The managing director of VeriSign Australia, Gregg Rowley, and the CEO of SecureNet Asia-Pacific, Paul O'Rourke, go head-to-head to provide the answers.
ROWLEY: When beTRUSTed purchased SecureNet with a $1.57 per share valuation you were quoted as saying you thought it was "a very fair price". Do you personally feel a pressure now to vindicate that valuation?
O'ROURKE: The purchase price of $1.57 per share reflected the quality of the SecureNet business in Australia.
This encapsulated their dominant market presence, breadth of solutions, quality staff, continual investment in infrastructure, and leveragable Intellectual Property. Based on the existing strength and continued growth of SecureNet's business, the purchase price remains a very fair price for all parties.
O'ROURKE: Very recently you were quoted as saying "It is pretty hard being on your own down here in a global market". What have you seen as being the main difficulties competing in a global market from Australia? How has it been difficult catering for such a large global market by yourself?
ROWLEY: It's becoming increasingly difficult for local Australian-only companies competing in a global world against large multinationals with significant resources and intellectual property. As the local players consolidate the market is improving with a lot of small, unprofitable companies being cleaned out of the market. From our perspective, beTRUSTed was one such small company in the Australian market that needed to acquire or be acquired to survive. VeriSign Australia, even as eSign Australia Pty Ltd, always had the support of a successful company like VeriSign Inc, with a good reputation and respect in the global security market.
ROWLEY: You also said of SecureNet from a beTRUSTed perspective that "its complementary nature really is the draw". What did you mean at the time and is it working as you'd expected?
O'ROURKE: SecureNet in Australia and beTRUSTed globally have travelled down similar paths and have arrived at almost identical business models, based on market presence, solution provision, risk management, standard compliance, and technology infrastructure services.
SecureNet is a transaction security solution provider. The backbone of its business is a comprehensive managed security suite offered out of a system of defence-certified highly protected data centres. Around this, SecureNet has a team of information security consultants and engineers, and a best-in-breed suite of solutions, partnerships, and in-house developed Intellectual Property.
beTRUSTed globally has a concurrent business model, and takes a similar business proposition to the world's largest organisations: risk management and information security are complex, high-risk operational issues. Partnering with an information security specialist organisation minimises the risk for the governments and corporate clients in the management of the security solutions.
Additionally, beTRUSTed's strong representation throughout the Americas, Europe, and North Asia complements SecureNet's dominant presence in Australia and New Zealand.
O'ROURKE: How did the acquisition of eSign by VeriSign affect your role within the company? How do you think it affected the company as a whole?
ROWLEY: The acquisition (if we call it that) by VeriSign Inc was very beneficial for eSign. With regard to my role I have taken on a broader role in the Asia Pacific business. Further, my relationship with the global VeriSign management team has deepened. As a result, VeriSign Australia has been able to influence VeriSign corporate strategy in several key areas, especially in the area of online payment services.
ROWLEY: You present SecureNet as a "one stop shop" for all solutions. With such a broad scope, is this truly feasible?
O'ROURKE: For transaction security, yes it really is feasible. The only reason that information security has been such a complex marketplace is that businesses are still moving out of the build-it-yourself mode. In all new technology cycles, businesses have to be their own mechanics in the beginning. Think computer networking through the '70s and '80s, or even better, the automotive industry 100 years ago. Technology selection was hard, gluing everything together was hard. Worst of all, you had to keep a constant watch over all the little players coming and going, trying to sell you wonderful new features and benefits.
Eventually the cycle matures, and managed service models come about where the infrastructure can be mostly outsourced. Nobody running a motor car (and no business with a fleet) changes their own oil anymore. It's going the same way in information security. It has to, because the risk of getting security wrong doesn't bear thinking about.
Businesses don't need to know what brand the firewalls are, or the smartcards, or the identity management system. They don't need to worry about how to pick and retain the best specialist skills, or about how to stay in compliance with applicable standards and regulations. All these complexities get operationalised in the SecureNet-beTRUSTed model. So we really are a one stop shop.
What beTRUSTed offers is really simple--it's a service level agreement.
O'ROURKE: Hackers seem to move faster than technology itself. The means to crack new signature/password tools are available before the product has even hit the market. What are some of the limitations you see on the digital trust services industry?
ROWLEY: The only limitations I see are the ability of smaller security companies to invest in the necessary research and development to keep pace with the market--and its inevitable hackers. Rather than limitations, I see this as increasing opportunity to help consumers, businesses, and government keep control of their business.
ROWLEY: What do you see as the key influences of growth and direction for the data security solutions market in Australia over the next three years?
O'ROURKE: There's a mixture of defensive drivers, and positive new opportunities:
- Management of the risks of technology selection, project implementation, and transaction system operations.
The best way to do this is through the managed security service model. This provides improved quality of delivery, greater certainty, reduced risk, faster return on investment, and decreased time to market.
- Select segments of the market are increasingly migrating traditionally complex, paper-based solutions online.
Truly paperless online business will transform business banking, healthcare, and e-government. Integrated security solutions and risk-managed service models are the fundamental components of this increasing migration to online contracts, data exchange, and solution provision.
- Increasing influence of security and risk management within the government and corporate marketplaces.
Increasingly the ownership of security and risk management is being migrated to individual departments and business units. Already we see that organisations are increasingly defining new positions for "Chief Risk Officer" and "Chief Security Officer".
ROWLEY: Although iris scanning may be one of the most secure options available, it is by no means applicable to every security situation. The technology is already in Australia, but again, faces commercial applicability issues. Only a few companies and government organisations will likely adopt it over the next few years, and then, only for highly critical applications. No single security technology answers all the requirements of the market.
ROWLEY: What is your prediction for data security solutions requirements in the Asian market over the next three years?
O'ROURKE: The broader issue of information security captures the critical cross-over issues, for risk management, corporate governance, and business continuity. All businesses in the region--but especially those in finance, government services, and healthcare--are looking to:
- contain the cost of information security
- ensure that information security fits squarely within their overall risk management position
- minimise the risk of technology selection and vendor churn
- demonstrate to themselves (and their boards and regulators) that they are spending their IT dollar wisely
- embed high-grade security into their operations and business processes
- reduce the cost of compliance, by engaging specialists with economy of scale and sharing infrastructure.
ROWLEY: There is definitely a boom in eCommerce; not in the dotcom pure-play space, but with traditional businesses that are now utilising the Internet to securely transact. It is not only us who see the dramatic growth in online transactions but others in the payments and security business as all of these transactions and communications require security. I think people still get distracted by the demise of high profile dotcom companies.
Think about your own personal lives: two years ago you may have only bought books and checked bank account balances online, now people routinely book travel, accommodations, etc and move thousands of dollars around utilising the Internet. This means that not only has the volume of transactions increased but even more dramatically the average value of the transactions has increased and hence the need for security.
ROWLEY: Having sold your interest in SecureNet Asia what are your plans for this market now?
O'ROURKE: beTRUSTed's existing strong presence across the North Asian marketplace complements SecureNet's dominant operations in Australia and New Zealand. beTRUSTed has key operations in Japan, Korea, Singapore and, to a lesser extent, in Honk Kong. The divestment of the SecureNet Asia interests now provides beTRUSTed with a consolidated approach for the provision of our solutions across the region.
beTRUSTed has significant growth plans for the region, both through organic and inorganic growth. This growth will be focused on key markets where there is an increasing focus on risk management and security solution provision--namely Japan, Korea, Singapore, and Hong Kong.
O'ROURKE: To what extent is VeriSign's move into the online payment processing and hosting market a change in direction for the company in Australia and a move away from a core security focus?
ROWLEY: VeriSign's mission is "to enable everyone, everywhere to engage in digital commerce and communications with confidence". Online payment processing is fundamental to this mission. And, as financial transactions are critical to consumers, businesses and government, the security aspect is even more important. VeriSign's fulfilment of our mission statement is increasing the value that we offer and deliver to our growing customer base.
ROWLEY: I noticed on your Web site that one of your white papers was written by Diversinet in Canada. What is your relationship with Diversinet?
O'ROURKE: SecureNet forged a relationship with the Canadian wireless technology specialist some time ago, taking new wireless trust services into the market across Asia. Diversinet is a worldwide pioneer of client/server wireless software, wireless digital signatures, authentication and encryption for PDAs, phones, smartcards, and laptops.
We see Diversinet as a key component in our spectrum of managed services. We are committed to delivering secure wireless options, in line with evolution and growth in wireless service provision. Wireless is another channel, with exciting and challenging features for payments, messaging, banking, shopping and gaming services. We will ensure that our clients can depend on the same high-grade security underpinning their wireless transactions, as they should for their existing solutions.
O'ROURKE: If VeriSign in the US is adding managed security services and monitoring to a broader security portfolio, will VeriSign Australia follow suit?
ROWLEY: We continue to broaden our local services portfolio. However we remain focused on delivering only the solutions that suit the local market. Also, we jealously guard our service reputation in the market, and will only launch new services once we're certain we can guarantee the service levels.
ROWLEY: Under "Industry Solutions" on your Web site you identify three major industry subsets: banking & finance, health, and government along with the fourth more generic e-commerce. Does this represent your focus in the short term?
O'ROURKE: Yes. The Australasian and Asian markets bear out this view of the top three segments. It makes sense because they're all very paper intensive, they're all handling very sensitive information, and they happen to have a strong technology baseline already. Peak clients of the combined beTRUSTed and SecureNet include:
- Australian Tax Office
- Australian Customs Service
- Health Insurance Commission
- ANZ, the National Bank, and a number of large banks across the Asian region.
ROWLEY: Our view is that the PKI market, originating in the dot com boom, is now taking off with real applications from real businesses and government departments. PKI refers to a specific trust technology and VeriSign is focused on the broader mission of providing solutions for consumer, business, and government--and as we know, one solution does not fit all. Whilst managed PKI services remain an important part of VeriSign's business, we are continuing to provide additional security and digital commerce and communication services to our customers.
ROWLEY: With the end to the football season how did your team go and did you win your office footy tipping?
O'ROURKE: I have to blame my travel schedule for my failure in my footy tipping competition (travel isn't really a good excuse--but I don't have any other). My team finished outside of the finals, but as always I am an optimist and believe that next year we will be premiers--again!
O'ROURKE: As an astrophysicist, what has been the highlight in this field in recent times for you?
ROWLEY: My kids were fascinated by the recent close encounter of Mars. Personally I'm excited by anything that gets them away from the Nintendo or PlayStation!
 About SecureNet With 20 years experience, listed transaction security company SecureNet is known for e-security services and enabling technologies designed to help organisations build online trust with their customers. SecureNet was recently acquired by beTRUSTed, a global provider of security, identity management, and trust services, becoming the Asia Pacific operations centre for beTRUSTed. |
 About VeriSign VeriSign Australia (formerly eSign Australia Limited) was established in July 1999 to provide Internet trust services to Australian government, business, Web sites, and individuals. Its suite of services includes managed security, domain name authentication, online payment, wireless and validation services, and serves as a gateway for governments businesses to establish or grow its online identity and Web presence. |
2%
4%
