Global Innovation and Technology Discussion with Ausenco CIO

In Episode 010 of REDD’s Business and Technology Podcast our hosts Jackson Barnes (BDM – REDD), and Brad Ferris (CEO – REDD) interview Anuj Anand, CIO at Ausenco. Anuj shares his insights from starting as an engineer to now running a significant IT team of 55 people, supporting the global mining giant, Ausenco, with 3,000 employees. Listen to his unique process for internally pitching technology innovation & valuing technology partnerships for success.

Ausenco is a multinational engineering, procurement, construction management, and operations service provider to the energy and resources sectors. Over their 30+ year history, Ausenco have brought together leading companies, engineers and scientists to serve new industries, expand their capabilities and bring new solutions to market.

Recorded Monday 31^st October 2022.

If you would like to discuss any of the topics discussed in this episode further with a REDD expert or if you would like to be a guest on the show, please get in touch either via our website, [email protected] or through any of the links below.

https://www.linkedin.com/company/redd-digital/

https://www.linkedin.com/in/bradley-ferris/

https://www.linkedin.com/in/jacksonpbarnes/

https://www.linkedin.com/in/anuj-anand-8a98732a/

Thanks for watching!

You can find the full transcript below!

– Hello and welcome to REDD’s Business and Technology Podcast. I’m your host Jackson Barnes.

– I’m your cohost Brad Ferris.

– And I want to first introduce our special guest from REDD, our Founder, Nigel, did you want to introduce yourself?

– Yeah, thanks Jackson, really appreciate it. So, Nigel Heyn, Founder of REDD. We sat out on a journey six years ago to reimagine everything done digitally, make people’s lives better through technology. And here we are still doing it, re-imagining technology with podcasts. And so, yeah, thank you for having me here.

– No worries. And today we’ve got our guest, who is from a Ausenco, the global mining and oil and gas giant based across 26 offices in 14 countries with projects with over 80 locations. Recently also named one of the top 10 most innovative CIOs to follow in 2021, Anuj Anand. Anuj, thanks for coming on. And did you want to go through your background first?

– Sure, mate. Firstly, thank you so much for having me on probably the most high tech setup I’ve been in a long time and ever.

– Thank you.

– Probably the second most ever, so well done.

– Thank you.

– Already shows the passion and technology over here. It’s exciting to be here. Yeah, so I guess I started probably in engineering 13 years ago, as an engineer.

– What about before Ausenco?

– Before Ausenco, it was a company called Alcan Engineering, now Rio Tinto Alcan. So that was my first job and got my first job as a graduate. So I did my work experience over there and then converted the work experience to full-time work. I did try going on a six month sabbatical through Europe, but that got canned because it was on one of the biggest projects done in Australia in Northern Territory in an area called Gove. And the project was running full swing. So it was pretty much either stay on the project or go and never come back.

– Yeah, see you later.

– Yeah. And I always thought, the advice the old man gave at the time, you can always go on holiday. You can always do that. And it’s been about 15 years and it still hasn’t happened.

– So that’s a funny one. I got the exact opposite advice from my dad and I don’t think he realized how quickly he said, “Mate, you young once so you better enjoy it. You’re going to be…” He said, “You’re young once you’re going to be old and working forever. So enjoy it while you can.”

– So I think key differentiate over here around, I’ll say it, since we’re among friends around brown parents versus other parents, it’s like, “You will work, you’ll be a doctor, an engineer or a lawyer and that’s it.”

– No choice.

– Everything else will follow. That’s right.

– And and then you joined a Ausenco and so as an engineer first?

– Yeah, so I started in the instrumentation controls department and spent, I guess, some of my informative years in the engineering, I guess, project side so went to site a couple of times and always had an aptitude for technology. So from the start, even at Alcan, there was a point of time where I decided that I wasn’t going to sit down and manually fill in 2,760 data sheets, quite elaborate data sheets, and you’d have to read a drawing and then go in and type it in and then read the drawing, look at the process data, go and type it in. And there was a lot of it, so I had a full year to do it. So decided there was an easier way to do this and may or may not have broken through their database and figured out, wrote an Excel script and connected the Excel spreadsheet to the database and made sure that I filled in all the data within a few months versus, the year that was allocated. And then they realized that I must know a bit about technology, so got told that I could help out the IT team who needed some help at the time. And that was my first foray in tech doing some work experience there. And when I moved to Ausenco, it was actually very similar and that they needed assistance with the design systems and the design tools. So the 3D design tools that they used along with the engineering side. So, I helped build that bridge between the two and that was the constant focus for me and working on projects, helping use technology that actually made sense for the projects versus, just technology. So, it was an interesting avenue and an interesting background compared to everyone else that I meet within the technology space.

– Definitely.

– Yeah. So spent a lot of time doing that. And then at some point of time, one of the projects that I worked on and built this software platform for the project, they voted or put it into a contest for most innovative solutions on a project and saved them a fair bit of money. So that actually won an award in London in 2014. And that’s when I guess the C-Suite started taking a bit of notice going, “Anuj must know a bit about technology. He’s done a few things in the past, he’s helped us make a tangible difference to projects.” And that’s when they called me into what I called the principal’s office. I remember sitting down in West End, I think it was level three, and the C-Suite was level five at the penthouse. And one of the EAs came and tapped me on the shoulder saying, “Neil and Greg…” Who was our CIO and CTO at the time, “Want to talk to you.” And I was like, “Oh man, I’ve done something wrong. I’m in trouble for something. I’m going to… I better pack my bags and and get ready to be walked out after this.” And so I did pack my bags and then I go up and I had a very different trajectory. I was always part of a high potential leadership program in the company and always thought I’m going to go into GM of engineering, run an office, move to a different country potentially, and build my run rate that way. And when I walked in, they’re like, “Oh, Anuj sit down.” And very casual setting in the principal’s office. And I was like, “What’s going on?” And they’re like, “Have you ever thought about a career in IT?” And I was like, “No, don’t really like those guys. Never gimme permission to do anything. I have to take them myself.” Love the guys. Yeah. So that’s how it started off. And as they say, the rest is history.

– Well done. It’s pretty impressive. Focusing on systems and realistic outcomes for the business. And then you go straight into CIO, did you want to touch on an overview of a Ausenco, who they are?

– Yeah, for sure. So Ausenco is widely spread as you said, quite geographically spread around the place. About 3000 people globally, give or take. My team is about 55 people globally across the various regions. So we’re very big in the engineering services, mostly focused around the mining space, everything that we do, and the core of what we do is around mining. We’ve just moved into the ESG space. Big focus for us over the coming years is around that ESG space, really helping our clients evolve as well. So, we’ve just made some investments when it comes to software, when it comes to technology related to ESG, measuring our own outputs and then using that and the work that we’re going to do to help our clients evolve as well.

– And I’m interested to know, I know you probably spent the last six years in North America, the difference you see between what the North Americans from adoption of technology versus Australians, right? Cause I know you spend a bit of time working with IBM and the Watson and the AI BI space. Anything you can share, good insights that you’ve been playing in the big league, so to speak, and little Aussie down under what can we embrace or what can we do better?

– Yeah, great question Nigel. And I think, I see it over here being back for about seven months now and quite focused on the technology, meeting a lot of vendors, meeting a lot of clients, a lot of people in this space. The mark difference I would say is the adoption, like you just mentioned, Nigel, and how quickly people are ready to take the plunge versus what’s going on over here. I’m not saying that we’re that backward in Brisbane, little Brisbane, for what it’s worth, it’s actually doing quite well when it comes to technology. There’s a lot of great companies like yourselves, in this area playing in this field. However, in Canada or Silicon Valley of The North, which is Vancouver, Brad, you’ve seen it, and so close to San Francisco, a lot of the startups, a lot of the technology a lot of the offshoot from Silicon Valley does go into Vancouver so it’s got a great tech space, it’s got a great little community when it comes to technology, very good to get talented resources in that region as well. But again, adoption’s quite fast. people are ready to adopt and actually take the risks and make the investments versus what I’ve seen over here. And I think that’s pretty important.

– Yeah. Okay.

– Yeah.

– So any lessons, I guess in your time here, only been seven months? Would you see that Australians are probably a bit too conservative, we should be taking a few more calculated risks? Is that it?

– Yeah, definitely. and it’s one of those things, it is that practical reality based approach that I often think about and talk to my team about. So when it comes to newer technologies you shouldn’t just jump in because it’s new, right? Like when it comes to artificial intelligence, there was this big buzz when it came to VR and AR, there was this big buzz and everyone made all these huge investments and leaps overseas. And I guess, the piece that was missing from that whole thing is what the realistic output of that was going to be. What was the goal going to be? just because it’s cool technology, doesn’t make it great for yourselves, right? Where’s the value going to be? For ourselves we went… When it come to VR and AR, we actually went with the approach of what the mark difference for us was going to be bringing the remote or site based travel, et cetera, to the office. so you don’t actually have to be at site, remote mind, you don’t have to travel, you don’t have to leave your family. You could put in a headset and virtually be at the site if that was possible. so that was the outcome or the goal that we were trying to achieve. We may or may not have got to it, but we actually set up, magic milestones is what we call them to say whether we wanted to go or not go after we were able to prove technology at a certain point. So we would set these milestones and make most of our investment aligned to those milestones. So we would always say, “All right gate one’s going to be X if we achieve it we make a go no go decision at that point of time.” Versus saying that we’re going to spend $500,000 and get to this point straight away. So, even when it came to IBM Watson, we made our investments staying quite cognizant of the fact that we might not achieve that goal. However, if we did tick the boxes, we would get a lot closer to ticking that… Meeting the goal or the milestones. So yeah.

– Yeah. Good framework.

– Yeah.

– Fantastic.

– Yeah, and it’s worked so far for us, making sure that the goal is realistic, making sure that we’re setting something that’s going to be important to the business. I feel with a lot of proof of concepts, a lot of new technologies and new adoptions new implementations, people over promise and that’s the problem, right?

– Yeah.

– You can always go… And it’s up to us as leaders within the business to actually bring a reality check to that situation going, “Well, okay, how are you going to achieve it? What value is that going to make to the business?” And for myself actually coming from the floor, I can actually see some of those tangible benefits, like it will make a difference if we can get, a combination expert on the phone or with a VR headset, being able to look at what’s going on on the site versus actually traveling and then they can look at about 20 sites versus, just being at one site.

– Yeah, that’s so cool. So how much of that… How widely implemented is the VR, AR?

– Not very much right now, Brad. so I guess, we didn’t tick the boxes at an early stage, so we actually went through those milestones and went, “All right, we’ve bought the headset, we’ve actually invested in some programmers that specialize in it.” So, we’ve made a bit of traction we’ve got 3D models that are available to be viewed through a headset, so it’s not just on a screen. Like you could actually put a headset on, you could do a walkthrough. It does take a lot of work to get to that point.

– So, what are the roadblocks? Is it software, the hardware, communication on site, change management.

– At this stage, I’d say the big problem for us, is the time it takes with developing the software and taking the model, if it was a click of a button type of thing to say, actually you’ve got the model, a 3D model, that you can view on a screen. Great, and like if it was click of a button or minimal investment to go for A to B, that would make it a bit of a realistic outcome. At this stage there’s still a lot of programming with Unity or whatever it is, to actually go through and get to that next level.

– Conceptionally, it sounds so promising, but-

– It’s sounds great, right?

– It’s so difficult to implement.

– So when you go to level six, I think you said, where the executives are-

– Level five.

– Level five.

– Level six is when you’ve parachuted out.

– Do you go through that magic milestone approach when you are trying to pitch a new technology innovation to them?

– Yeah, all the time. so every time we go through any of these new technologies, innovative ideas, we do get the buy-in from a lot of the C-Suite and it usually takes like two or three people to actually be heavily invested in the idea apart from just myself. I can say hand on heart, I am quite the optimist and I look at a lot of the technology, I say, “This is got great value.” Like Brad said with the VR piece, it was like, “Oh, this is going to be amazing. This is going to be game changing.” And then it might take someone else one of my colleagues or to actually go through and test it out a bit with me going, “Is it going to get to this point? Have you got enough off the gates or magic milestones that we spoke about in place to ensure that you’re going to get to that? How much money are we going to spend before we potentially don’t achieve anything?” So it’s important to actually make sure that it’s not just me making some of those decisions.

– Yeah. That’s really good advice.

– Well, just on that Anuj, it’s interesting. So you’ve worked with a lot of vendors, a lot of partners, like in the business case, putting that advice coming up with something that makes sense from a commercial point of view. How do you as a leading CIO lean on your vendors for that help and that assistance, right? So as a technology business, the more we can learn to help, partner, can you talk a bit about that?

– A 100% Nigel, I think this is a conversation that I’ve had with multiple people that I work with. It’s that understanding of our business, right? So you can’t just have a blanket business case that you think it’s going to be a one size fits all. And I think the relationships that we establish is we do the same thing with our clients. we try to actually get into the business and understand what they’re doing, what’s going to make a difference to them to help them prepare that business case. You might never get to the point of knowing all the nuances, but if you actually understand what we’re trying to do, what sets us apart, I think, that makes the biggest difference to actually develop a business case together and collaborate on a business case versus just saying, “We believe it’s going to be X, Y, Z, and that’s the value that we’re going to bring to it.” Without really understanding what the business is and what we’re trying to do. So, and I think the only way that you can get to it is developing that relationship and having these conversations about what sets Ausenco apart or what sets any business apart.

– Fantastic. Yeah.

– So getting to know the business. So that’s a bit of advice you’ve got for IT partners. What other advice would you have for selecting a good IT partner?

– I think the biggest thing for me is having that relationship, being able to sit down and anyone on my team will tell you this. I think even the conversations I’ve had with Nigel, anyone will say this we’re not going to work with anyone. We’re not going to sit down and have a beer or coffee with or want to do that, at a personal and professional level. I think what it really boils down to, and I’ll try to play this out, is a lot of the time things might not go through and when it comes to technology, it’s quite binary, right? Zeros and ones. So there will be points of time where the technology will not work or operate as as you expected it to do so. I think, the worst case scenario is that you go back to a service level agreement and say, “No, you said that it was going to be down at a minimum for an hour a month and it’s down for an hour and 30 minutes, and now you have to give us this credit back.” I’d rather sit down with the person and just say, “Hey, this happened, or it’s happened constantly, how do we get around it?” And that can only happen if you’ve got a relationship with someone versus just going through and being very transactional. I’ll send you an email fill in the paperwork, we’ll buy the software. And there’s a lot of vendors like that and when they don’t perform, you get to that point, “Well, here’s the SLA, you owe us this and give to you.” But I think the most important thing is, to be able to sit down together and work through this.

– And get a strong relationship. And that’s great.

– Partnerships.

– Partnerships.

– The success of your role in your organization, and it is really the power of the partnerships. Right?

– That’s a 100% right.

– So just on that vein, what keeps you up at night as a CIO going into 2023? What worries you?

– I think, every CIO or CSO will say this at this point of time, it’s cyber security or losing information or having a breach through any framework, any partners that you’re working with. One of those little nuances. Making sure that you are as airtight as possible. It’s getting to a point of time as we see almost on a weekly basis that you might not plug every hole. So, that’s really what keeps me up at night at this point of time.

– And with a global team, I guess, your challenges are exponential compared to so many others. Can you talk through some of the, I guess, what you are seeing is done elsewhere in the world, best practice. Is there anything that you can share in that regard?

– Yeah. Look, Nigel, it’s a hard one, right? The more you share, the more you open yourself up as well, right? Like, what vendors you use, what strategies you use. It’s at that point of time right now, whatever you have or say can be used against you as well. And not to share… I’d love to share with you guys at a personal level, but I think what I see now more than what I’ve seen before is the ability to have the right partnerships in place. Whether it’s Arctic Wolf or CrowdStrike or any of these companies that we work with, or talk to, it’s making sure that you’ve got a robust structure in place, or a robust support mechanism in place that if something does go wrong, you’ve got the right team to help you recover. Or it’s to minimize that downtime. I think one of the things that we’re focusing on next year is around making sure that we’ve got the right DRP in place to recover and have the right recovery strategies in place to make sure that we’re able to come out off any breach.

– I mean, the risk, you just cannot, by definition get it to zero. Those mitigation practices you put in place, partnerships, policies, controls, all that kind of stuff. And just being diligent is critical. And that’s what we’re seeing a lot of as well.

– Well, generally speaking in those, what advice would you have for other CIOs in Australia, to look at first? Would it be compliance? Just who they’re partnering with, like selecting a cyber partner. What advice would you give to them?

– I would a 100% say to have the right partnerships in place and the right agreements in place, before anything else. Because you’re never going to be able to tick every box and you might not have every answer yourself, but if you have the right partners they may be the ones that bring to you different things or different scenarios that you might never see being so involved in your own business. And we’ve had that over the past couple of years, right? Like, we’ve had multiple partners come into the business going, “Have you thought about this? Have you thought about this?” And I feel there’s a bit of a trap in this whole piece as well, because you could over commit, And then when’s the end of it? We could theoretically spend millions and millions of dollars trying to cover ourselves, but what value is that going to be? Going back to the business value, I feel like we’re getting to a point now where the cost of cyber is potentially more expensive than the cost of what we’re trying to protect.

– Back to pens and paper.

– Yeah, it could be the answer.

– Yeah. It’s a scary time. And especially as CIO, when you partner with someone, you’re putting your neck on the line, right?

– Yeah.

– Because we touched on this a couple weeks ago when, the X size of Uber didn’t report a breach and he’s facing up to eight years jail time.

– Well, didn’t report-

– Personally

– And then covered it up. Yeah. So, I think, I was listening to something about that on the weekend actually. And I think, he was more getting pinned because he was covering it up than for the actual breach itself. But it’s definitely, an interesting time. And we’ve definitely had some different conversations in here, right? When it’s like, “Okay.” Cause at the end of the day, it’s what price you put on the risk, like you’re saying. And it’s the topic around many boardrooms, the AICD just released the cyber governance principles for Australian directors. And the conversations we’ve been having is around, okay, well you’ve got your total cost of the risk, you’ll mitigate so much of that risk with controls, process, partnerships, tools, et cetera. And then that last bit is the insurance. But even that’s moving all over the place.

– Yeah, that’s changed.

– Like the way premiums are being calculated, I think insurance company’s been burned so they don’t know how to price it. And then I don’t even want to know what they’ll be saying now. Well, Medibank didn’t have insurance, so they might have left a bit of room for everyone else.

– Yep.

– But they couldn’t-

– Like, I read something or heard something the other day that they couldn’t get insurance.

– Oh, really?

– Yeah. They were at a level, I think that they required and-

– Too high risk.

– Too high risk and I think that’s potentially, like I have been in a session recently as well a few weeks ago with a few other CIOs and stuff and the conversation was around cyber insurance. And a lot of them were saying that not only, and we’re saying this as well, not only are the insurers minimal that will offer cyber insurance. Previously, till three years a year you could go out and get 10 different options. Now, you get one or two. And it’s pretty much take it or leave it. So your premiums are almost doubled the amount the insurance payouts get to halved. So theoretically you’re getting caught off what you used to get prior to to a few years ago.

– Yeah. It was interesting. And it was Rob, I think from McGrathNicol kind of surprised me, but didn’t surprise me I guess. And that he was saying people are electing, businesses electing not to take the money that they would spend on insurance and just double down on their internal controls and spend the money on a cyber program internally.

– I’ve even heard of businesses self-insuring.

– Yeah. That was the phrase he was-

– Yeah.

– One thing that even some insurance, no matter how good your policy is, is the reputation hit though. Like, all these big brands that have been hit, what dorothy would you put on that your name being front page on every newspaper.

– Yeah. You get slammed.

– Yeah. It’s definitely not good.

– And again, talking about technology, one thing that came up in conversation today talking about newer technology, we were talking about geolocations and with trucks and things like that. And quite topical talking about Uber, I read, I think it was over the weekend in North America, they’re talking about targeted advertising. Have you heard about this one?

– No.

– So it’s targeted advertising based on geolocations. So, say Brad catches an Uber to go to Howard Smith Wharves to-

– I was there on Saturday.

– Yes, I saw you.

– It’s working.

– But the Uber will have a screen in the background, in the backseat that will target ads to you going to that particular location and will say that, “He’s gone from here to there.” So it’ll actually pick this and again, now it’s getting to your personal information that it knows you are going from here to here. It’ll target ads at you, potentially, that are restaurants at Howard Smith Wharves and influence your decisions to get to that point of time. The big outcry on this whole thing was in the states, with the abortion debate going on right now, et cetera is like when someone’s actually going through to go to a different state or go through for various reason trying to not be known. Now, their personal information is actually out there as well. So yeah, it’s a very topical one. And again, when it comes to cybersecurity, you don’t want that getting out there and Uber’s caught with their pants down multiple times.

– Don’t have the best record with all this stuff, do they?

– Holding personal information, it’s scary if someone got into Google how much data they have on everyone.

– Yeah, I just don’t know if they’d ever get to the point where they can analyze any of that information. So, that’s what I’m holding onto is like, you’ve just got so much information you’d never know what to do with it or how to actually break that down.

– Yeah, it’s true. Probably worse if it’s Medicare. Cause they just have your personal identifying information. Nothing else where Googles bit too much, doesn’t matter.

– They get in.

– So as a CIO you’ve got three roles really. You’ve got a strategic role protection, maximize asset, and then innovation role, right? So changing gears a little bit, you just touched on a bit of innovation, but from an ESG point of view, can you share some of the technology innovation that you guys are going to be faced with over the next, five, 10 years?

– I feel in its infancy right now, right Nigel? Everyone’s talking about it. There’s so many different variances to it. And I feel like no one, none of the software vendors have really cracked the code when it comes to ESG just as yet.

– Very early days, right?

– Very early days. Everyone’s coming and selling it to you going, “Oh, I’ve got this.” And then you say, “Well, who’s used it before? Where have you used it?” And they’re like, “No one yet. But you’ll get to be-”

– We want you to be first.

– We’ll get you to be an early adopter. So I think we’re at that stage. But we have just signed with a platform pretty early days, so I’m not going to say their name. But we’ve just signed with a really great platform where we think, and we’ve gone through the same analysis that, I spoke about earlier. making sure it’s the right fit for our business. We’ll be able to get reports publish our own monthly ESG statistics in a single pane of class change that, to make sure the inputs are correct, going into this and get the outputs. And then hopefully we’ll get to a point where we’ll get our clients to use the same systems and tools, that we actually have in place as well.

– Fantastic.

– So again, I feel early days, but definitely a focus area for us and we’ll work through it with certain vendors to crack that code.

– Wanted to change gears a little bit and discuss something more relevant to, I guess, REDD and technology. We’ve noticed a massive growth in co-managed IT services or that hybrid support model where you’ve got some internal team looking at certain IT support functions and then you outsource other parts of that. What’s your take on that, good, bad, or thoughts?

– Yeah, look, we went down this path a few years ago, where we went… I’d say we had a bit of a top three approach. We narrowed down to look at where managed services would take us and what it would look like for Ausenco. In the end, by the time we actually got to the point whether we were getting the presentations and the numbers, it actually didn’t get even close to the numbers we wanted it to in a full managed service model. So we do use managed services for certain things like, when it comes to network as a service, and certain bits and pieces. However, I think, the answer to your question is, my belief is a hybrid model is the way to go. Keep some control and make sure that we actually, I’d go back to the most basic economic principles of comparative advantage. Do what we do best and get someone else to do what they do really well, to do it really well as you know themselves. So that’s the theory that I’ve used. And I think the most legs for success would be around that model. However, it has to be cost effective while still having the right element of physical touch and that white glove service. Currently, within our business most of the people will tell you that they do have that, ability to just pick up a phone and someone will be there in like five minutes, right? Like, if you’re in the office or pick up the phone virtually, on a teams call and someone will be able to assist you quite quickly. One of the things that we found as we started testing this out in just service delivery was there was a lack of that. And there might be a bit of a transactional piece that we just spoke about with a vendor/client relationship, even internally, like our clients are actually everyone sitting on the floor.

– How about being your size I guess as well, right? I guess, that’s the different thing is it has to be a right fit partner in there. Right? Whereas, you throughout 3000 people, so many countries and offices, that kind of thing, it’d be pretty hard to just fully outsource that commercially I would imagine. So your approach and advice for similar size organizations would be to assess what your internal team is good at. And then what makes sense to outsource.

– Correct. Yeah, a 100%. Like, bring a partner like REDD say you’re the best in infrastructure or manage where it comes to Microsoft and that set of tools I think that should be the focus area and say like, “Keep your internal team, make sure that their focus areas on certain things, that level one and level two support and then everything else can be behind the scenes when it gets escalated.”

– Yeah. I want to circle back on the cyber security comments you made earlier. How has cybersecurity evolved in the… You’ve been Ausenco 13 years now, but since you went into the IT realm five plus years ago, how’s it evolved from back then to now?

– I can honestly say like at the start, what we would look at in terms of cybersecurity was what antivirus protection you have on your laptop.

– Yep.

– Now, you can think of about 10 different things straight at the top of the list. Like, have you got ITP? Have you got the right AD solution? Have you got multifactor authentication? Have you got all these other things in place versus, I feel like the conversation of what antivirus is on your computer, no one cares about anymore. That’s literally gone out the door. Whereas five years ago it was like, “Oh, have you got Sophos? Or have you got McAfee or whatever it was back in the day, back in my day, sorry.” Jackson might not be your day.

– It was only five years you’ve been . But I agree, it used to be the antivirus tool and, “Oh my antivirus tool is better than your antivirus tool. It’ll pick up this much malware.” But now that’s completely-

– Completely, no one talks about that anymore.

– Well, the conversations are moving. That was antivirus is more a protection mechanism now it’s more strategic defense like you’ve got to have XDA, you got to have the human firewall, you got to have all of the pen tests and it’s quite pervasive.

– Yeah. So many attack surfaces involved.

– That’s interesting with 3000 staff though, right? Obviously, people can sometimes in this instance be your weakest line of defense. Around training, awareness, testing, that kind of stuff. Do you have a-

– We have, that is literally one of the things that we looked at a year and a half ago when we started having this conversation. Again, we could spend millions of dollars on cyber, in a whole bucket of funds. However, the end user was really the weakest-

– Weakest link.

– Yeah.

– So, what we’ve done over the past 18 months is we have a monthly awareness campaign pulled up the statistics actually today for various teams, cause we’re talking a few of the teams and like over the year how they performed. And everyone’s done pretty well. most teams have actually learned. We used to have a click rate that was well below industry average and now we’re well above the industry average in doing a lot better.

– That’s cool. And you’ve got those data points to see-

– We’ve got the data points which is the most important thing. Right Brad? Like we’ve gone through and we’ve had a couple of campaigns where 0% not anyone’s… Maybe they’re easier sort of of phishing emails, but still, not one click across a couple of campaigns is brilliant for us.

– That’s good.

– Fantastic.

– That’s really good. Compared to where we started off with, I think one of the campaigns we had a 37 or 38% click rate where the industry average was 15. So seeing those numbers start coming back, it actually goes to the fact that we’re making the right investments. We’re actually doing this, there was points of time where I thought we need to actually pivot and look at a different strategy because this is not working.

– That’s pretty good. Like that’s cool to see the benefits and that’s like I almost, it’s awareness training is fairly low cost really, for pretty high value. So that’s definitely something we’re a big, advocates of. So it’s good to hear that you’ve… That’s some really good numbers actually.

– That’s good work.

– Yeah. And I’d never say that we’ve cracked the code when it comes to it, but I think it actually goes to show, to your point is that it does make a difference if you can educate the people. And when we have a new starter, they actually go through cybersecurity awareness training. Never was the case before. So, and again, it might take one single click that’s all it takes, right? So anything more than 0% to fail theoretically. But I think we’re starting to get a bit more comfortable that we are on the right track, and we are educating the people with the right platforms and the tools versus, we had our strategy session at the start of the year in Canada. We were actually thinking of changing the way we’re doing things and what other, holistic approaches can we use to start teaching people about cybersecurity and when not to click. But then the numbers are starting to prove themselves, which is good.

– That’s awesome.

– Well, done. Conscious of time. We’ve gone for a while and Nigel about any other questions you guys have.

– Am I allowed to ask another one?

– Go on.

– So I do have two.

– Okay.

– We can always cut it back. I’m interested around that innovation piece. Is there anything else you can talk about that’s cool that’s tech that you’d maybe you’re not playing with but you’d like to play with? If you can talk about it.

– Yeah, a 100% Brad. I love talking about it because it’s something that I started a few years ago was around, data as an asset. I’ve always thought that that’s really the value for a company like ours. And the more you look at it these days with, again going back to the cyber topic, just touching on it, with people losing data, that’s probably the most critical piece. And for a company like ours, it is pretty important to leverage our data. And I don’t think we’ve done enough in that space, which is why we started looking at alternatives and the IBM Watson was one of the examples that we spoke about offline. But trying to leverage our data, our historic data Ausenco has been around for 30 years and we’ve got 30 years of information. Some of it’s still in files and folders, some of it’s just scanned drawings. However, there’s a lot of value in almost every bit of data. It might be how not to do something, even though majority of the time is how to do something. But it might be a good example on how not to do something. But we haven’t got that single pane of class of, show me a gold project that we did in remote Africa, between 2006 and 2008. So yes, people know, like, I know where to find that information cause I’ve been around for a while. But not someone starting tomorrow will be able to find that information easily. So that’s really a focus area for us next year. And we’re trying to come up with the right data platform and single pane of glass using AI saying, “Brad started today, what is he going to work on? Alright, he’s an electrical engineer. He might want to look at… he’s working on a project that’s a gold plant in remote Asia. What else can we show him that could help him kick his… Hit the ground running.” So that type of AI approach is really what we’re thinking about now.

– It’s amazing. Like we are working on similar things. We’re a data stroke business as well effectively, but just being able to have that insight at your fingertips. It’s good that yes, I know it’s there and I can spend three hours and I can dig it up, but how much quicker I can make better decisions, having that information at my fingertips. So it’s exciting.

– Yeah, it’s like we want to get there again-

– It’s hard.

– We’re not there yet.

– It’s bloody hard.

– It’s difficult, yeah. And I don’t think, I’ve spoken to so many companies about this and different vendors and different partners of ours et cetera. It’s a very difficult one. And people will come and sell you a data lake house and what’s the latest one I heard, something else to do with lakes and fishing but

– Data

– Yeah, I dunno.

– But yeah, there’s all these solutions out there but finding the right one and making sure that it is ticking the boxes that we need from a realistic and practical purpose’s the difficult piece to the puzzle.

– That’s cool. And then my other question more personal, and I don’t think we covered the beginning, but why did you go to Canada?

– So interestingly, so this was my second stint in Canada. I did go in an engineering role in 2011.

– Okay.

– So that was more around engineering design systems, making sure that we standardize across North and South America with the right tool set, the right standards, right procedures, making sure that a product coming out of Vancouver, or Santiago, or Lima looks the same as a drawing coming out of Brisbane. And that was it. Loved it came back to Australia, moved into a technology role and some of the thinking was around building the team and growing the team with the resources that were available in Vancouver versus, the resources that were available in Brisbane.

– For the reasons you mentioned earlier.

– Yeah. And we did, so a lot of the core infrastructure team is actually based out of Vancouver compared to Brisbane.

– And then last question and the reason you came back?

– Family, I thought.

– Yeah. More than anything else.

– Happy to be home?

– Yeah. Liking it so far.

– Yeah. Cool. Good one.

– We’ve gone a little bit longer than usual but I think if you say Canada and data anymore, Brad’s going to ask for your autograph. It’s hard to wrap up.

– Brad and me hanging out every weekend now.

– thanks for just coming. I really appreciate it. Thanks for joining.

– Yeah, thanks for having me mate. Really, appreciate it guys.

– Thanks for coming in too.

– Fun conversation.

About REDD

REDD is a Technology Success Partner business headquartered in Brisbane, Australia. The Business and Technology podcast focusses on the commercial application of digital technologies in business. Guests will include industry experts, vendors, customers, business owners and anyone with unique insight to share. We discuss and explore current events, issues and stories relevant to business leaders, entrepreneurs, technologists and everyone in between. The show will have a mix of hosts from the REDD leadership anchored by co-founding Director and CEO Brad Ferris.

REDD is a leading provider of the following services

1. Digital Advisory Consulting
2. Managed Technology
3. Cloud Computing
4. Cyber Security
5. Connectivity
6. Unified Communications

Our Vision

We believe, in the not so distant future, that people will not only deserve, but demand greater access to frictionless tools and systems that enhance and uplift their lives. Technology can create a truly blended lifestyle between work and play that prioritises mental health and wellbeing for our people, while increasing efficiencies and the effectiveness of emerging technologies in the workplace. We believe the future of work is built on perfectly balanced and curated tech stacks that seamlessly interface with the people they are built for. And it’s that future we’re building toward.