Tracy is decrypting the cyber gap by bringing cyber safety to small businesses

Tracy is decrypting the cyber gap by bringing cyber safety to small businesses

Mathematics PhD candidate Tracy Tam is equipping small businesses with critical cyber-security knowledge.

If cyber-attacks can (and often do) destabilise huge organisations with whole teams of experts, how do small businesses even begin to protect themselves? Former solutions architect and PhD candidate Tracy has made it her goal to ensure they stand a fighting chance against today’s cyber threats.  

According to Accenture’s Cost of Cybercrime Study, cyber-attacks on small and medium businesses are on the rise.  

Small businesses often lack the resources and technical skills to implement appropriate cyber-security measures. A reality Tracy realised while setting up her own small business.  

“Through my journey of making my own business secure using my IT design industry experience, I got to know the gap between technical professionals and small businesses,” says Tracy. 

Having lived both experiences, Tracy was determined to use her PhD to explore what infrastructure could be created for small businesses on shoestring budgets.  

“Luckily my PhD supervisors, Professor Asha Rao and Dr Joanne Hall, shared my vision and together we began to explore how to help small businesses with their cyber security journey,” says Tracy.  

Tracy Tam Mathematics PhD candidate Tracy Tam.

Addressing the gap

Most current cyber security software and products are heavily influenced by the needs of larger corporations and aren't transferrable to the needs of a small business. Costs can also be prohibitive. 

“Small businesses do not have the luxury of engaging with cyber experts, which are usually very expensive.”  

During her PhD, one of Tracy’s focuses was developing and implementing small business cyber security analysis frameworks and designing cyber security outreach efforts. One of the key ways to address this gap, she says, is to increase cyber-security knowledge within the community.  

Many cyber-security attacks can be stopped by supporting and arming Australians with cyber-security knowledge and habits that can be useful in their personal and work lives.

Tracy’s research has ranged from creating behaviourally informed approaches to cybersecurity, to developing more effective cyber-security education.  

Notably, she worked with the Behavioural Insight Unit of NSW Government's Department of Customer Service to develop a game to educate users about phishing emails. The game, named ‘Tour de Phish’, takes the form of a bike race where the user must identify phishing emails as quickly as possible. After overwhelmingly positive feedback, Tour de Phish has now been included in the learning platform for all staff in the Department of Customer Service. 

“It was fascinating to work with a team of psychologists and see how effective behavioural principles can be when it comes to developing educational tools.”  

Tour de Phish game interface. Tour de Phish game interface.

As well as participating in industry talks and events, she also tailors her content for the general public. Tracy has engaged with all levels, from high school students and seniors to small business owners, through initiatives like AWSN Summer of Cyber, CyberPowers, and U3A. 

 The internet has brought amazing advances for our global community, but we still need to make the internet safe and accessible to everyone.

Mentoring students

Beyond her work with small businesses, Tracy is passionate about building cyber-security awareness among young people. During her time at RMIT, she volunteered as a mentor in the CyberPower programs, which introduces secondary school girls to the world of cyber-security through immersive, hands-on experiences outside the classroom. 

“My fondest memory is seeing the spark of possibility in secondary school girls’ eyes that a cyber-security career is an option,” she recalls.  

Tracy is constantly impressed by the ingenuity and resourcefulness of the students, many of whom have had limited prior exposure to cyber-security.  

“If these students become our next generation of cyber-security defenders, Australia is in good hands.” 

Tracy mentoring students during a cyber-security outreach program Tracy working as a cyber-security mentor during Cyberpowers, cyber-security outreach program.

After graduation

Tracy plans to continue demystifying cyber-security within the community. Ideally, she would like to turn her frameworks into a free guided program to ensure they're available to small businesses.

“At a fundamental level, I want to continue to facilitate the communication and collaboration between technical cyber-security and its user, because after all, that’s the aim of cyber-security – to protect mental health, assets and safety of the human that uses the internet.” 

--  

Find out more about Tracy on her LinkedIn

To read about more exceptional RMIT students graduating this year, go to Celebrating our 2025 graduates

Tour de Phish image credit: NSW Government

 

28 October 2025

More student news

James headshot

Meet RMIT’s Graduating Student Ambassador for 2025, James Anquetil
Icon / Small / Calendar Created with Sketch. 03 Dec 2025

Engineering student and RMIT Motorsport Team Lead James will be speaking at this year’s Graduation Ceremony at Marvel Stadium.

Roman wearing a black button up shirt pictured from chest up

Banking on soft skills: How an overseas internship changed Roman's perspective and got him a graduate job at NAB
Icon / Small / Calendar Created with Sketch. 03 Dec 2025

Participating in an internship exchange program allowed business student Roman Fontana to explore Ho Chi Minh City and land a graduate position back home in Melbourne.

woman in dress standing in front of plant boxes

Engineering impact: Tanvi is embracing her creativity and career connections to help combat water insecurity
Icon / Small / Calendar Created with Sketch. 28 Nov 2025

After studying civil engineering and working in the industry, Tanvi Shaikh decided to head back to university where she has embraced every opportunity to build her skills and tackle pressing environmental issues.

Laptop open displaying an email message

That’s bait! How to identify a scam and avoid falling victim
Icon / Small / Calendar Created with Sketch. 27 Nov 2025

It’s common to think that scams only affect the elderly, but did you know young people are increasingly likely to fall victim to scams? Here’s how to avoid being scammed and what to do if you fall victim.

aboriginal flag float-start torres strait flag float-start

Acknowledgement of Country

RMIT University acknowledges the people of the Woi wurrung and Boon wurrung language groups of the eastern Kulin Nation on whose unceded lands we conduct the business of the University. RMIT University respectfully acknowledges their Ancestors and Elders, past and present. RMIT also acknowledges the Traditional Custodians and their Ancestors of the lands and waters across Australia where we conduct our business - Artwork 'Sentient' by Hollie Johnson, Gunaikurnai and Monero Ngarigo.

More information