Last December Craig Davies, former head of security for Atlassian, was named head of the government’s new Cyber Security Growth Centre launched with $31.9 million of funding over three years.
The government said it would operate as a not-for-profit company to be known as the Australian Cyber Security Growth Network Ltd (ACSGN). That suits Davies. He told Computerworld: “I don’t want to be the centre of anything.”
He explained that the network is already virtual: He is based in the Australian Technology Park in Sydney and his COO, Michelle Price, is in Canberra. She played a major role in the development of the National Cyber Security Strategy as a senior advisor in the Department of Prime Minister and Cabinet before moving to the National Security College at the ANU.
Davies said his aim was to create a true network with nodes in each state and territory. “These will essentially be franchises of the national body. This will give them a voice at the table and ensure they are participating in the national conversation and that they are aligned to the national priorities.”
He added: “More importantly the states are each starting to build specific capabilities and by sharing that knowledge across the entire ecosystem we can hopefully create some multipliers.”
Collaboration key to growth
He does not plan to create a large team — five or six at most. “We have people tagged for roles we are just finalising. We don't have a lot of money to run the business and I would rather use firms to do something specific rather than hiring someone.”
Nor does he envisage the ASGN running any programs itself, saying he believes its role is to facilitate networking and collaboration across the cyber security community, and he would prefer to get people working together in other successful programs and make these more successful.
“The primary challenge in Australia is truly understanding the concept of collaboration and what it looks like,” Davies said. “When it is done well everybody wins. We generate more revenue, we get more scale, exporting of capabilities becomes viable, the investment money flows so they don't need to pack up and move their entire operation to another country.”
The ACSGN is one of five industry-specific growth centres created by the government and each must produce a sector competitiveness plan. Yesterday the organisation released Australia’s first Cyber Security Sector Competitiveness Plan, addressing the short, medium and long term challenges to growing the industry.
Two critical challenges
Davies has identified what he sees are two critical problems: Educational pathways into the security industry and commercialisation pathways for security innovations.
On education he said: “We have identified great programs at the Box Hill Institute in Victoria and at the Canberra Institute of Technology. One of our jobs is to get those teams talking so there is consistency and common education. There is much good will to do that. They just need someone like us to do it.”
Learning institutions can apply to be classified as a centre of excellence for cyber security education.
“Part of their proposal must demonstrate their alignment to our mission because the government is putting a lot of focus on ensuring that everybody is aligned we do not create confusion in the industry around who is doing what where we are going and what comes next,” Davies said.
On the commercialisation front he said there were many promising small-scale companies that needed advice on funding, securing early sales and growth strategies. “We want to get the commercialisation pathway much smoother than it currently is. We see some fantastic ideas around in small-scale companies.”
Davies said the ACSGN had a broad remit to nurture and grow the Australian cyber security industry. “Everything is on the table, including how we get firms investing here, how we help firms to grow into overseas markets without having to pack up and move, which has been the traditional model.”
Cyber an Austrade priority
The centre is also working with Austrade to both promote Australia’s cyber security capability overseas and to encourage overseas investment into cyber security activities in Australia. Davies said cyber security was now one of Austrade’s top priorities.
In January Austrade published a 36 page book promoting Australia’s cyber security credentials, and the ACSGN’s work with Austrade was already starting to bear fruit.
“We ran a mission to San Francisco in conjunction with Austrade and took 27 companies,” he said. “For many of those companies the US represents a huge market and a natural fit, but we also believe it is not the only market. There are plenty of opportunities elsewhere in the world where we have not looked as a security community for business opportunities.”
On the overseas investment side, Davies said: “We are talking with US firms about how they could come into Australia, not with a sales team but to take up a regional support opportunity. We hope that a couple of these deals will be announced in the next few months.
“One US firm is going to create a 30 person team in Australia to support APAC. In the past they would have gone to another Asian location but they are coming here because of lifestyle and access to language skills.”
The CEO suggests the booming Asian market presented opportunities as did Europe with its strong privacy legislation and “what appears to be a very uncomfortable approach to US based technology solutions.”