Australia Plants Seeds for Fintech Cybersecurity IndustryGovernment Advisory: Bright Ideas Often Drift Overseas
Australia wants to nurture a homegrown cybersecurity specialty in fintech, a move that is part of a government and industry effort to be less dependent on technologies from overseas to secure the country's infrastructure.
Creating new companies is also a vast economic opportunity: the US$100 billion-plus cybersecurity market is expected to nearly double by 2020. But there are few cybersecurity startups in Australia, and the lack of those companies has led to discussion of how create a better environment.
Australia's national research agency, Data61, along with several partners, held the National Fintech Cyber Security Summit last May. It aimed to bring financial services companies together with government, startups and researchers to address key issues. A report from the summit, released on Jan. 31, outlined what some believe have been the barriers to a more active cybersecurity industry in Australia.
Australia has the talent, but "we have lacked focus and prioritization," writes Alastair MacGibbon, special adviser for cybersecurity to Prime Minister Malcolm Turnbull, in the report's forward. "We are a nation of innovators, but too often our bright ideas are captured and commercialized by larger companies based overseas."
In April 2016, the Australian government said it would spend AU$230 million (US$174 million) over the next four years to bolster the country's cybersecurity stance through research, education and other initiatives (see Is Australia Spending Enough on Cybersecurity?).
Australia has a large financial services industry. According to the Australian Trade and Investment Commission, the country manages AU$1.3 trillion (US$850 billion) in funds. The funds management sector has grown, in part, due to requirements that employers contribute to employees' retirement savings.
The systems that drive financial services are always at risk. Last year, the banking industry was shaken after attacks targeting the SWIFT messaging system, which facilitates international transfers between banks. The most damaging attack stole $81 million from Bangladesh Bank's account at the Federal Reserve Bank in New York using fraudulent SWIFT messages. Banks in Vietnam, the Philippines and Ecuador were also targeted (see Fraudulent SWIFT Transfers: Congress Queries New York Fed).
Financial institutions often employ some of the most sophisticated and expensive security technologies to stay ahead. But as cybercrime evolves, defenders are faced with a constantly changing attack landscape that requires innovation.
"The growing sophistication of threats has not been solved by the market sufficiently well enough," the report says.
The next phase in the fintech startup plan is the National Fintech Cyber Security Design Challenge, in which organizations will describe the security issues they're facing and how startups might be able to help. Then, backers of the effort hope to incubate startups to tackle key issues and eventually help them commercialize products.
The Cyber Security Growth Centre, which will receive AU$30 million in federal funding through 2020, will coordinate the effort. Last December, the government launched the Australian Cyber Security Growth Network, a not-for-profit company to oversee the rollout.
Eventually, a Cyber Security Innovation Lab will be created to help commercialize cybersecurity innovation in fintech, working with researchers, companies and government agencies. An emphasis will be on adoption, as startups often struggle getting their first customer.
Alex Scandurra, CEO of the fintech startup incubator Stone & Chalk, says it can take 12 to 18 months before startups can secure a pilot of their software at a large company. Those companies often want to see case studies from a startup's customers before even trying an innovation in a non-production environment. "In a way, the natural procurement process is geared away from startups to more mature organizations," he says.
Stone & Chalk has launched a program called "Startup Ready" that works with corporations and government to streamline their procurement processes to give startups a better opportunity. The goal is to get contracts in place to trial a startup's technology within 60 days, he says.