In the last six months of 2022, Australia had 497 notifiable data breaches impacting private customer data, a 26 per cent increase on the previous half year.
Almost one in two of the breaches were cybersecurity incidents – ransomware, phishing, brute force attack, hacking, malware and, perhaps more frighteningly, accessing data using methods unknown.
“We have to defend millions of different ways to get in, but an attacker only has to find one,” said OpSys Australia founder Matt Fabri.
Focusing on cybersecurity is “all well and good”, he said, but it gives a false sense of security.
“The cybersecurity world is one where we are constantly playing catchup, not just in Australia, but globally.
“We can spend tens of millions of dollars in cybersecurity and somebody, if they really want to, will get in. It’s about how you bounce back.”
Fabri has nearly two decades in the industry, and his Adelaide-headquartered OpSys (they also have offices in Singapore and New Zealand) is a recognised leader in cybersecurity.
That OpSys is based in the ex-Sturt Street Court, and has a mission control room straight out of a movie, only makes his urgings all the more compelling and their work super cool.
Fabri sat on the executive advisory board for FireEye/Mandiant, the world leader in threat intelligence, and has advised international governments on initiatives in cybersecurity policy and regulation. OpSys also provides training services to the Department of Defence.
Cyber resiliency is about ensuring that post-breach operations can continue normally, accounting systems are secure, and staff, the ATO and suppliers get paid.
Fabri’s decision to be based in South Australia is driven by his love for Adelaide – “We are the quiet achievers with an amazing city, 45 minutes in either direction and you are in some of the best wine regions in the world.”
He also has connected with the Department for Trade and Investment, with the department supporting OpSys through its growth.
Regarding the local cyber industry, he said the state has “some amazing capability” including open-source intelligence firms Fivecast and Fircy.
What he is less than happy about are the IT businesses and managed service providers (MSPs) elsewhere using cybersecurity as a money grab. Fabri calls cybersecurity a “platinum” word offering the promise of steady riches.
“If you asked the vast majority of these MSPs, they don’t have the credentials, experience or personnel to drive the tools they sell,” he said.
“They might monitor it or not, or provide monitoring from another country via the software provider… they might have people from [outside the country] dial in at some point to protect your company.”
Meanwhile, OpSys partners with Elastic and has added their own IP to deliver advanced capabilities. They also own all their servers, which are in Adelaide.
“We call it ‘from data centre to device and back’,” he said.
He was frank about the wider industry becoming a “wild west”, and mentioned YouTubers giving advice on cyber threats and non-industry ‘experts’ doing internet research to present seminars on the subject.
While OpSys’s self-reliance limits opportunities for exposure and possible breaches, for Fabri it is also about sovereign capability, which is “imperative”.
“You need to be assured that the data collected, viewed and stored stays [here],” he said.
“We need to be thinking more globally with our data privacy, ensuring that we keep our secrets, business and defence, in our country.
“But it’s not just about data – we’re talking about big organisations and reputable businesses, where a leak of information about a [cybersecurity breach elsewhere in the world] could exponentially hurt their share price and brand.”
The OpSys team conduct 24/7 monitoring, hunting down cyber threats and responding to and triaging complex issues.
Their work also contributes to global intelligence used to identify the advanced persistent threats, or APTs, typically launched by a nation state or state-sponsored group.
The Medibank data hack was one such event, with the Australian Federal Police pointing the finger at a group of Russian hackers.
Operating at the coalface and “seeing some of the worst of what happens”, Fabri said, can be a “very stressful job”. Because of this, he is obsessed with company culture and making sure that work is fun for all the team.
Maybe this is why when he posts any job openings on LinkedIn, he is inundated with phone calls, texts and emails from Australia and overseas from those keen to enjoy Adelaide’s lifestyle while building global careers.
For those who do join the team, ensuring cyber resiliency and fighting cybercrime from OpSys’s fortress-like digs could be the coolest job in town!