• Dr Omaru Maruatona

Aiculus Community Update 2022

2021 was Aiculus’ fourth year of existence. We’ve made a lot of progress and are proud of what we’ve achieved to-date. In this update for our ecosystem of advisors, supporters, partners, collaborators and customers, I give an update on the company, highlight latest developments in the product, and a snapshot of the business of API security.


Looking back

The team and I have consistently described Aiculus as a Cyber-AI company, despite being told multiple times that such a thing does not exist, is very niche or does not mean anything to anyone — especially our customers. When I founded Aiculus in 2017, I had done some basic research on three key trends; firstly, on the breadth of cybersecurity products including what technological engines they used to provide their diagnostic services. Secondly, I learnt from multiple industry and academic sources that APIs and API platforms would dominate digital service provision. Finally, I checked how many API Security-specific products or companies were in existence. At the time there were very few, apart from those who might have been operating in stealth mode.


So, when I started Aiculus in 2017, my assumption was that by 2020-2022, the majority of companies with a customer-facing digital service would have at least one critical API which their business could not function without. I also foresaw that at this time, any cybersecurity product seeking to provide deeper insights into any threat landscape would need to have some Artificial Intelligence (AI) or analytics capability, rather than the traditional static-based diagnostics in play in most security systems at the time.


So Aiculus was founded as a Cyber-AI company with a mission to help organisations take full advantage of API technology while keeping cyber risks minimal. Why Cyber-AI? Firstly, to be bold and be one of the first companies to chart a new generation of smart, adaptive and interactive cybersecurity products using the power of AI. Secondly, to assert Aiculus’ relevance as a hardcore cybersecurity company but also an AI company. As a business, AI presents to Aiculus numerous opportunities which we will be introducing to our customers as we grow and scale, starting with API security.

Four years into it, I’ve learnt that my assumptions were not 100% accurate, but also not far off. Importantly, I’ve learnt that the opportunities in our space are exciting; it is a lively market and that gives us great motivation to press on. I’ve also learnt that innovative and cutting-edge products, no matter how relevant, take time to be fully accepted by the market. They require organisational credibility and only attract the right early customers. Unfortunately, these are not desirable metrics for start-ups because they potentially mean long periods of ‘innovating’ with little or no revenue and surviving on investor capital.

Key achievements

As we pass our fourth year of existence into year 5, it’s worth noting some of our key achievements in 2021. The team went from two people to five full-time members in January 2021. In building the team, I’ve been particularly attracted to hire people who have a personal goal — some kind of purpose. The deal is always that as a joiner, you come to Aiculus so we can help you achieve your dream, while together, we also jointly achieve our collective ambition.


With the key areas of Technology, Cyber and compliance, Sales and partnerships and Marketing now covered by highly skilled and driven individuals, we went into 2021 with bold objectives: to onboard a certain number of customers onto our product, to optimise the product deployment process and list the product on AWS Marketplace. We also targeted ISO27001 certification to demonstrate credibility and cyber governance maturity for our enterprise customers. Finally we always set targets and make plans to collaborate with our larger enterprise partners and government bodies. These collaborations have been very useful to Aiculus.


By December 2021, we had pulled through a challenging year. We had not hit our target in terms of product subscriptions, but we had secured valuable customers who would use the product and provide valuable feedback. We also learnt an important lesson: that we would prefer our product to be used by customers who truly see API security as a concern and who see value in what our product provides. In other words, we’ve stopped pushing sales, and are now pushing value. We had also managed to automate the way our product is deployed and had successfully passed rigorous AWS checks to list the product on the AWS Marketplace.[1]


As an external endorsement on how far we’ve come in managing our cyber and privacy risk, we got ISO27001 certified, and we’ve already started reassessing how we fare with enterprise-level vendor risk management checks. As a community player and a big believer in impact, we offered internships to over 30 students, mostly Masters students who need credible work experience to kick-start their careers. Our former interns currently have enviable roles in other bigger companies, and we’re proud of this.


We were also fortunate to be recognised by industry and government entities both in Australia and Singapore. In Singapore, Aiculus was awarded the Financial Sector Technology Innovation (FSTI)[2] grant — a big deal for us. In Australia, we were awarded the Cybersecurity Scale-up of the Year at the 2021 annual YBF Lif-Off awards. We value these recognitions and we believe these programs are critical to young businesses.


We also partnered with AWS on a tech uplift program, and collaborated with the Australian Trade and Investment Commission (AusTrade)[3] on several events and internal programs. Together with global company Cisco, Aiculus was asked to provide insights on Singapore’s cybersecurity opportunity landscape to the Economic Development Board of Singapore (EDB)[4]. Our most notable collaboration of 2021 saw us work with the Monetary Authority of Singapore (MAS) on a project looking for insights on real-time API Security monitoring. Following this collaboration, we were proud to see the publication of Singapore’s first API security guidelines in the 2021 Technology Risk Management Guidelines (TRM 2021)[5]. To us this was a sign that API security was gaining the attention it required.


Looking ahead

As we enter 2022, Aiculus is much more ready to leverage opportunities than at any other time before, both within our current product offering and in other relevant areas within the cybersecurity and AI domains. We would love to grow faster, but we will choose sustainable growth over fast growth, especially in the current unstable Covid-19 atmosphere. We also have to accept that our natural path is to stay lean — we have to find opportunities to keep us afloat and keep building for the long term.


We’re building an impactful and profitable company with several competitive product offerings. We resolved that if we’re going to do this, we might as well aim to build something bigger. We are aware that this is riskier than the popular approach of one product, fast growth and imminent acquisition. We’ve benefited greatly from taking a different approach before and we know that whatever the outcome, we stand to gain something significant. If we succeed, we reap the rewards of a successful business. If we fail, we’ve learnt a lot, we’ve failed greatly and are ready to try another way.

This is how we intend to iterate through 2022, with bullishness and boldness.

[1] https://aws.amazon.com/marketplace/pp/prodview-b7ecstzxq7lnc?sr=0-1&ref_=beagle&applicationId=AWSMPContessa [2] https://www.mas.gov.sg/development/fintech/mas-fsti-proof-of-concept-grant [3] https://www.austrade.gov.au/ [4] https://www.edb.gov.sg/en/business-insights/insights/fortifying-singapore-s-cybersecurity-capabilities.html [5] https://www.mas.gov.sg/-/media/MAS/Regulations-and-Financial-Stability/Regulatory-and-Supervisory-Framework/Risk-Management/TRM-Guidelines-18-January-2021.pdf