Cyber cop, foiler of criminals.
PS&C is a Melbourne company with fingers in many IT pies, including fighting cyber attacks.
As the world has become more mobile, with smartphones, tablets and cloud-based activity, there is greater opportunity than ever for internet crime.
PS&C managing director Kevin McLaine oversees the teams that isolate weaknesses in a client’s security – both virtual and physical – and set up the systems to foil the criminals.
"Initially the cyber security business was directed towards organisations with financial transactions facing the public, such as banks and insurance companies.
Now it has moved more into the mainstream because many companies’ data is more accessible than ever. You now have staff walking around with tablets that are accessing sensitive information – anything from marketing or strategy to financial data, so security has become a much more important issue.
Recent changes to Australia’s Privacy Act mean organisations that hold consumer data must take reasonable steps to make sure that data is secure. Companies are also subject to fines of up to A$1.7 million for every breach.
While that level of fine is not a massive issue for a very big organisation, the fact they’re not taking reasonable steps to protect their data is a concern for their business model.
This means people in charge of general risk inside organisations up to the C-level and boards should be more concerned about the ramifications of cyber attack.
In the area we operate in, which is assurance and penetration testing, we get paid by an organisation to hack into their systems. Then we share how we got in and help with the solutions to plug that hole.
Every time a company installs a new application or changes its website, that really should be penetration tested to make sure there’s no new hole for hackers to get into. And this testing needs to continue because companies are continually updating their systems and changing websites.
But a lot of hacking that goes on is not actually malicious.
It’s a fairly competitive space but the industry will move more towards a managed service-type offering, which means that more companies like ours will be on a retainer.
Our business came about a few years ago when we could see there was a big growth phase coming for security services. We initially looked for security assets and then we looked for businesses to wrap around them, with client bases that we could walk the security businesses into.
We came up with the three pillars: the security business; a “people” business where we place staff inside customers’ businesses for system updates and development projects; and a communications business, where we implement unified communications and IP telephony-type solutions. It’s an exciting industry to be in.
Trick of the trade
At the end of the day all our businesses are people businesses. It is important to find, cultivate and keep the very best. In our industry the good guys are the white hats.