Cogito GroupCogito Group is a cyber security company specialising in authentication, encryption and data protection, the technology that protects the storage, processing and management of sensitive information. Founded in Canberra in 2011, Cogito Group began in a garage in Weetangera. Husband and wife team, Bernadette and Richard Brown quickly expanded to an office at the back of the Hawker shops and then moved their growing team to substantially larger premises in Barton. They also began exporting their services globally, setting up an office in Wellington.

In the nine years of operations, Cogito has diversified and gone from providing specialised professional services, to developing software. Jellyfish®, the flagship cyber security platform has been developed to not only detect but actively prevent cyber attacks. It is a cyber security command and control platform that holistically manages security products through a single pane of glass.

Bernadette says Jellyfish was developed to solve the problems that we see customers have with managing and protecting data. Increasingly workers are mobile, applications are in the ‘cloud’ and you need access to networks through a much broader range of devices. We also need to access data in more sophisticated ways. Security tools that don’t talk to one another can create huge security gaps. Your network can end up looking like a block of swiss cheese, full of holes. Jellyfish has been designed to tackle all these issues through integrating disparate systems.

While Government and Security agencies, including Defence are the biggest users of their products, small businesses can also benefit and reduce the risks of data breaches. Cogito has achieved public recognition for its innovative services through numerous awards including a 2018 iAwards, 2018 Land Forces Innovation Awards and the 2017 ACT Export Awards.

Digital world is borderless

Cogito GroupBernadette says that when COVID-19 hit, they were sure borders were going to close. So, husband Richard, has been in New Zealand since late February running their Wellington office. The couple has been separately managing their two offices in Australia and New Zealand since then.

“We are both avid news watchers,” says Bernadette. “We watched the pandemic spread from China into Europe and we were concerned about how it might impact the business as we rely heavily on domestic and international travel to operate.

From a business perspective, Bernadette says it was the right decision to send Richard to Wellington. “New Zealand went into Alert Level 4 very quickly. Cogito ran the NZ ‘All of Government Authentication as a Service’ and we were classified as an essential service by the New Zealand Government. This meant we could continue operating when the rest of New Zealand was in complete lockdown. To continue to operate we needed to ensure our staff were safe and we followed Government guidelines. We split the teams up into Team A, B, etc to be physically segregated and immediately put in place our business continuity and pandemic response plans.

Physical borders may have been closing but the digital world is borderless and cyber attacks were on the rise.

“We’ve found, particularly in New Zealand, where Jellyfish is used by a number of government organisations, the benefits realised by these agencies through our software have been infinite. Jellyfish has provided enhanced situational awareness by intelligently combining data from multiple sensors and applications. Because it automates security functions and dynamically adapts to new threats, it is providing an active rather than passive approach to cyber security to our clients in New Zealand”.

Do more with less

“We’ve been extremely fortunate by the opportunities afforded to us in running the All of Government Authentication as a Service solution in New Zealand. We are now using Jellyfish to roll out New Zealand Government’s Secure Encrypted Email and its Shared Accommodation Solution. These are two more holistic cyber security solutions that will be available to all New Zealand Government agencies.

“By ‘holistic’ solutions, I am referring to the fact Jellyfish brings previous ‘siloed’ functions together. For example, Jellyfish integrates your Physical Access Control (PACs) system, e.g. doors, with the Logical Access Controls (LACs) system, e.g. network/device. In linking these systems, Jellyfish can not only detect but also prevent the possibility of a remote attack, even where valid credentials are used. This is because if someone hasn’t swiped into a room where a device is located but remotely accessed that device, Jellyfish can lock access to that device immediately. This means we can identify and actively respond to new risks. This is not just on PACs and LACs but across a number of other platforms, such as Mobile Device Management.

“It’s always been a key strategy that we create software that not only prevents a breach from occurring but is practical and affordable. So many organisations spend so much on consultants that point out the gaps rather than technical specialists that can plug them. We’re focused on strong security that creates streamlined efficiencies. Our mantra is to do more with less”.

Changing strategies

Cogito GroupBernadette says that Cogito has actually picked up new customers since the coronavirus pandemic, but their focus has shifted.

“Pre-COVID, we were focused on a global marketing strategy. We were really focused on the US and the UK. We are still responding to international tenders and receiving requests for demonstrations but strategically we are giving greater focus to Australia and New Zealand. This is where we have staff and a strong client base. In Australia, we’ve been focused on delivering a number of large-scale enterprise level projects to large government agencies. This has meant we’ve had a combination of work from home, on-site and some domestic travel. Managing the logistics of these projects has been difficult as safety has always been the key priority”.

Bernadette believes that sovereign markets and cost factors will become more important.

“We're in the cybersecurity market and in some ways, we have been very insulated because our client base is largely government agencies, defence, telcos and finance. We have been very insulated in terms of our client base not really being impacted by COVID. That's not to say that those organisations’ revenue may not decrease over time, but we have been very lucky that we didn't have any exposure to corporates that were impacted,” says Bernadette.

New opportunities

Bernadette says that they have identified new opportunities to build on already existing partnerships, with American and European cyber security providers.

“I think the market is going to get very competitive. It is not a market where you can sit back but have to constantly innovative and show your clients the value you bring to their organisation. We’re also doing a lot of research internally on encryption technologies”.

Growing conservatively

Bernadette says Cogito has a number of different arms to the business.

“We've got a research and development arm, an operational arm, a professional services arm and we've got an as a service offering”

“I actually think having all the different arms to our business has meant that we were actually able to take the hits. If the professional services arm was impacted, we were able to move resources into the operational arm. We have designed the company in a way that it is very conservative. We're not that sort of ‘just in time’ economy. We have always grown conservatively. We haven't been after the quick dollar. For us reputation is everything. I think of ourselves as quite a traditional and conservative organisation, here for the long term and I think because of that we've weathered this storm”.

Strong focus on staff and clients

“There is no doubt it’s been a challenging year. Because Australia and New Zealand have dealt with the pandemic differently, we’ve needed to stay on top of the changing rules of each jurisdiction. Within Australia, we have had the additional challenge to factor in the different guidelines on how each state and territory was operating as states started closing their borders for staff outside of Canberra”.

Bernadette says particularly the months of March and April stand out. “We were in uncertain times, and I noticed some staff were becoming increasingly anxious to the impacts of COVID-19. We started to send out regular updates to staff. Cogito management meet frequently to ensure we were safeguarding our staff’s health and wellbeing and protecting our business continuity to maintain essential services for our clients. It was a situation unlike any we had faced before and I’m proud to report we successfully faced it together.

“A lot of our communications to staff focused on the importance of not only physical health but also mental health. We sent out ‘thankyou’ care packages to staff and their families. It was important to recognise we were in unprecedented times, people were anxious and needed to be cared for.

Cogito Group“We identified our priorities to be first and foremost the well-being and safety of all staff during this disruptive time; secondly to keep all staff working productively in a safe environment and thirdly, to minimise the risk of organisational disruption due to illness and minimise disruption to client services”.

Bernadette says the pandemic did highlight some gaps in organisational policy.

“What we found is that we needed an employee assistance program. It was one of the first things that we did as well as a lot more communication. The staff really did appreciate it. We haven't had to go on JobKeeper and we haven't had any staff impacted by what's gone on, but their partners and people that they care about have been impacted”.

Trans-Tasman Bubble

“There is no doubt we have been cushioned from the magnitude of the pandemic globally. Governments in Australia, particularly Canberra and New Zealand have worked to keep it so both nations are in good shape. We are very hopeful that quarantine free travel between Australia and New Zealand will commence soon. We keep an eager eye on any new announcements. It’s been particularly rough on Richard, the kids and I being separated but I am so very proud of what we have achieved”.

Three tips for organisations thinking of exporting

Bernadette has three tips for internationally focused businesses

  1. Ignore the noise - Ignore the background noise and just focus on your market, customers and staff, they're essential.
  2. Know what you are selling - Have a very defined sandpit in terms of what you offer to people. Don’t dilute that sandpit, you need to know what your value proposition is.
  3. It's okay to make mistakes - Sometimes it's five steps backwards, but then it's a leap forward. You need to learn from the mistakes and rejections.

CogitoManaging rapid change and growth

Bernadette says that Cogito, like many global cyber security companies, witnessed unprecedented demand and interest over 2020-2021.

"Resellers across the globe, including Singapore, India, Canada and the US reached out to us for information on our products. In our more established markets, we made even greater inroads. For example, the three months from April-June 2021 we onboarded approximately 90 New Zealand Government agencies to our Jellyfish as a Service platform. Many of the agencies had unique challenges, like Antarctica New Zealand. It required ‘an all hands on deck’ approach while also ensuring quality of process while we scaled. We’ve continued to find, particularly in New Zealand, where Jellyfish is used by a number of government organisations, the benefits realised by these agencies through our software have been infinite. These continue to be challenging but exciting times as we continue to research and develop innovative and unique solutions".

Globally, organisations are heavily focused on mitigating strategies to ensure they have controls in place to protect them from attacks. The threat is real and growing. There is growing awareness these threats must be actively rather than passively managed. Cogito’s Jellyfish provides enhanced situational awareness by intelligently combining data from multiple sensors and applications. Because it automates security functions and dynamically adapts to new threats, it is providing an active rather than passive approach to cyber security.

Cogito"During this period we also invested in ensuring we met international standards. In December 2020 we received ISO27001 certification for our global operations and solutions.

"With the opening of the travel-bubble between Australia and New Zealand, Cogito was proud to host the ACT Chief Minister, Andrew Barr and Commissioner for International Engagement, Brendan Smyth at our Wellington office on 21 May 2021 and run them through our solution and NZ operations.

"Our business model continues to rapidly evolve and adapt to address the challenges of the global pandemic. We are grateful we have been able to run our operations with staff wellbeing and safety remaining our priority. Logistics continue to play a large part of planning.

"We also proudly clocked over “ten years” as an ACT Company in June 2021. We look forward to celebrating this milestone with staff, clients and stakeholders".

An initiative of the ACT Chief Minister’s Export Awards
The ACT Chief Minister’s Export Awards aims to showcase and celebrate the achievements of Canberra region exporting businesses. These Canberra and region businesses transact significant parts of their business activities (legal, accounting, production, research etc.) through the ACT as they develop international markets. The ACT Chief Minister’s Export Awards aims to build the pathway for new and emerging Canberra region businesses seeking to internationalise their business. If you are a new or existing exporting businesses in the Canberra region, you can access a range of support as well as network with other exporting businesses, including

The ACT TradeStart Program helps ACT exporters to achieve long term success in international markets. The TradeStart program allows the ACT Government to work closely with Austrade and access key Austrade resources such as their export database, trade mission activities, their off-shore offices, intelligence and international connections for the trade and investment activities to support ACT exporters.

The International Business Engagement Program is being delivered by Canberra Business Chamber on behalf of the ACT Government. Its main objective is to maintain, rebuild and find new opportunities for Canberra and region businesses to engage internationally. The program focuses on building the Territory’s exporting community; providing training and support by facilitating seminars and workshops; creating links between local industry and other government support programs; assisting the ACT Government in co-ordination of business trade delegations (outbound and inbound).