From ‘fake ads’ to top-secret governments to SMEs, ASX-listed cybersecurity providers are tackling the problems in very different ways.
Tech Mpire (TMP) 8c
Nineteenth Century US department store magnate John Wanamaker famously said that half of the money he spent on advertising was wasted, but the trouble is he didn’t know which half.
The same can be said for the digital world, although the problem is more about intermediaries in the advertising chain concocting audiences that don’t exist, via fraudulent downloads.
A variation on the rort is media buyers directing ad spend (knowingly or otherwise) to unsuitable publications or those that don’t exist.
Yep, we’ve all heard about fake news. Now we’ve got fake ads.
According to Juniper Research, $US19 billion ($26bn) of all online ad spend is fraudulent and the figure is forecast to grow to $US44 bn by 2020.
But expensive problems present monetisation opportunities of their own: Tech Mpire has launched TrafficGuard, a software-as-a-service (cloud) portal for advertisers and their agencies to weed out fake downloads and to identify safe sources for their ads.
The company claims that in 40 milliseconds, Traffic Guard can tell whether it will be fraudulent or not based on factors such as the speed of the download (if it’s too fast it’s not likely to be a human) or the location of the download.
“We are the Norton Antivirus of the mobile world,” says CEO Mathew Ratty. “Our pitch is making sure advertising spend shows maximum return on investment by blocking fraudulent downloads at the click level.”
The problem is prevalent when a company launches an expensive marketing campaign for a new app.
“There’s a heap of money being made in apps but that has given rise to fraud,” Ratty says.
“For example, Uber says ‘get me one million downloads in New York City’. In the background, machines or algorithms are downloading apps.
“But the downloads never open and the app is never used. So Uber spends $1m promoting an app and half has gone out the door.”
In fact, Uber is suing Fetch for $US40m ($55m), alleging the mobile ad agency generated false clicks on its online ads.
Tech Mpire so far has signed on two clients for Traffic Guardian: Canadian performance marketing group ClearPier and US ad agency Omnicom. With the latter, TechMpire has exclusive rights for the Middle East/North Asia region where Omnicom is expanding.
Tech Mpire recently sold its 90 percent owned revenue-generating business, Mpire Network, to Canada’s ClearPier for $900,000, plus a maximum profit share of $6m over three years.
This performance marketing business generated $13m of revenue in 2016-17 and ebitda of $3m. But by its very nature, it presented a conflict of interest with Tech Mpire’s fraud-busting activities.
In the latest June quarter, Tech Mpire reported revenue of only $1.5m, bearing in mind the company launched the cloud version of TrafficGuard in July.
Tech Mpire recently carried out a $2.39m entitlement issue at 4.5c apiece, boosting cash from $4.05m to $6.49m.
Ratty says it’s a dynamic business because the nature of the fraud is ever changing. “Fraud is like any other virus,” Ratty says. “The fraudster will go somewhere else and mutate the fraud. We are constantly adjusting our algorithms to look for fraudulent behaviour.”
The company’s selling point it that while other mobile measurement platforms such as App Flyer exist, they will notify that download fraud has occurred rather than prevent it.
ArchTIS (AR9) 12c
A more chilling aspect of cyber fraud is the vulnerability of government agencies handling sensitive information and we’ve already seen many transgressions.
For example the HR firm PageUp – which has public agencies including the Reserve Bank, Australia Post and the Attorney General’s Departments as clients – recently suffered a massive security breach.
It’s one thing to block access to the top secret, but the nature of government means that sensitive documents have to be viewed by multiple legitimate eyes within a bureaucracy.
The Canberra based ArchTIS is poised to launch a cloud-based preventative called Kojensi Gov, which enables sensitive documents to be shared without fear of leaks or other breaches.
The gist is that rather than creating a multiple of vulnerable checkpoints (such as user passwords), Kojensi creates an electronic fingerprint on the data or documents determining who can access the material and where and when.
This approach distinguishes the company from other cyber security operators that try to ensure the data is not shared.
Kojensi Gov is currently being tested by the federal Attorney General’s department, with a planned commercial launch in early 2019.
An earlier non-cloud version is already used by the Department of Defence, the Department of Finance and the Department of Foreign Affairs and Trade, with the company accredited up to ‘top secret’ status.
“We are trying to be the Swiss banks of data, to the world most trusted company with the world’s most valuable info,” CEO Daniel Lai says.
Archtis listed in September 21 at 20c apiece but has been around for 12 years, generating about $13m of revenue over the last six years from a predecessor product.
“We have proved we can earn revenue and now is the time to launch a new product.”
In the first (September) quarter ramp-up period, Archtis clocked up revenue of $677,000 compared with $100,000 previously.
Archtis’s board includes Labor rooster and former defence minister Stephen Smith, whose contacts should prove handy should Labor salute at the next federal election.
Archtis shares have been stubbornly underwater since listing but with $8m of cash the company should have enough funds to tide it over until the subscription revenues start to flow.
Whitehawk (WHK) 6.9c
As the former deputy head of US naval intelligence, Terry Roberts has a lot of secrets to impart but she would you have to shoot you if she were to spill the beans.
Now the CEO of cyber security minnow Whitehawk, what Roberts can tell small to medium enterprises (SMEs) for free is that when it comes to online nasties, they’re doing the equivalent of leaving their windows and doors open to burglars.
“The traditional (scamming) methods are effective because the majority of SMEs haven’t put basic cyber security measures in place,” she says. “Ransom and phishing are still very effective. And when they’ve found a method that works they can hit several thousand companies in 24 hours.”
Family offices, she says are especially vulnerable because (a) they have lots of money and (b) they tend to run charitable foundations without technical expertise. Folk working from home are also suspect to entreaties from Nigerian aristocrats with disturbing tales of impending dispossession.
While cyber security consultancies abound, Whitehawk’s core offering is a broking platform that matches SMEs in the US with appropriate cyber security products and services. The service is free to users, with Whitehawk taking a clip from the providers.
Whitehawk’s risk analysis tool 360 Cyber Risk Framework is pitched at the big end of the town and recently won its maiden deal from a top-ten US bank worth $US325,000 ($450,000).
Based in Washington DC, Whitehawk also consults to government and businesses including the US Department of Homeland Security.
While acting as honest broker between enterprises and the array of cyber providers is a neat idea, Whitehawk faces the small-tech problem of growing its revenues to meaningful levels while preserving cash. In the June half the company generated revenue of $US240, 526 (up from $US23, 163 previously), but lost $1.63m.
As of September the company’s cash balance was $1.5m, with potential inflows of $860,000 if the shortfall from an unpopular rights issue is placed.
Whitehawk listed on January 24 this year, having raised $7.85m at 25c apiece. The shares had been going remorselessly south but doubled on November 2 after the company announced a new contract to provide the 360 Cyber Risk Framework to the US Government.
In mid-November Whitehawk signed a partnership with the Virginia based insurance agent Clarke & Sampson to source cyber liability cover for SMEs.