Airlock Digital aims to help smaller organizations comply with Australian cybersecurity regulations
Australian cybersecurity startup Airlock Digital will be committing funds of AU$1.3 million (US$900,000 at current rates) to provide small and medium enterprises (SMEs) and small government agencies with access to application whitelisting, the company announced in a statement last week.
Half of the funds are comprised of Airlock’s recent project grant of AU$650,000 from the AustCyber Projects Fund. Airlock was one of 17 Australian cybersecurity startups to have received funding under the federal government-funded agency’s three-year AU$15 million AustCyber Projects Fund, which aims to promote Australian cybersecurity startups.
Airlock received the grant in early February this year. The startup will match the AustCyber funding equally, for a combined pool of AU$1.3 million that will be focused on providing enterprise-grade whitelisting solutions, adding features such as multi-tenant cloud (shared cloud infrastructure) to them.
Unlike more popular cybersecurity tools such as firewalls or anti-malware software, application whitelisting only allows pre-approved applications to run on a given system. Files that do not feature on the whitelist will be denied permission, even if the file is not malicious in nature.
Application control is one of the eight enterprise risk mitigation strategies recommended and promoted by the Australian Government, called the Essential Eight. The Essential Eight has not been mandated yet in Australia, but represent the optimum strategies that organizations should take to protect themselves digitally.
By committing capital to enterprise whitelisting solutions, the 2013-founded startup aims to bolster Essential Eight compliance, attend to the cybersecurity threats due to remote working, and support Australian managed service providers (MSPs) and managed security service providers (MSSPs).
In addition to helping SMEs or small government organizations navigate the transition to more complex security measures, MSPs and MSSPs can provide security solutions to them remotely as well, CEO of Airlock Digital, Richard Rundle pointed out in the statement.
“As the federal government builds up Australia’s cybersecurity – recently announcing [AU] $1.35 billion in spending through the ASD and ACSC over 10 years – we see application whitelisting and the Essential Eight becoming the cornerstone of the nation’s cyber defenses,” Rundle said.
He added that there was a “compliance gap” in adoption of the Essential Eight that MSPs and MSSPs could help to bridge, especially as the Australian Government mulls over mandating the Essential Eight for federal and private businesses.
In 2017, the Australian Government was asked to mandate compliance with the Essential Eight for all corporate and non-corporate Commonwealth entities after an inquiry by the Joint Committee of Public Accounts and Audit.
However, in 2019, the Scott Morrison Government responded that it would “strongly recommend” the Top Four from the Essential Eight list, but would not move to mandate Essential Eight compliance for public entities citing poor “cybersecurity maturity”.
For now, the Government continues to focus on regulatory emphasis on the Top Four, which includes patching applications and operating systems, and restricting administrative privileges, in addition to application whitelisting.
Header image by Fotis Fotopoulos on Unsplash