WHK’s Cybersecurity Solutions Set to Benefit Utility Sector & Fortune 1000s
article PUBLISHED: 02-10-2018
Cybercrime and fraud continue to grow across all business sectors globally, yet corporate boards are failing to make cyber risk a priority with just 36% having sufficient cybersecurity protocols in place to provide effective oversight. This leaves huge segments of the economy exposed to serious and consequential threats.
Conversely, for the savvy cybersecurity provider, an enormous opportunity has opened up to provide at-risk companies with impactful and affordable cyber security solutions.
WhiteHawk Limited (ASX:WHK) is in pole position to offer these solutions, especially as no company seems safe anymore.
British Airways was the latest to come under major cyberattack. The personal and financial details of 38,000 customers were stolen from its website and mobile app, which could lead to the airline being be fined up to €1 billion under new European Commission regulations where data breach penalties can be levied up to 4% of the companies' turnover.
There’s also significant risk of damage to customer relations and brand reputation, which alone is worth billions to British Airways.
BA is a large organisation with significant resources on hand, so you can imagine how tough it must be for the smaller businesses out there. WHK is the first global online cybersecurity exchange enabling small and medium sized enterprises (SMEs) to take smart action against cybercrime and fraud.
The company has two distinct target markets: SMEs that lack adequate cyber risk insights, cybersecurity expertise and resources; and major utilities (who are a top global target), financial organisations, manufacturers, political groups and government entities that are at heightened risk of a targeted cyberattack and rely upon often hundreds of SME partners, vendors and suppliers.
We will look at the utilities sector in more detail shortly.
WHK has had plenty to keep it busy since we last updated you on its business back in February. New York based market research, completed not long after our last article, drove the imperative to develop two new low cost sales channels — 360 Cyber Risk Framework and a strategic partnership with the US focused Cybercrime Support Network.
Through the implementation of the Cyber Risk Frameworks, WhiteHawk CIO, Antonio Crespo, saw the need to dramatically enhance the personalised online experience of every SME customer. This WhiteHawk Journey, which is a part of the upcoming Website Release 3.0, emphasises the virtual long-term customer account relationships, and a tailored, well-rounded customer focused cyber solution.
WHK has already secured its first 360 Cyber Risk Framework contract, worth US$325,000, with a Top 10 US financial institution.
WHK has built and is engaging a strong pipeline of opportunities for the 360 Cyber Risk Framework across an initial US target market of major manufacturers, banks, federal contractors, and Fortune 1000 companies.
While it currently has a market cap of less than A$3 million, WHK’s established partnerships with Fortune 1000 companies include Accenture, BAE, and Citi Bank — as well as with FireEye, IBM Watson, Salesforce, and Palo Alto Networks.
It should be noted, however, that this is an early stage tech company and success is no guarantee. Investors should seek professional financial advice before making an investment.
Of course, we will break all of this down for you shortly, suffice to say that its product offering and attention to every client detail is second to none.
Catching up on,
Launched in 2016, WhiteHawk Limited (ASX:WHK) began life as a cybersecurity advisory service with a vision to develop the first self-service cybersecurity exchange simplifying how businesses discover, decide, and purchase cybersecurity solutions online via an AI Tool and virtual cyber consultants.
Today, WHK helps US companies to connect to content, solutions, and service providers through evolving its rich data and user experience and taking them on a ‘journey’ that helps them best identify, prioritise and mitigate their unique cybersecurity risks in real time.
The WHK platform enables customers to leverage their own Custom Security Story to find cyber tools, content, and relevant services to better understand how to improve and stay ahead of threats.
The bottom line is demonstrated cost and time savings.
Here is WHK CEO and founder, Terry Roberts speaking at the 121 Tech Investment conference in Hong Kong in June explaining WhiteHawk and how the WHK platform works.
You may have noticed we highlighted the word journey ... and it is key to the success of the platform Terry is talking about in the video above. Of course, she knows a thing or two about security having been Deputy Director of Naval Intelligence (DDNI), where she led, together with the US Director of Naval Intelligence, more than 20,000 intelligence and information-warfare military and civilian professionals and managed more than US$5 billion in resources, technologies, and programs globally.
For Terry, the journey is one of the keys to WHK’s customer service success. It is, in fact, an entire customer service process.
The WhiteHawk Journey is a step-by-step process beginning with an assessment of a customers’ current cyber risks all the way through to what solutions may work best for their particular situation, including best practice and product options.
The online journey begins with the WhiteHawk Artificial Intelligence (AI) Questionnaire, followed by risk scoring through a WhiteHawk partner and ends with a custom Cyber Risk Profile, including customised product options and recommendations via a WhiteHawk virtual cyber consultant.
WHK’s two new low cost sales channels the 360 Cyber Risk Framework and the Cybercrime Support Network feed into this journey and the beneficiaries will be the likes of utility companies that require a holistic solution to its cybersecurity problems.
A focus on utilities
With over 3200 utilities in the US, the vast majority being SME private and public entities, a continuous risk rating and mitigation framework is a foundational need in today’s digital age.
The importance of having adequate cybersecurity in place has never been more important — from both an economic and a national security perspective.
In Australia, the threat of cyberattacks on the country’s utility infrastructure is gaining increased recognition. Home to the world’s longest single electricity grid, which stretches more than 5000 kilometres — all the way from north Queensland, down to southern Tasmania — the grid powers much of the country, and our economy and society with it.
Earlier this year, then Prime Minister, Malcolm Turnbull, pushed the importance of securing the country’s infrastructure assets, saying, “We must not and will not wait for a catastrophic cyber incident before we act to prevent future attacks”.
Our new Prime Minister, who was then Treasurer, Scott Morrison is equally aware of the potential for disaster. Back in May, Morrison commented on the federal government’s decision to veto a A$10 billion proposed sale of electricity distributor Ausgrid to a Chinese-dominated partnership, saying the sale was “contrary to the national interest, in accordance with the required provision on the grounds of national security”.
The following SMH article examines why the Australian Energy Market Operator is ramping up Australia’s electricity infrastructure cybersecurity to protect the country’s power network.
Yet while Australia is yet to suffer from a major cyberattack on vital infrastructure, these risks are not simply theoretical.
Consider, for example, that last year hackers disabled millions of computers through the WannaCry cyberattack that took down the UK’s National Health Service (NHS), and the Petya cyberattack that hit Ukraine’s electricity networks.
In the US, the Federal Energy Regulatory Commission (FERC) has recognised that the US power grid systems are equally vulnerable to the cyberattacks that took down the power grid in Ukraine.
Additionally, EY (Ernst & Young) highlighted cyberattacks as being the single largest threat to power and electricity companies worldwide. While the World Economic Forum rates a large-scale breach of cybersecurity as one of the five most serious risks facing the world today.
The scale of the threat is expanding drastically: by 2021, the global cost of cybersecurity breaches will reach US$6 trillion by some estimates, double the total for 2015.
Mounting threat levels require a more robust response and it is imperative that major utility companies take pragmatic, impactful, and affordable action.
This year’s Global Information Security Survey (GISS) did reveal that many organisations continue to up their spending on cybersecurity. However, many survey respondents suggested that the worst may have to happen for action to be taken. Asked what kind of event would result in cybersecurity budgets being increased, 76% said the discovery of a breach that caused damage would likely result in greater cybersecurity resources being allocated.
As mentioned earlier, British Airways is the latest victim of a major cyberattack, with personal and financial details of 38,000 customers stolen from its website and mobile app.
The BA attack is reported to be the result of supply chain risk and highlights just how important is it for organisations to have adequate cybersecurity.
WHK’s solutions could be the perfect foil, particularly its cyber security frameworks.
360 Cyber Risk Framework
As seen with the British Airways breach, the weakest link for sophisticated, large companies is often their small or midsize sub-contractors, vendors or supply chain companies.
Breaches of this type, which are supply chain attacks, are an increasing problem for websites that embed code from third-party suppliers. Third parties may supply code to run payment authorisation, present ads or allow users to log into external services.
WhiteHawk’s 360 Cyber Risk Framework is designed specifically to identify and mitigate these risks via the integration of three cutting edge platforms: one focused on business risks, one on cyber risks, and one focused on mitigation and prevention.
At scale, the framework has a low cost of customer acquisition for WHK, by driving SMEs in need to their virtual cyber analysts.
So far, WHK has an active pipeline of over 20 major utilities, manufacturers, financial institutions. It is targeting large upfront contracts of US$50,000 to US$330,000, plus a pipeline of 50 to 1500 third party companies, per contract.
Data collected through 360 Risk Framework implementations by WHK shows that over 60% of SMEs have concerning cybersecurity gaps that put the entity at risk. To prevent against fraud and cyberattacks, continued monitoring of the company’s cyber risks is critical.
This process drives companies that are in a prime company’s supply chain to WhiteHawk's CyberSecurity Exchange, to mitigate key cyber risks in real-time. Some of the current pipeline companies have supply chains exceeding 5000 companies.
Being able to demonstrate real time cyber risk monitoring and mitigation across hundreds of supply chain companies or vendors is powerful and measurable. It puts affordable and transparent cybersecurity risk ratings and continuous improvement in the hands of company executives, boards and shareholders.
WHK has seen the scalability and impact of this framework, via the industrial age and manpower intensive approaches of vendor self-assessments and on premise evaluations that are so costly and rarely effective.
Through the launch of an additional sector focus, WHK is eyeing continued expansion of current engagements in 2019 that could cover hundreds of supply chain companies for a single contract engagement.
First contract secured: Top 10 US Financial Institution
In May, WHK, in partnership with Interos and BitSight, secured its first 360 Cyber Risk Framework contract, with a Top 10 US financial institution, the name of which remains confidential, generating US$325,000 in revenue.
The contract with this major financial institution is focused on identifying its exposure to business and cybersecurity risk through its 50 most critical sub-contractors. The deal has already delivered revenues of US$151,000 in the second quarter of 2018.
The news was reported by Finfeed.com:
This large initial contract will introduce WHK’s online marketplace and unique services to at least 50 SMEs that need cybersecurity assistance, driving future opportunities for WHK and its 360 Cyber Risk Framework solution in the near term.
The deal comes in addition to WHK’s existing contract with, a US Defense Industrial Base contractor, that is expected to yield US$65,000 in future referral revenue and an estimated US$1.2 million in future direct revenue over the next five years.
However, those considering this stock shouldn’t make assumptions regarding future sales, nor should they base investment decisions on performances to date. Those considering this stock should seek independent financial advice.
Cybercrime Support Network (CSN)
In May, WHK began its strategic partnership with the Cybercrime Support Network (CSN) — a US non-profit supporting consumers and SMEs with response and reporting.
CSN offers both a website registry and an emergency US phone number that individuals or companies are able to call after experiencing a cyberattack in order to report the details of a cybercrime event and seek assistance. This partnership positions WHK as a response arm for all SMEs that contact CSN needing cybercrime and fraud response and remediation services.
The CSN website is due to go live later this month, with state by state pilots commencing in 2019.
WHK’s virtual cyber consultants connect companies to effective and affordable response services to mitigate the impact to their business and enable them to find and purchase products, via the WhiteHawk Exchange, to protect their business into the future.
This is a significant development for the company as it links potential clients that are in urgent need of cybersecurity solutions — having already experienced an incident — directly with WHK. It will also advance insights into cybercrime and fraud trends nationally and what works best to remediate the impact of a cyber hit and prevent it in the future.
This flow of information will enable law enforcement to build cases and WHK to provide best of breed response services from their broad bench of cybersecurity providers, linking WHK directly with at-need companies, in real-time.
News of the deal was reported though a number of news channels...
The CSN website is scheduled to launch in October 2018, making the service available nationally, with online resources to report and assist with cybercrime and fraud events, while the first four state-wide pilots are due to start in early 2019.
Deal with Salmon Ventures
Back in 2016, WhiteHawk worked with the US Department of Energy’s CIO team to design, vet and implement a comprehensive cyber risk management framework across 67 sites.
Since then WHK has identified a similar critical need across the US utility sector for effective cyber risk identification, continuous monitoring, and mitigation, leveraging a similar integrated approach of global open data analytics, commercial risk ratings, an integrated dashboard and continuous monitoring and alerting.
This is where WHK’s partnership with Salmon Ventures comes in.
Salmon Ventures is a leading utility consultant, with a 27-year history of supporting initiatives for US federal, state, and local regulators, Independent System Operators (ISOs) / Regional Transmission Organizations (RTOs), and investor-owned and municipal utility enterprises.
The duo came to an agreement in June this year, working to further inform and enable large and established power and water companies to effectively manage their cyber risks including supply chain partners, subcontractors, and vendors.
WhiteHawk and Salmon Ventures have been engaging with thought leaders across a number of US-based utilities, associations, and regulators whose organisations and businesses are inherently exposed to and targeted by some of the most sophisticated state actor and individual hackers in the world.
The partnership enables WHK to meet with utility sector executives who understand the severity of the cyber threats against their sector and are grappling with how best to assure their services are delivered to their customers under all cyber threat conditions.
This is driving proof of value Cyber Risk Framework engagements, in order to demonstrate the impact of identifying, monitoring and alerting of key cyber risks across the utility enterprise and ensuring mitigation solutions are mapped and implemented to address them.
These POV engagements, will drive additional 360 Cyber Risk Framework sales and grow online traffic to the WhiteHawk Exchange by SME utility organisations, via a scalable and accessible Software as a Service (SaaS) portal, continuous risk monitoring, and tailored solution options.
WHK expands current portfolio
In order to address these new customer sector needs, on August 27, WHK announced that it has expanded its WhiteHawk Marketplace, growing its current suite of products and services.
The group has added more than 250 new products and services covering risk scoring, data loss prevention, and threat detection. These additions bring the total number of products and services available on the WhiteHawk Marketplace to over 600.
Industry leaders, such as CrowdStrike and Cloudflare, have been added to the marketplace as well as newcomers iTrust, CyberSponse, and Bandura Systems. Many of the products and services support WhiteHawk’s strategic partnership with the Cybercrime Support Network.
By continually adding new products and services to the platform, WHK can keep its ‘finger on the pulse’ of cyber industry trends, allowing it to inform customers of issues and empower them to choose from a broad range of solutions.
This development comes as the company continues to vet innovative and affordable vendor offerings that target the SME market and can be sold online. It supports the goal of the WhiteHawk Marketplace to be a ‘one-stop-shop’ for cybersecurity requirements, with companies and products carefully vetted by WhiteHawk to ensure that customers are receiving the best-in-breed options.
The announcement was reported by Finfeed.com,
Financial Group Partner
On top of everything else it has going on, WHK is busy working to implement a new sales approach we with financial and insurance groups.
An agreement with a Financial Group Partner would deliver unique, compelling and timely cyber risk services for SMEs.
Financial Group Partner would lead the way for the financial sector, by effectively offering risk insights and mitigation for its business clients that are operating in an increasingly dangerous and costly digital environment.
By enabling its customers to measurably increase their resilience to cybercrime and fraud, Financial Group Partner revenue can grow overtime. WHK will not enter into a similar partnership with any other financial institution and Financial Group Partner customers will automatically become WhiteHawk top priority clients.
Note that any decision with regards to adding this stock to your portfolio should be taken with caution and professional financial advice sought.
The final word
WHK has now fully integrated three current revenue streams: sales of cyber products and services via the online exchange, sales of 360 Cyber Risk Frameworks to large businesses, executive cyber risk consulting services to large government and industry enterprises.
Revenues rose by more than 900% during the half year to June 30 on the prior year. That comes despite two primary contracts for 2018, worth US$750,000, being delayed by customer’s business processes.
And further growth is being worked across all sales channels to include an exciting new approach to provide the Cyber Risk Profile, partnered risk ratings, virtual cyber analytics, risk scorecards and cyber solution matching to large financial and insurance providers to their SME business customers.
This will reduce and mitigate their customers’ cyber risks, preventing cybercrime and fraud and enabling revenue growth to all.
It also has two future primary online revenue models: sales of virtual Consulting Bundle Services and business intelligence subscriptions.
With all that in the pipeline, WHK looks likely to report a net profit later in the 2019 financial year, with some good cash flows expected in the meantime.
WHK is focused on bringing clarity to the cybersecurity experience, whilst offering solutions that meet their clients’ unique requirements. If it’s successful in doing this, we should see the company build quickly on its $2.7 million market cap.