Aussie’s CyberCX takes on NZ market

Published on the 27/08/2020 | Written by Jonathan Cotton

CyberCX buys into NZ market

VC-funded cybersecurity group buys into NZ…

Framing it as a chance to create a unified domestic cyber capability – while going after its NZ$600 million cybersecurity services market – Australia’s CyberCX is launching in New Zealand.

Backed by private equity firm BGH Capital, and led by the former head of Australian federal cybersecurity Alastair MacGibbon and former Optus Business managing director John Paitaridis, the company will be delivering ‘end-to-end cybersecurity services’ to enterprises and governments.

Launched in Australia a year ago, the company has been busy consolidating more than a dozen Australian cybersecurity businesses, now boasting a workforce of over 500 cybersecurity professionals and a footprint of more than 20 offices across Australia and New Zealand, with global presence in Europe and US.

“For too long we have relied on international companies for cyber services, where their interests don’t always align.”

And the Kiwi plan is significant: Based in Wellington, the company with offer consultation and advisory services; governance, risk and compliance; digital forensics and incident response, penetration testing and assurance; security integration and engineering; and managed security services. According to the company’s press release, short term plans include the employment of 100-plus staff over the next 12 months, along with the opening of a Christchurch office and expansion of the Auckland and Wellington ones.

That’s a big chunk of the New Zealand market, and with CyberCX promising ‘investment in systems, processes, tools and a centralised support structure’, its plans are to provide ‘the most comprehensive end-to-end capability in New Zealand’.

Paitaridis, CyberCX CEO, says New Zealand is a natural target for the company.

“With the exponential growth in the number of cyberattacks on Australian and New Zealand businesses and government agencies, and the aggressive tactics we are seeing from threat actors, we need to significantly bolster our trans-Tasman cyber capability to secure our companies and sovereign interests, in particular Australian and New Zealand critical infrastructure including utilities, agricultural, financial systems, logistics and supply chain,” says Paitaridis.

“Never has this been more important than during the COVID-19 pandemic.”

The company is also framing the launch as a chance for Australasia to establish more substantial home-grown national cyber-capabilities.

“It is time that Australia and New Zealand had its own cybersecurity company, a national champion at scale, able to defend and protect our local businesses and economies,” says Paitaridis.

“For too long we have relied on international companies for cyber services, where their interests don’t always align.”

CyberCX’s expansion into New Zealand follows the more general trend of smaller Australiasian firms ultimately merging or being acquired by larger organisations, a pattern likely to accelerate over the next few years.

CyberCX’s New Zealand CEO, Grant Smith (founder of recent acquire, Gen2) says the move will ‘transform New Zealand’s cybersecurity landscape’.

“It is clear that many New Zealand businesses, enterprises and government organisations are not yet well enough advised, supported or equipped to defend their critical assets,” says Smith.

“Each year thousands of New Zealand organisations fall victim to cyberattacks totalling tens of millions of dollars in losses. Forty percent of those incidents are linked to state-sponsored actors. CyberCX NZ is committed to lifting the country’s national resilience and is focused on maintaining an independent stance, agile ways of operating and core cyber focus.”

For all the promotion, there’s plenty of reasons for businesses ot be doubling down on their cyber measures.

As this week’s multiple crashes of the NZX Stock Exchange website shows, few are immune to cyberattacks and the consequences for failing to meet the grade can be significant.

Case in point, RI Advice Group, currently the subject of legal proceedings courtesy of the Australian Securities and Investments Commission (ASIC) for failing to have adequate cybersecurity systems in place. Incidents include the 2017 ‘brute force’ attack on Frontier Financial Group, whereby a malicious user successfully gained remote access to the group’s server (which contained sensitive client information including identification documents) and spent more than 155 hours logged in.

ASIC alleges that RI failed to have implemented adequate policies, systems and resources which would be reasonably appropriate to manage cybersecurity risk.

ASIC is seeking unspecified civil penalties from RI as a result of the hacks.

Post a comment or question...

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.


Thank you! Your subscription has been confirmed. You'll hear from us soon.
Follow iStart to keep up to date with the latest news and views...