innovative and leading Australian cyber security businesses. Austrade published a mission guide which detailed the mission's objectives and it' participants. In a nutshell; late last year the Australian Government issued an International Cyber Engagement Strategy to reflect Australia acknowledges it's a  responsible participant in the international community, ready to discuss cyber policy issues within global forums. The government knows that with the backing of credible industry partners, it can boost Australia's reputation for world-class cyber security research, skills and products. It also sees Australia as a location of choice for global cyber security companies looking to establish a base in our region. The mission is part of that strategy.

Saab Australia is one of many players in the cyber security space, how did we get to be included in this delegation?

We quite simply threw our hat into the ring and they welcomed us. Saab Australia has a growing reputation within the cyber security space and  it was an ideal opportunity to meet other Australian cyber businesses too.

What were the highlights of the RSA conference? Have you been to similar conferences and did you have expectations?

For me the access to influential people in large organisations was fantastic. Also, it was a useful calibration exercise for how we think about and approach cyber security within Saab Australia. We also managed to meet and get to know some of our Saab colleagues from the US and Sweden which was very enjoyable. Have I attended similar? Yes but nothing on this scale, it is a monster. Expectations? To be a sponge for the week, and I managed that.

Was there anything in particular that you weren't expecting to find interesting but did?

Yep, this is easy, a keynote session which caught me a little off guard with powerful and thought provoking messages from Monica Lewinsky and Reshma Saujani. Didn't see that coming at all.

Cyber Bullying and Girls Who Code – very strong messages. As a father, husband and brother it really changed my perspective on 'the incident' which made international headlines over 20 years ago—and most probably everyone's perspective in the room. How public invasion and dehumanisation, can be so devastating and damaging to them and the people around them. You have to ask, for what purpose, where is the line? That is very sobering and in the cyberspace, the potential to discredit and destroy is even more powerful.

Who were the most influential players you met and what did you learn from them?

The trip reaffirmed the view drawn from our experiences, cyber security is hard. Protecting intellectual property and sensitive information is a constant challenge when the traditional security barriers are being continuously eroded by technology and new ways of working. Greater numbers of people want faster access in an environment where the threats are growing in volume and becoming  increasingly sophisticated, and access to tools and techniques for malicious intent is trivially obtained. This we knew before heading to the United States but the scale of the problem, and the vast resources (people and revenue) being deployed is quite staggering. Some of the large financial institutes spend circa $650M per year on cyber security  alone.

The DocuSign CISO (Vanessa Pegueros) was very impressive.  It was one of those sessions where you took lots of mental notes (having forgotten my pad) and then spent a chunk of the flight home recalling her words. Team, culture, business risk and incident response where some key messages from Vanessa. Mimecast COO (Ed Jennings) was also a good source of knowledge, even managed to get down in the weeds a little which was great.

The sessions at RSA also included a keynote with some founders and luminaries of not only our industry, but our everyday lives online - Whitfield Diffie, Ronald Rivest and Adi Shamir.

My personal favourite meet though has to be Kevin Mitnick – a real name in the Pen Testing community with a cool business card including lock picks too.

Defence SA had a cyber security delegation in Maryland before the RSA conference to build connections in their mission of making South Australia a cyber security hub. Did they meet you in San Francisco and give you any information on their visit?

Yes, and it was great of Reg Carruthers (Defence SA) to spend his time with us talking through these things, more to come on that I hope. We look forward to exploring where we can work together  in any future venture or activity with them.

After this experience, where do you see things headed in the cyber security space and do you see any problems we may need to tackle for ourselves and our customers?

There is a lot of snake oil out there I'm afraid, and far too much noise to hear the key messages sometimes. Privacy (GDPR in particular) are growing issues, getting enough good people is another.

No new revelations here—I see a lot of challenges for everyone—ours will be to stay ahead of that curve, and to continue building a highly capable team to protect our information and help our customers do similar.

What do you see as the future of cyber security and how that might impact on Saab Australia?

The risks related to cyber security permeate every facet of our day to day lives. Unfortunately this is still seen largely as an ICT problem but the growing number of very well publicised examples continue to demonstrate the damage this can cause to people and businesses and in extreme cases our national security  and prosperity. Saab Australia has established a growth strategy in this area and we see this as a real opportunity to cut through the hype and make a difference.

 

 

TOP: American computer security consultant, author, and hacker, Kevin Mitnick (left) with Marc Tappingat RSA

CENTRE: The Australian Cyber Security Mission was given unprecedented access to the SuperComputing facilities at NASA Ames
LEFT: A Quantum Processor—qubits, milliKelvins, entanglement, and wave-particle duality …

RIGHT: Piyush Mehrotra, NASA AMES SuperComputing Division Chief explains the incredible power available for data visualisation