AUSTRALIAN CYBER SECURITY

MISSION TO THE
SAN FRANCISCO BAY AREA
12-17 February 2017
2 Australian Cyber Security Mission to the San Francisco Bay Area
 WELCOME

WELCOME
The Australian Cyber Security Mission to the San Francisco Bay Area,
coinciding with the RSA Conference 2017, is an initiative of the Australian
Trade and Investment Commission to showcase Australia’s world-class
cyber security capabilities and opportunities to the United States of America.

Cyber security is an The Government has The Australian Cyber

increasingly prominent
industry, and one that is vital to
ensuring we can all enjoy the
benefits of an open, free and
secure internet. The Australian
Government is committed
to ensuring Australia’s cyber
security future and released
Australia’s Cyber Security
Strategy in April 2016.
The strategy sets out five
themes of action over the
years to 2020:
1. A national cyber partnership
2. Strong cyber defences
3. Global responsibility
and influence
4. Growth and innovation
5 A cyber smart nation
committed A$30 million
to create the industry-led
Australian Cyber Security
Growth Network (ACSGN).
The ACSGN will coordinate
cyber security research and
innovation for national benefit
and enable Australia to become
a global leader in cyber security
solutions and services.
Our task to grow and build
Australia’s cyber security
capability is made easier by
Australia’s strong track record
of innovation, our fast growing
and highly advanced digital
economy, a highly skilled
workforce and world-class
research and development
infrastructure.
Security Mission to the San
Francisco Bay Area provides
an outstanding opportunity
to collaborate, learn, build
partnerships and promote
Australia’s cyber security
credentials. I am excited by
the quality of companies
joining me on this mission.
They have innovative solutions
across the spectrum of cyber
security demands, ranging
from encryption technologies,
to authentication, penetration
testing, and the growing need
of education awareness.
I look forward to working with
you to forge the links between
Australia and the United States
in this important sector.

Craig Davies
Chief Executive Officer, Australian Cyber Security Growth Network

1
ABOUT
AUSTRADE
The Australian Trade and Investment Commission
– Austrade – contributes to Australia’s economic
prosperity by helping Australian businesses,
education institutions, tourism operators,
governments and citizens as they:
›› develop international markets
›› win productive foreign direct investment
›› promote international education
›› strengthen Australia’s tourism industry
›› seek consular and passport services.
Austrade helps companies around the world to
identify and take up investment opportunities in
Australia as well as to source Australian goods and
services. Our assistance includes:
›› providing insight on Australian capabilities
›› identifying potential investment projects and
strategic alliance partners
›› helping you identify and contact Australian suppliers.

Austrade Contact
Frances van Ruth
Trade and Investment Commissioner
USA and Canada Cyber Security Lead
Telephone: +1 415 664 3627
Email: frances.vanruth@austrade.gov.au
Address: 575 Market Street, Suite 1800.
San Francisco, CA 94105
Web: www.austrade.gov.au

2 Australian Cyber Security Mission to the San Francisco Bay Area

AUSTRALIAN CYBER SECURITY
GROWTH NETWORK
Commencing operations in 2017, the Australian Cyber Security Growth Network
(ACSGN) is an industry-led, not-for-profit company that aims to position Australia
as an attractive location for cyber security research and innovation.

The ACSGN was created to
support the development
of a vibrant and globally
competitive Australian cyber
security industry to enhance
Australia’s economic growth
and help protect Australia’s
interests online. It will operate
out of several nodes established
across Australia, which will
provide a way of connecting
cyber security activities and
bridge capability and expertise
across the country.
The ACSGN is one of six Growth
Centres established under
the Australian Government’s
Industry Growth Centres
Initiative. It was first announced
as part of the Government’s
National Innovation and Science
Agenda in December 2015, and
is a key measure of Australia’s
Cyber Security Strategy,
released in April 2016.
The ACSGN is co-chaired by
Doug Elix AO, former Senior
Vice President and Group
Executive, IBM, and Adrian
Turner, Chief Executive Officer,
Data61.

Craig Davies is the Chief Executive Officer of the

Australian Cyber Security Growth Network Ltd (ACSGN).

Prior to joining the ACSGN, Services and the Westpac IT

Craig was Head of Security for
Atlassian where he lead the
security program supporting all
aspects of Atlassian’s business
from product security, to their
Cloud operations and the
protection of Atlassian itself.
Before joining Atlassian, Craig
was at CSO of Cochlear
Ltd. He started his career in
Financial Services, initially
with the Commercial Bank
of Australia, then Westpac
Banking Corporation, where he
worked across the organisation
in Retail Banking, Legal
Group.
Craig is passionate about
the importance of people in
security programs and the role
of security leaders in delivering
pragmatic solutions that
support business growth.
Craig Davies
Chief Executive Officer
Craig has 20+ years’
experience in cyber security
and has worked in a number of
fields including Infrastructure Web: www.acsgn.com
operations and management,
security architecture, and Email: craig@acsgn.com
website development and Twitter: @crdavies (personal)
operations. @AustCyber (ACSGN)

3
4 Australian Cyber Security Mission to the San Francisco Bay Area
MISSION PARTICIPANTS
Adelaide Business School, 7 Ionize 20
The University of Adelaide
JanusNET 21
archTIS 8
PS&C 22
Australian Computer Society 9
(ACS) Randtronics 23

Cogito Group 10 ResponSight 24

Covata Limited 11 Salt Group 25

Cryptsoft 12 SC8 Technologies Pty Ltd 26

Datacom TSS 13 Secure Code Warrior 27

Deloitte 14 Sense of Security 28

Enosys 15 Shearwater Solutions 29

EY 16 Shelde 30

Foresight 17 Tesserent Australia 31

FunCaptcha 18 Triskele Labs 32

Haventec 19

5
6 Australian Cyber Security Mission to the San Francisco Bay Area
Adelaide Business School, The University of Adelaide
Company Profile
The University of Adelaide
is one of Australia’s Group
of Eight research-intensive
universities and is consistently
ranked in the top one
per cent of universities
in the world. Established
in 1874, the University of
Adelaide is Australia’s third
oldest university and an
iconic Adelaide institution,
contributing significantly to the
health, wealth and wellbeing
of the state of South Australia
and a vital part of the cultural,
social and intellectual life of the
community.
In the 2015 Excellence Mission Delegate
in Research for Australia Dr Cate Jerram,
results, more than 82 per Management & Systems
cent of the University’s Research
research areas were rated
‘above’ or ‘well above’ world Address
standard. The University of University of Adelaide,
Adelaide is a comprehensive South Australia 5005
university, offering a broad
range of undergraduate Web
and postgraduate programs www.business.adelaide.edu.au
underpinned by world-class
research and placing high
priority on the student learning
experience. There are more
than 27,000 students with 26
per cent of them international
students from more than 90
countries, all participating in a
vibrant campus life.
The University is home to the
Adelaide Business School
which is the leading provider
of Management Education in
South Australia. It offers the full
range including undergraduate
degrees, a world class MBA,
and comprehensive PhD
programs.
7
archTIS

Company Profile Our clients include the Mission Delegates

archTIS is an Australian-based
firm that specialises in the
design and development of
solutions and services for
secure information sharing and
collaboration. These solutions
have the ability to apply and
enforce dynamic, policy-driven
access controls at the user
and information level utilizing
Attribute Based Access Control
(ABAC).
Australian Departments of Daniel Lai,
Defence and Finance and Chief Executive Officer
the Australian Trade and Bruce Talbot,
Investment Commission. Chief Technology Officer
We were also recently
accepted to the New Zealand Address
Defence Panel. Level 3, 10 National Circuit,
Barton
Australian Capital Territory 2600
Web
www.archtis.com

In 2007 archTIS developed

the first US (NSA) and
Australian (ASD) accredited
ABAC solution for Top Secret
Compartment Information
Holdings, T360, which is now
a third generation solution. In
2014 archTIS was awarded the
Defence Excellence in Security
Award from the Australian
Department of Defence for
delivery of its ICT Security
Architecture.

8
ACS (Australian Computer Society)
Company Profile
ACS is the largest community
of ICT professionals in
Australia, with almost 23,000
members working in business,
education, government and the
community. There are almost
1,000 ACS members living
overseas in over 90 different
countries worldwide.
The ACS is passionate about
the ICT profession being
recognised as a driver of
productivity, innovation, and
business – able to deliver real,
tangible outcomes. First and
foremost, ACS’ core business
is the establishment of
professional benchmarks, and
the independent assessment
and validation of these
benchmarks.
Services delivered that
demonstrate ACS holds a
unique position in the Australia
ICT ecosystem include:
1. A
 ccreditation of Australian Mission Delegates
University Degrees: Anthony Wong,
This includes cyber President
security undergraduate and Andrew Johnson,
postgraduate degrees. Chief Executive Officer
2. P rofessional Standards
Legislation: Through ACS’s Address
efforts, the ICT profession Level 11, 50 Carrington Street,
was gazetted in Professional Darling Harbour
Standards legislation New South Wales 2000
meaning that eligible ACS
members and those working Web
in cyber security areas have www.acs.org.au
capped liability.
3. Skills profiling: Over the last
decade ACS has assessed
the skills of over 100,000 ICT
professionals including in
cyber security areas.
4. C ertification services:
An ACS professional
certification is technology
agnostic, recognising
transferable skills and
competencies. When
engaging a certified
professional you know they
are committed to a code
of ethics, the primacy of
the public interest, and
participating in ongoing
continuing professional
development to ensure their
skills and knowledge remain
contemporary.
9
Cogito Group
Company Profile
Cogito Group specialises in
authentication and encryption
solutions. Cogito Group protects
data not only from unauthorised
access and disclosure, but
also from being altered by an
unauthorised third party or a
trusted insider with malicious
intent. This assists in the
detection and prevention of
fraud or other malicious activities
by third parties or trusted
insiders. While many other
companies identify risk, Cogito
specialises in practical ways to
mitigate that risk or issue.
Cogito Group has developed
Jellyfish®: a cyber security
command and control platform.
Jellyfish® provides a single pane
of glass for multiple security
services. It is a streamlined,
adaptive and agile system of
security, identity and access
services. The integration of these
services reduces the exposure
to numerous risks vectors.
10
It provides efficiency and Mission Delegate
security improvements Richard Brown,
for provisioning and Managing Director
de-provisioning, system
monitoring and integration of Address
physical and logical access. Unit 5, 134-142 Hawker Place,
It is now a sought-after Hawker
standalone product that Cogito Australian Capital Territory 2614
Group markets and sells
around the world. Web
www.cogitogroup.com.au
Cogito Group provides
Authentication as a Service
(AaaS) solutions using Jellyfish
to several New Zealand
Government agencies.
We also provide solutions to
major Australian Government
agencies including the
Australian Department of
Defence.
Awards: 2016 Finalist Australian
Export Awards; 2016 winner
of Australian Capital Territory
(ACT) Export Awards (Business
Services); 2015 winner of ACT
Export Awards (Emerging
Exporter); 2014 winner ACT
Telstra Business Awards.
Covata Limited
Company Profile
Covata is an ASX-listed data
security software company
that protects enterprise and
government entities from
threats intrinsic to conducting
business in the digital age.
We deliver innovative data-
centric solutions that provide
true end-to-end security, tying
identity to policy and key
management. With Covata,
data is always protected
wherever it travels – inside a
network, beyond the domain,
to mobile devices and to the
cloud. With data-level security
encryption, granular access
controls that extend to external
users, view-only restrictions,
real-time revocation and
complete auditability, Covata
can be entrusted to ensure
data is protected and secure,
however it is shared.
Our patented technology Mission Delegates
underpins two data security Trent Telford,
offerings: Chairman
›› Safe Share is a secure Ted Pretty,
file sharing solution with Chief Executive Officer
end-to-end encryption that
secures data in an uncertain Address
environment. Level 4,
›› Covata Delta is a data 154-156 Clarence Street
security cloud-based set of Sydney
application programming New South Wales 2000
interfaces (APIs), software
development kits (SDKs) Web
and a developer framework www.covata.com
that enables anyone to
incorporate security into
new or existing applications,
products and services, to
facilitate secure data flow.
Covata’s software can be
used by small, medium and
large customers across
enterprise and government, in
verticals including healthcare,
automotive, financial services,
DevOps, cloud and other
industries where security and
compliance are mandated.
Covata has over 45 employees
across three offices in Australia,
the United Kingdom and the
United States of America.
11
Cryptsoft
Company Profile
Cryptsoft is an Australian
OEM Supplier that operates
worldwide in the enterprise
key management security
market and delivers OASIS Key
Management Interoperability
Protocol (KMIP) technology,
services and designs for
simplified, lower-cost, trusted,
vendor-agnostic cryptographic
and interoperable key
management security solutions
to global enterprises for their
storage, security and cloud
products.
12
Cryptsoft’s solutions have been Mission Delegate
selected by prominent global Greg Scott,
companies for interoperable Chief Executive Officer
enterprise key management
and encryption technology in Address
their storage, infrastructure and 22 Aylesford Street,
security, and cloud products. Annerley
Cryptsoft is committed to the Queensland 4103
development of standards
based security software and Web
participates in the OASIS www.cryptsoft.com
interoperability process to
ensure that security products
from a wide range of vendors
can interoperate together to
ensure customer satisfaction.
Cryptsoft is an OASIS
Foundational Sponsor, and a
Storage Networking Industry
Association (SNIA) Storage
Security Industry Forum (SSIF)
Voting Member.
Datacom TSS
Company Profile
TSS is a leading Australian
pure play cyber and
information security company.
TSS was established in 2011
by four former Australian
Government security and
intelligence personnel and has
since grown to 25 permanent
employees.
We deliver business focussed
cyber security across Australia
and New Zealand, and believe
security must be aligned
to business needs, and be
practical, implementable
and affordable to be truly
successful.
With a level of expertise and
knowledge unmatched in
the Australian market, we
proactively secure and defend
our clients from contemporary
cyber threats around the world,
around the clock.
Our clients include some of the
world’s largest and best-known
brands, with whom we have
built long-term partnerships
across critical business sectors
in both the public and private
sectors.
Our security services assist our Mission Delegate
clients to anticipate, plan and Richard Byfield,
protect against cyber threats Managing Director
rather than react to them.
We provide our clients with Address
niche and tailored intelligent Level 5,
security solutions. 71 Northbourne Avenue
Acton
Our Managed Security Australian Capital Territory 2601
Services cover cyber threat
management, vulnerability Web
management and full security www.datacomtss.com.au
incident lifecycle management.
Our Security Assurance
Services are focused on
optimising our clients’ cyber
security at the strategic,
operational and cultural levels.
Our services help our clients
build a robust security baseline
and establish supporting
programs to mitigate
contemporary threats, while
minimising cost and disruption
to their business.
13
Deloitte Risk Advisory

Company Profile Deloitte Advisory Cyber Risk Mission Delegate

Deloitte is the world’s leading
information technology
research and advisory
company. Gartner ranked
Deloitte number one globally
in security consulting services
(based on revenue) for the
fourth consecutive year in their
April 2016 report Market Share:
Security Consulting Services,
Worldwide, 2015.
Services works with our clients Puneet Kukreja,
worldwide to better align cyber Partner – Cyber Advisory
security investments with
strategic business priorities, Address
establish improved threat 550 Bourke Street,
awareness and visibility, Melbourne
and strengthen the ability of Victoria 3000
organisations to thrive in the
face of cyber incidents. Web
www2.deloitte.com/au/en.html

Deloitte helps organisations

plan and execute an integrated
cyber approach to harness
the power of information
networks to enhance business
operations, increase mission
performance, and improve
customer support, without
compromising security or
privacy. Deloitte services
include, but are not limited
to, the protection of private
data, intellectual property,
and cyberinfrastructure. Even
military and national security
can be compromised by
deliberate attacks, inadvertent
security lapses, and the
vulnerabilities of a relatively
immature, unregulated global
internet.

14
Enosys
Company Profile
Enosys Solutions was formed
in 2011 by a group of highly
experienced professionals
in networking, security and
IT infrastructure. We are
a provider of professional
services, software licensing,
hardware, security and related
IT services to corporate and
public sector organisations
and operate in the advanced
technology space “where
applications meet networksTM”.
Enosys Solutions is closely
partnered with leaders in
enterprise security including F5,
Splunk and Palo Alto Networks.
We are a trusted integrator
specialising in end-to-end
next-generation infrastructure
and security-enabled solutions
and services. With strong
technical expertise and cross
industry know-how, we help
our customers enhance their
business performance in an
ever changing network, security
and infrastructure environment.
We own our customers’ Mission Delegate
problems and deliver Joseph Mesiti,
measurable outcomes. Sales Director
Enosys Solutions was formed Address
specifically to help customers Level 7, 56 Berry Street,
in the emerging area of North Sydney
infrastructure technology New South Wales 2060
where applications meet
networks for the following Web
reasons: www.enosys.com.au
›› Applications are increasingly
looking to offload services
to the network and rafts of
infrastructure technologies
are looking to fill this need.
›› Traditional firewalls
and network security
technologies cannot offer
protection from increasingly
sophisticated application
layer threats.
›› The relentless transition of
applications to web-based
infrastructure and delivery
onto mobile devices has
caused organisations to
strain at the additional
burden.
15
EY
Company Profile
EY is a global leader in
assurance, tax, transaction
and advisory services. Our
cyber professionals comprise
former CSOs, CIOs and
specialised subject matter
resources, including former
military personnel. Drawing
on our in-depth knowledge
and extensive experience
across all sectors we work with
clients to deliver sustainable,
measurable results:
›› Cyber Transformation:
EY’s IT and OT cyber
transformation capability
helps companies understand
the multiple security
challenges that confront
them every day. We can
help to effectively balance
people, processes and
technology — enabling better
security and risk decisions,
and a reduction in the cost of
managing security risk.
›› Identifying and responding
to cyber threats: with
reputation and brand on
the line, companies can’t
afford to be compromised.
Our threat and vulnerability
team can help build the right
model to protect companies,
inside and out.
16
›› Managing identity and Mission Delegate
access effectively and Richard Watson,
efficiently: identity and Lead Cyber Partner
access management (IAM) Asia Pacific
processes are critical to
meeting compliance needs Address
and improving operational 200 George Street,
efficiency. Companies Sydney
continue to invest in point New South Wales 2000
solutions without having a
complete vision. We can help Web
improve IAM capabilities to www.ey.com/au
deliver improved compliance
and better management of
systems.
›› Mitigating the risk of
information loss and
addressing privacy
regulations: Increased and
revised legislation is making
companies rethink how they
manage, move and use
personal information and
intellectual property. Our
privacy and data protection
professionals can help
develop new strategies
for securing information
that balance regulatory
requirements with business
needs.
Foresight

Company Profile Our expertise addresses Mission Delegate

Foresight is a specialist cyber
security consultancy based
in Canberra, Australia. We
provide information assurance
and security compliance
services to help enterprise
and government agencies
secure their ICT environments.
Our capabilities and expertise
include:
the architecture and Peter Baussmann,
implementation of preventative, Managing Director
detective and responsive
security controls, which we Address
believe is a fundamental Level 6, 1 Hobart Place,
capability in ensuring Canberra
Australian networks become Australian Capital Territory 2601
the hardest in the world to
compromise. Web
www.foresight.net.au

›› IRAP Assessments and

assessment preparation;
›› ISM/PSPF/PCI/ISO27001
compliance and the practical
application of security
standards;
›› Network, systems and
application security
architecture;
›› Cloud security assurance,
assisting organisations to
securely migrate to the cloud;
›› Security risk assessments
and threat modelling;
›› ASD Top 35 design/
implementation;
›› Security documentation;
›› Vulnerability management
and penetration testing; and
›› Security governance.

17
FunCaptcha

Company Profile FunCaptcha has been Mission Delegate

FunCaptcha is a human
verification service that
prevents spam and other
forms of automated abuse.
Founded in 2013 by Kevin
Gosschalk and Matthew Ford,
the company’s flagship service
has grown to be the first line
of defence against spam for
companies such as Kik, IMVU
and CBSi.
proven to be hundreds of Kevin Gosschalk,
times more effective than Chief Executive Officer
any other CAPTCHA solution and Founder
on the market. FunCaptcha
protects social networks, Address
voting websites, ecommerce 131 Leichhardt Street,
platforms and many other sites Spring Hill, Brisbane
seeking to prevent automated Queensland 4000
abuse.
Web
www.funcaptcha.com

Distinguished from traditional

CAPTCHAs, FunCaptcha uses
fun visual puzzles that are
highly usable, and configurable
in dozens of ways to custom-
fit any client’s needs. These
proprietary puzzles are backed
by patent-pending 3D image
technology, which make them
invulnerable to brute force
and proactive in outsmarting
machine learning.

18
Haventec
Company Profile
Haventec has three patented
cyber security products that
target protective and adaptive
security solutions for user
identity, device identity and
personal credit information
transactions.
Haventec Authenticate
is a truly password-less
authentication system. With it
organisations can decentralise
user identity and eliminate
central password stores. It
never stores a user secret
anywhere. Users reuse the
same 4-digit pin across all
devices and applications, while
enjoying a secure, trusted and
frictionless user experience.
Authenticate uses patented
rolling key technology to
ensure the user’s security
environment evolves and
adapts continuously to their
behaviour.
Haventec Secure Wallet
tackles security problems
created by centralised credit
card stores and Merchant
Personal Credit Information
(PCI) compliance. Secure
Wallet permits users to Mission Delegates
manage and store PCI locally, Robert Morrish,
on their devices, in encrypted Chief Executive Officer
bundles. Payment processing Naveen Neti,
requires Haventec patented Chief Engineer
key technology to unlock credit
card details. Keys are thrown Address
away after each payment and Level 27, 1 Market Street,
new ones are generated to Sydney
ensure a continually evolving New South Wales 2000
security ecosystem that
protects user information. Web
www.haventec.com
Blockchain Platinum locks the
blockchain wallet to the device
with patented key signature
technologies, ensuring it
cannot be copied, cloned or
hijacked. Blockchain Platinum
incorporates an automated
bit token transmission system
that sends known machine
identities to the other machines
on the network. Through bit
token exchanges, Blockchain
Platinum builds an adaptive
ledger of trust between known
machine identities. This
enables elimination of central
device certificate stores (often
targeted by hackers) as well
as the need for costly fixed
VPN connections between
businesses.
19
Ionize
Company Profile
Ionize is a fast growing and
highly-focused cyber security
company. Our 20 highly
skilled and experienced
technical security personnel
serve a range of government,
academic and commercial
organisations in Canberra,
Melbourne and Sydney. In
Canberra, we are one of
only two Australian Signals
Directorate (ASD) endorsed
Information Security
Registered Assessors Program
(IRAP) training suppliers. We
are also a strong presence
in the security community,
organising the Canberra
Sectalks, Canberra Bsides
conference and the Open
Web Application Security
Project (OWASP) Testing Guide
project.
20
We maintain strong capability Mission Delegate
in the following disciplines: Andrew Muller,
Managing Director
›› security governance, risk and
compliance; Address
›› security architecture, 9/40 Brisbane Avenue,
design and engineering Barton
(deploying and managing Australian Capital Territory 2600
security information and
event management (SIEM), Web
vulnerability management www.ionize.com.au
and other security
technologies);
›› security operations, including
penetration testing, security
monitoring and incident
management;
›› security training and
awareness (IRAP and secure
coding training)
Ionize currently services
financial, telecommunication,
government, education,
logistics and technology
sectors in the Australian
market. In an international
context, Ionize has serviced
Apptio, a US technology
company, and French Telecom,
a global telecommunications
company.
JanusNET
Company Profile
janusNET’s janusSEAL suite
enforces corporate security
classification policies by
allowing users to distinguish
between – and better protect
– public, private and highly
sensitive corporate information.
janusNET was established
in 2004 to enforce message
classification for government
use. The founding premise has
stayed as true today as it ever
was:
Utilize the intelligence of
your greatest asset – your
people – to manually classify
information, to dramatically
improve information security
outcomes simply, effectively,
and inexpensively.
Requiring end-users to apply
a security classification to all
email messages they send,
and to all documents they
create enhances any data
protection initiative by allowing
existing information security
systems to better manage
unstructured data.
The janusGATE suite augments Mission Delegate
special messaging and control Alan Schaverien,
requirements that extend the Director
control of information where
there are gaps in standard Address
email platforms. U8.04, 6A Glen Street,
Milsons Point
These products are designed New South Wales 2061
to complement other security
technologies to maximise Web
customers’ existing security www.janusnet.com
infrastructure investment.
The combination of technology
solutions better manages risk.
janusNET solutions are
deployed globally in both
public and private sector
environments. Our customers
are complex, connected
enterprises with thousands
of employees, including:
government departments,
law enforcement agencies
and commercial enterprises.
Our customers share the
recognition that access to
confidential and mission-
critical information must be
controlled and managed at all
times.
21
P E O P L E S E C U R I T Y & C O M M U N I C AT I O N

LTD

PS&C

Company Profile ›› Configuration audit and Mission Delegate

control Teesaan Koo,
PS&C is an ICT professional ›› Exploitation tools Southern Practice Manager
services entity focused ›› Compliance and executive
on people, security and coaching training Address
communication. Its business ›› Security software sales and Level 10, 410 Collins Street,
units service a range of maintenance Melbourne
government and corporate Victoria 3000
organisations. PS&C People is a contractor
management and sourcing Web
PS&C’s business units were business that provides www.pscgroup.com.au
formed through acquisition of specialist resources to
the following companies: customers for medium to long
People: Systems & People and term projects. PS&C People
Bexton IT Services provides an end-to-end ICT
Security: Pure Hacking, professional recruitment
Hacklabs, Securus and service as well as:
Certitude ›› Technical and business
Communication: Allcom analysis
Networks ›› Technical services such
as enterprise and solution
PS&C Security offers a variety architecture, business
of Cyber security services system implementation
across a breadth of market and integration, information
segments, including: management, application
›› Managed security services development, and testing and
›› Penetration testing quality management.
›› Red teaming
›› Mobile application testing PS&C Communication
›› Payment card security manages, designs and deploys
systems and compliance unified communications,
tools IP telephony, network and
›› Vulnerability management business technology solutions
solutions for a wide range of corporate
›› Web application scanners and government clients.
and firewalls

22
Randtronics

Company Profile Randtronics is a privately Mission Delegate

Randtronics is a leading
developer of data encryption
solutions that protect against
malicious intent from external
hackers, internal employees
and outsource contractors.
Randtronics has a global
presence and delivers
solutions to clients worldwide.
Randtronics’ patent pending
core technology, Data
Privacy Manager (DPM),
protects structured and
unstructured data using
encryption, key management,
masking, tokenization and
anonymization with multi-factor
authentication, access control
and auditing. DPM’s offerings
are:
owned company and delivers Bob Adhar,
solutions worldwide via its President and
offices located in Sydney, Chief Executive Officer
Brisbane, San Francisco,
London, New Delhi, Seoul and Address
Kuala Lumpur through global Suite 1, 1 Level 1,
OEM partners, distributors, 64 Talavera Road,
system integrators and North Ryde
resellers. Our customers New South Wales 2113
include cloud hosting
providers, energy utilities, Web
retailers, insurance companies, www.randtronics.com
payment processors,
government departments,
banks, airlines, defence
agencies and manufacturers.

›› some of the easiest to install

and use
›› work on-premise or in the
cloud
›› use innovative data
encryption
›› leverage current staff and
skillsets
›› deploy quickly and easily,
with a rapid ROI

23
ResponSight
Company Profile
ResponSight is a data science-
based software development
company focusing on security
breach and hacker detection
through behavioural analytics.
We work with large enterprises
that have significant endpoint
fleets. We provide insight into
“abnormal” activity at the
edges of enterprise networks
and beyond, when users are
roaming and away from the
relative safety of the corporate
environment.
ResponSight’s unique
differentiator is that our
analytics engines require no
access to private or sensitive
data to profile the behaviour
represented by activity at the
endpoint. We deliberately
avoid collecting anything
that could uniquely identify
the end user. Our technology
differs significantly from other
security technologies in that
we don’t need to know who
a person is to determine
24
that abnormal activity is Mission Delegate
occurring at the endpoint. Jeff Paine,
We focus on behavioural Chief Executive Officer
profile management at an
individual endpoint level, and Address
will integrate with Security Level 2, 520 Bourke Street,
Information and Event Melbourne
Management (SIEM) and Victoria 3000
other incident response and
forensics systems to add or Web
enhance priority identification www.responsight.com
and rapid response to existing
implementations.
ResponSight is currently
undertaking a data analytics
pilot with a small group of
invitation-only enterprises,
refining our aglorithms and
integration designs. We
expect to be commercially
available in Q2 2017 (Mar-
Jun), with an initial focus on
financial services, professional
services, and the critical
infrastructure, utilities and
telecommunications sectors.
ResponSight is a small team
of eight located in Melbourne,
Australia.
Salt Group Pty Ltd

Company Profile Salt has deployments in Mission Delegates

major Australian banks for Pedram Ghovonlou,
Salt Group is a Melbourne- both retail and institutional Chief Technology Officer
based IT security company banking applications, as well Trevor Horsfall,
of around 30 IT professionals as in government and law Security Consultant
focussed on delivery of enforcement agencies.
sophisticated identity Salt has offices in Indonesia Address
management and user and and has reseller partners in Level 30, 459 Collins Street,
transaction authentication the United States of America, Melbourne
solutions for banking, Vietnam, Singapore and Victoria 3000
government and corporate New Zealand.
sectors. Web
www.saltgroup.com.au
We achieve this through
provision of specialised security
design and integration services
along with deployment of
best-of-breed security products,
including Salt’s mobile
authentication technologies.
These technologies provide
our customers high-assurance
user and transaction
authentication with an intuitive
user experience as required for
mass market situations such
as banking. Increasingly, our
customers are migrating from
the use of smart cards and
specialised one-time password
(OTP) tokens as second factor
authentication mechanisms
to the use of Salt mobile
authentication which provides
them with more powerful
authentication strategies at a
fraction of the cost.

25
 Sc8
Technologies
SC8 Technologies Pty Ltd
Company Profile
SC8 Technologies Pty
Ltd (“SC8”) was recently
established by Jindalee
Partners in partnership with
Edith Cowan University in
Perth. SC8 leverages the
world-class applied research
reputation in various aspects
of cybersecurity at Edith
Cowan University. SC8
recently closed its Series A
funding round and is ramping
up operations, including
expanding its management
team and progressing with
activities related to its pilot
customer – an ASX Top 100
company.
26
Jindalee Partners Pty Ltd Mission Delegate
is a Perth-based boutique Harry Karelis,
technology, merchant banking, Director
and corporate advisory firm
established by seasoned Address
executives in the capital Level 5,
markets and private equity 235 St Georges Terrace,
sectors. Its focus is to identify Perth WA 6000
early stage, world-class
Australian technologies and Web
through its networks provide www.sc8.tech
capital and assistance in
building out the company’s
strategic planning including
recruiting top tier talent
and forming international
partnerships.
Secure Code Warrior

Company Profile Our customers are able track Mission Delegate

their skills and progress, and Pieter Danhieux,
Secure Code Warrior (SCW) benchmark different teams, Chief Executive Officer
is an early stage start-up that including assessing potential
provides awareness, training suppliers and new recruits. Address
and certification of software SCW is truly the first global 207 Darling Street,
engineers to allow them to platform that developers want Dubbo
build software faster and more to learn on and it allows clients New South Wales 2830
securely. SCW has trained to ensure a minimum baseline
more than 6,000 developers of security skills in their Web
with 20,000 hours of hands-on organisation. www.securecodewarrior.com
practice in the first 12 months
of being active in Australian,
European and US markets.
Our focus and success is in
the financial industry, with four
of the top 30 global banks and
two of the top five US credit
card companies as customers.

Unlike classic vocational

education, SCW provides
a fully hands-on, gamified
experience with metrics, leader
boards and badging that
enables developers to master
secure coding in different
development languages and
frameworks.

27
Sense of Security
Company Profile
Established in 2002, Sense of
Security is a Sydney-based,
specialist IT security and
risk management consulting
practice delivering industry
leading services and research
to clients throughout Australia,
Asia Pacific and abroad.
We provide expertise across
vulnerability management,
incident response, DevOps
security, security operations
for cloud environments as well
as a full range of technical
assurance security testing
services for networks, web
applications, wireless and
mobile.
We also develop and
manage information security
governance programs, cyber
risk management frameworks
along with assessment for
compliance and reporting
against regulations and
industry standards, including
payment security, health and
personal information.
28
Our Directors and staff are Mission Delegate
well known thought leaders in Murray Goldschmidt,
the IT Security industry and Chief Operating Officer
speak regularly at relevant
conferences, industry-related Address
meetings and corporate Level 8, 66 King Street,
boardrooms. Sydney
New South Wales 2000
We operate with full R&D
capabilities to support Web
development and innovation www.senseofsecurity.com.au
of our services.
Each year, many large
international companies
utilize our specialist
technical security skillsets.
These include customised
penetration testing of hardware
(i.e. telecommunication grade
equipment, cable operator
end-points and various
medical devices) and bespoke
software (i.e. satellite control
systems, clinical and essential
services infrastructure – power,
gas and water – environments).
Our services are used by major
companies in the banking and
finance, insurance, healthcare,
retail, cloud service providers
as well as resources, utilities,
and telecommunications. In
the public arena we conduct
business with local, state and
federal governments.
Shearwater Solutions
Company Profile
Shearwater provides
information security
services to mid and large
enterprises across finance,
retail, manufacturing,
telecommunications, and
utilities.
We concentrate on providing
support to organisations in four
key problem areas:
1. A
 pplication Security –
Shearwater is a CREST
accredited penetration
testing service provider. Our
application security offerings
include: threat modelling,
architectural consulting,
source code reviews,
vulnerability assessment,
and penetration testing.
2. O perational Security –
Our operational security
services include all elements
of the Plan, Design, Build
and Run lifecycle. This
includes product selection,
procurement, deployment
and ongoing daily
management.
3. S
 ecurity Consulting – Mission Delegate
Our consulting services are Mark Hofman,
designed to meet business Chief Technology Officer
and security objectives,
including security reviews Address
against PCI DSS, ISM, PSPF Level 1, 6 Spring Street,
and ISO 27001, Information Chatswood
security health checks New South Wales 2067
and audits, threat and risk
assessments, and strategy Web
development. Shearwater www.shearwater.com.au
is a PCI Qualified Security
Assessor (QSA) firm and has
a number of IRAP assessors
and accredited ISO/IEC
27001 Lead Auditors.
4. E
 ducation and Skills
Uplift – Shearwater is
the exclusive provider of
SANS technical security
training courses in Australia.
Shearwater also developed
Phriendly Phishing, an
award-nominated security
awareness training solution.
We have an extensive
background in working in
federal government and high-
security environments with
several staff members holding
high levels of government
clearance.
29
Shelde
Company Profile
Shelde is a specialist provider
of ICT security services and
solutions. Our aim is to assist
large enterprise customers
in the banking and finance,
telecommunications and
federal government sectors
by maximising returns on
technology investments,
minimising operational risk
and improving visibility of their
organisational activities.
With a team of approximately
60 staff, located in Melbourne,
Sydney and Canberra, we
are a highly experienced
and focused organisation.
Our specialist team of
practitioners is larger than
the on-shore teams of many
of our competitors. Our size
means that Shelde can provide
the depth of capability our
enterprise customers’ need,
while offering a high degree of
flexibility and agility to respond
to changing business or
technology requirements.
30
Shelde is not a ‘body shop’ or Mission Delegates
contingent workforce provider. Bruce Williams,
With very few exceptions, our Chief Executive Officer
staff are full time employees, Brian Jamieson,
enabling us to invest in their Chief Technology Officer
professional and personal
development over time. Many Address
of our staff were hand-picked Level 7, 440 Collins Street,
from around the world and are Melbourne
recognised as experts in their Victoria 3000
chosen disciplines. Shelde is
proud that we can attract and Web
retain some of the best talent www.shelde.com
globally – we are also proud
of the cultural and gender
diversity we have managed to
achieve and maintain within
our business.
Key capability areas for Shelde
include: application security,
cyber security, data acquisition,
data analytics, process and
workflow automation and
orchestration.
Tesserent Australia
Company Profile
Tesserent is a Melbourne
based ASX-listed company that
provides world-class managed
security to organisations
throughout Australia and
overseas. Our team of experts
use the Tesserent security
platform and a range of partner
products to tailor a network
security solution specifically for
our customers.
Tesserent has a MSSP
Platform, enabling the
delivery of Security-as-a-
Service to small and large
organisations. Industry sectors
serviced by Tesserent include
education, financial services,
transport, healthcare, religious
institutions, logistics, retail,
government (federal, state,
local), and professional
services.
Tesserent and its channel Mission Delegates
partners provide these Keith Glennan,
services to more than 350 Chief Executive Officer
organisations located in 11 Karen Negus,
countries and territories. Head of Marketing
Our business is dedicated to Address
offering customers a cost- Level 2, 683 Burke Road,
effective, world-class managed Camberwell
security solution. Tesserent has Victoria 3124
a proven record of improving
return on IT investment, driving Web
efficiency and optimising www.tesserent.com
network performance. We
also bundle connectivity and
colocation to optimise our
customers’ network security
and deliver a total solution at
the best possible price.
31
Triskele Labs
Company Profile
Triskele Labs is a cyber
security professional services
company launched in October
2014 and headquartered in
Melbourne. We provide a
holistic service to our clients
across advisory, compliance,
technical (penetration
testing and code review) and
education. In recent times,
Triskele Labs has evolved to
provide a managed security
service provider including
managed SIEM, vulnerability
assessments and security
advice with a product aptly
named, DefenceShield. Our
most recent achievement
has seen us develop and
release our own simulated
phishing platform, PhishAway,
to help our clients identify staff
requiring focussed training.
32
We work with clients across Mission Delegate
multiple verticals due to our Nick Morgan,
holistic and strategic approach. Managing Director
Our clients vary from 30-
15,000 staff, with needs and Address
requirements based on their 220/480 Collins Street,
size. Triskele Labs understands Melbourne
that all organisations need Victoria 3000
cyber security, not just the
big guys. Web
www.triskelelabs.com
At present, Triskele Labs
focuses on the Australian
market. However, we also
have several clients in South
East Asia, predominantly in
Singapore. Our vision is to
reach out to a global audience,
with our scalable products
DefenceShield and PhishAway.
Australian Cyber Security Mission to the San Francisco Bay Area 33