October 27, 2020
Mr. Matthew Derby, Staff Attorney
Securities and Exchange Commission
Division of Corporation Finance,
Office of Technology
100 F Street N.E.
Washington, D.C. 20549
| Re: | Tego Cyber, Inc. |
| Registration Statement on Form S-1 | |
| Filed September 21, 2020, and | |
| File No. 333-248929 |
Dear Mr. Derby,
Reference is made to the Staff’s comment letter dated October 16, 2020 (the “Staff’s Letter”) to Tego Cyber, Inc. (the “registrant” or “Company”). The registrant hereby submits the following responses to the comments contained in the Staff’s Letter with respect to the registrant’s Registration Statement on Form S-1 filed with the SEC on September 21, 2020.
For convenience of reference, each comment contained in the Staff’s Letter is reprinted below, numbered to correspond with the paragraph numbers assigned in the Staff’s Letter, and is followed by the corresponding response of the registrant. These comments have been made in response to the Staff’s comments.
Registration Statement filed on Form S-1 on September 21, 2020
Prospectus Summary
Recent Developments, page 3
1. Please revise to provide the material terms of the agreements with the software developers that were contracted to develop your platform. In addition, file the agreements as an exhibit. Refer to Item 601 of Regulation S-K.
Response. We have revised our filing accordingly to include the following disclosure of material terms of the agreement with the software developers contracted to develop our platform and have included a copy of the Agreements as exhibit 10.2 in accordance with Item 601 of Regulation S-K
On June 4, 2020, the Company entered into a Website Development or Software Development Agreement with CIS Training Center Kosovo (“Cistck”) for the development of the Threat Intelligence Platform and Splunk App Code (the “Agreement”). Pursuant to the Agreement Cistck was hired to take the prototype and finish the development of the threat intelligence platform along with completing development of the first integration plugin of the Tego threat intelligence platform to a SIEM. On June 5, 2020, the parties entered into an addendum to the Agreement setting forth the maximum compensation of Cistck at $20,000 USD payable in monthly installments until project completion or maximum fee is reached. We have verbally approved an extension of services period while Cistck further develops for us at approximately $5,000 per month, which we may cancel at any time.
Our Product and Services, page 30
2. Please revise this section to clarify which of your products and services are currently available to enterprise clients and which are still in development. In that regard, we note that your revenues are from "consulting fees" and it is unclear which products are currently available to customers.
| 8565 S. Eastern Avenue, Suite 150 Las Vegas, NV 89123 | tegocyber.com | +1 855 939-0100 |
Response. We have revised this section to clarify which of our products and services are currently available to enterprise clients and which are still in development.
The following services are currently available to enterprise clients:
Vulnerability Assessments - Vulnerability Assessments are crucial in helping organizations identify what critical and high vulnerabilities may exist within their environments. Many clients have been surprised to discover devices on their networks that were not purchased by the organization and in some instances, created a way for bad actors to breach the organization’s network. The vulnerability assessment is the first step in creating a complete strategy to protect the organization
Penetration Testing - A penetration test is an authorized simulated cyber-attack on the customer’s premise, network or devices to evaluate the security posture of the organization. The penetration test scope can vary widely from physical security tests to remote network testing based on the client’s needs.
vCisco - All organizations regardless of size need a cybersecurity leader to drive the cybersecurity strategy and reduce risk for the company. With Tego Cyber, your organization will work with a highly experienced virtual Chief Information Security Officer (“CISO”), not a cybersecurity analyst or cybersecurity manager.
DarkWeb Monitoring - Keeping an eye on compromised credentials is key in protecting an organization from credentialed cyber-attacks. Studies have found that people are notoriously bad at reusing passwords across accounts and when an employee’s personal password is compromised, it can lead to a compromise of the organization’s security if the employee has recycled the password.
Cybersecurity Policy Creation & Review - Creating organizational policies on data security, data retention, and data destruction are important for companies that request sensitive information from customers. Additionally, organizations should create policies to govern employee usage of technology, email systems, and in some cases, social media.
Tabletop Exercises - Does your organization and employees know what to do if a cyber-attack occurs? A table-top exercise will take the company and key employees through the process so should an attack happen, the organization is prepared to react and begin taking appropriate steps towards recovery.
The following product is currently under development:
Tego Threat Intelligence Platform - The Tego Threat Intelligence Platform pulls in raw cyber threat intelligence from highly trusted sources including FBI Infragard, U.S. Department of Homeland Security, Abuse.CH, and SpamHAUS. Using a proprietary process the platform compiles, analyzes, and then delivers that data to an enterprise network in a format that is timely, informative, relevant, and compatible. Other platforms currently in the marketplace only identify potential threats, they do not provide specific details needed to counteract the threat such as the source and type of threat. The Tego Threat Intelligence Platform takes the process one step further by providing this additional critical information allowing network managers to proactively address any potential vulnerabilities saving time and money. The first version of the platform to be released will integrate with the widely accepted SPLUNK® platform to provide real-time threat intelligence to macro enterprises using SPLUNK® architecture. Planned future developments include developing the Tego Threat Intelligence Platform for compatibility with other SIEM systems and platforms.
Revenue generated to date
Our revenue to date has been from one general cyber security contract which existed prior to the creation of Tego and belonged to our CEO on an individual basis who then transferred the contract into the Company.
| 8565 S. Eastern Avenue, Suite 150 Las Vegas, NV 89123 | tegocyber.com | +1 855 939-0100 |
Strategic Partners and Suppliers, page 33
3. You disclose that software from Splunk Inc. is your first product integration. Please revise to clarify how the Splunk, Inc. product will be integrated into your platform and the terms of your agreement with Splunk. Inc. To the extent material, please file the agreement as an exhibit.
Response. The Tego Threat Intelligence Platform is an app that will be deployed and hosted initially in Splunk’s SplunkBase. Essentially, SplunkBase is an app store for Splunk users. You develop your app, submit it for approval and then post it up to SplunkBase so that Splunk users can download and utilize the app. https://splunkbase.splunk.com/apps/. Splunk does not require developers to apply or have an agreement with Splunk to develop for its platform. Information on Splunk’s developer program can be found at https://dev.splunk.com/enterprise/docs/welcome/. As such, there is no agreement to be filed.
Liquidity and Capital Resources, page 37
4. Please disclose the minimum funding required to proceed with your business plan and remain in operation for at least the next 12 months, as well as the minimum number of months that you will be able to conduct your planned operations using currently available capital resources. Describe the company's plan of operation for the remainder of the fiscal year. Provide details of your specific plan of operation, including detailed milestones, the anticipated time frame for beginning and completing each milestone.
Response. We respectfully would like to point out the following disclosure on page 36, and our cash requirements disclosure on page 41.
“We believe that our current cash and cash equivalents, anticipated cash flow from operations and the proceeds from the sale of the maximum amount of shares being offered hereunder will only be sufficient to meet our anticipated cash needs for the next 48 months if fully subscribed. Our management has determined that the maximum amount of funds received from this offering would be sufficient to cover our intended plan of operations contemplated hereby.”
In furtherance of this comment, we have amended our disclosure to include the following additional disclosures on page 37, as well as on page 38:
“Presently, our operations are being funded by funds previously raised and we believe our currently available capital resources are sufficient to sustain our operations for a minimum of three (3) months. The Company intends to fund future operations through equity financing arrangements. The ability of the Company to realize its business plan is dependent upon, among other things, obtaining additional financing to continue operations, and development of its business plan. In response to these problems, management intends to raise additional funds through public or private placement offerings. These factors, among others, raise substantial doubt about the Company’s ability to continue as a going concern. The accompanying financial statements do not include any adjustments that might result from the outcome of this uncertainty.
We believe we will require a minimum of $240,000 to proceed with our business plan and remain in operation for at least the next 12 months. As the platform comes online and starts to generate revenue, we will be hiring additional staff which will increase our monthly capital requirements, however, we believe the revenue generated from our operations should cover any additional expenditures. Starting the week of October 19, 2020 our plan of operations for the remainder of the fiscal year (June 30th) is as follows:
Week 1: Complete development of the Tego Threat Intelligence Platform for Splunk integration; prepare the Splunk platform for beta testing.
Week 2: Commence beta testing of the Splunk integration.
Week 3: Continue beta testing of the Splunk integration.
| 8565 S. Eastern Avenue, Suite 150 Las Vegas, NV 89123 | tegocyber.com | +1 855 939-0100 |
Week 4: Finish beta testing of the Splunk integration.
Week 5: Bug fixes on Splunk integration based on beta feedback.
Week 6: Continue bug fixes on Splunk integration.
Week 7: Complete bug fixes on Splunk integration and submit application for hosting on SplunkBase.
Week 8: Christmas Break.
Week 9: Retain and onboard cybersecurity engineer #1; launch Splunk integration on SplunkBase; begin documentation of technical requirements for integration of platform for ElasticSIEM.
Week 10: Commence marketing of Splunk platform; hire marketing team; commence develop marketing plan and marketing material.
Week 11: Continue developing marketing plan; onboard marketing team; commence product training; begin development of integration with ElasticSIEM.
Week 12: Continue developing marketing plan; complete onboard marketing team; complete product training.
Week 13: Launch Splunkbase integration.
Week 14: Continue onboarding sales team, continue training,
Week 15: Begin beta testing for ElasticSIEM integration.
Week 16: Continue beta testing of ElasticSIEM platform; retain and onboard Cybersecurity Engineer #2.
Week 17: Complete beta testing of ElasticSIEM integration.
Week 18: Bug fixes of ElasticSIEM integration; Onboard additional development team.
Week 19: Continue bug fixes of ElasticSIEM platform onboard additional sales team for ElasticSIEM integration.
Week 20: Complete bug fixes of ElasticSIEM integration.
Week 21: Launch ElasticSIEM integration; retain and onboard Cybersecurity Engineer #3.
Week 22: Commence technical documentation for IBM QRadar SIEM.
Week 23: Commence development of IBM QRadar integration.
Week 26: Spring Break/Easter Holiday (Anticipated).
Week 24: Complete development of IBM QRadar integration.
Week 25: Commence beta testing of IBM QRadar integration.
Week 27: Continue beta testing IBM QRadar integration; retain and onboard Cybersecurity Engineer #4
Week 28: Complete beta testing of IBM QRadar integration.
Week 29: Begin bug fixes for IBM QRadar integration; onboard additional sales team.
Week 30: Continue bug fixes for IBM QRadar.
Week 31: Complete bug fixes for IBM QRadar integration.
Week 32: Complete bug fix development for IBM QRadard integration, retain and onboard Cybersecurity Engineer #5
Week 33: Launch IBM QRadar integration.
Week 34: Commence technical documentation of AlienValut SIEM.
Week 35: Begin development of AlientVault SIEM integration.
Week 36: Continue development of AlientVault SIEM.
Critical Accounting Policies Revenue Recognition, page 40
5. Please tell us why you early adopted ASU No. 2014-19 as of January 1, 2017 when your inception date is September 6, 2019.
Response. The date was erroneously included. We have amended the disclosure accordingly to reflect the date of adoption as September 6, 2019, our inception date.
Directors, Executive Officers, Promoters and Control Persons Background and Business Experience, page 42
6. Please revise the biographies of your executive officers and director to disclose each person's current occupation and employment as well as the dates and names of organizations in which they worked in the past five years. We note your disclosure that some of your officers and directors are employed outside of Tego Cyber Inc. and will only be able to devote a limited amount of time to the development of our business. Clarify the number of hours that the executive officers will devote to the business of Tego Cyber.
| 8565 S. Eastern Avenue, Suite 150 Las Vegas, NV 89123 | tegocyber.com | +1 855 939-0100 |
Response. We have revised the biographies of our executive officers and directors to disclose the information requested, and we have added an updated section entitled “employees” as set forth below to further clarify the requested information:
“Employees
We have two executive officers. These individuals are not obligated to devote any specific number of hours to our matters and intend to devote only as much time as they deem necessary to our affairs. At this time, our Chief Executive Officer is devoted full time to the Company and our President devotes approximately 8-10 hours per week to the Company. The amount of time they will devote in any time period will vary based on the stage of the business and progress the company is making. Accordingly, once we are beyond the developmental phase our management will spend more time on our affairs.”
Amended biographies:
Shannon Wilkinson – Director, Chief Executive Officer, Chief Financial Officer, Secretary and Treasurer
Shannon Wilkinson is a graduate from the University of Nevada, Las Vegas with a Bachelor's in Management Information Systems. She also earned her Master’s in Information Systems Management from the University of Phoenix. Shannon spent the first 12 years of her career overseas working for the United Nations Department of Peacekeeping Operations building mission critical software platforms . Upon her return to the US in February 2013, Shannon joined SocialWellth as Director of Software Development leading development teams in building software platforms for some of the largest healthcare organizations. She remained in that position until summer of 2015 when she left to co-found Axiom Cyber Solutions where she was responsible for the software development arm of the company, developing Axiom’s cloud based Polymorphic Cyber Defense Platform. She exited Axiom Cyber Solutions in June 2019 when Axiom was acquired by a private equity firm. In September 2019, Shannon co-founded Tego Cyber Inc. with a mission to develop an innovative threat intelligence platform and continue developing automated cybersecurity solutions to help companies respond to the ever-changing cyber threat landscape. Shannon works full time (30+ hours per week) in her capacity as Director, CEO, CFO, Secretary and Treasurer of Tego Cyber Inc.
Shannon was selected as the 2018 Las Vegas Women in Technology - Cybersecurity, 2017 Las Vegas Women in Technology Entrepreneur as well as appeared in the MyVEGAS Magazine Top 100 Women of Las Vegas in 2017 and 2018.
Troy Wilkinson – Director and President
Troy Wilkinson began his career in January 2000 as a Law Enforcement officer with the Conway Police Department where he remained until June 2007 when he joined a Joint Terrorism Task Force as a lead bomb investigator and violent crime homicide detective. In December 2008 Troy was recruited by the U.S. State Department to train police officers in Kosovo on cybercrime related matters where he earned a reputation as a top cybercrime investigator. Together with a team of international investigators he built the first IT forensics lab in the European Union Mission in Kosovo. After returning home to the U.S. in February 2013, Troy joined SocialWellth as its Infrastructure Security Director. He remained in that position until June 2014 when he accepted the position of Director of Information Technology for Litigation Services, LLC. In the summer of 2015, he co-founded Axiom Cyber Solutions with his wife Shannon Wilkinson and left in December of 2018 to accept the position of Executive Director of Information Security (CISO) with International Cruise and Excursion where he remained until August 2019. In addition to his role as Director and President of Tego Cyber Inc., Troy currently is the Global Head of Cybersecurity Operations for Interpublic Group of Companies (IPG) where he is responsible for all aspects of cyber defense for over 60,000 users in more than 130 countries. Troy spends 8-10 hours per week working with Tego in his capacity as Director and President.
| 8565 S. Eastern Avenue, Suite 150 Las Vegas, NV 89123 | tegocyber.com | +1 855 939-0100 |
Troy is a worldwide keynote speaker on cybersecurity, co-authored an Amazon Best Seller, and is featured on several news sources as a cybersecurity expert. Troy has contributed to numerous national syndicated publications on cybersecurity topics including ransomware, DDoS, cyber-crime trends, and cyber security careers.
Michael De Valera – Director
Michael De Valera has over thirty years of experience providing information technology services. In 1989 he co-founded Internet Computers, Inc. where he remained as one of the founding principles until January 2006 when he left to start his own company TechnoMedia Consulting, Inc. where he remains the sole principal to this day. TechnoMedia Consulting, Inc. provides information technology services for companies and organizations that are either too small to have their own dedicated IT departments or simply realize that specialized functionality is more efficiently and economically provided by a third party. His clients cover a broad range of organizations and industries. His undergraduate BA Finance studies, majoring in Finance and Economics, were at the University of Pennsylvania Wharton School of Finance. Michael currently dedicates up to 5 hours a week to Tego Cyber Inc. and will allocate more time when first product is launched.
Refer to Item 401(e) of Regulation S-K. Executive Compensation, page 45
7. You state that there are no employment agreements or arrangements with your executive officers and directors receive no annual salary or bonus for their service as members of the board of directors. We note that Shannon Wilkinson, Chief Executive Officer, received compensation of $29,700 in fiscal year 2020 and that Troy Wilkinson and Michael De Valera also received stock awards. We also note that a portion of your use of proceeds will be used to pay salaries. Please disclose the factors that the company determined to award cash compensation and stock awards. See Item 402(o) of Regulation S-K.
Response. The factors that the company uses determined to award cash compensation and stock awards are: the value that each individual has contributed, the value that each individual will contribute, the individual’s experience and reputation within the cybersecurity industry, the time that each individual has spent working with the company, the time that each individual will be able to allocate to working with the company in the immediate future, and available resources to be able to compensate an individual for services rendered. Shannon Wilkinson is the only director and officer that is currently working full time for the Company; her salary is approximately $5,000 per month. There is no formal agreement for her compensation or stock awards at this time.
The stock awards issued to Mr. De Valera and Mr. Wilkinson were founders shares as consideration for their contributions to the conceptual plans of the Company. There are no arrangements for any future awards to be earned or issued to them.
Other than the $5,000 monthly salary for our full time CEO, the allocated funds in the use of proceeds section for salaries is for new-hires and filling part and full time positions necessary to expand the Company operations.
We have updated the executive compensation table footnotes and narrative disclosure there to.
| 8565 S. Eastern Avenue, Suite 150 Las Vegas, NV 89123 | tegocyber.com | +1 855 939-0100 |
Signatures, page 61
8. Please revise your signature page to indicate the person acting as the Principal Accounting Officer. Refer to Instruction 1 to Signatures on Form S-1.
Response. We have revised our signature page of the filing to indicate the person signing as Principal Accounting Officer.
Financial Statements
Report of Independent Public Accounting Firm, page F-2
9. Please have your auditor represent in their report that the audit of Tego Cyber, Inc. was conducted in accordance with the standards of the Public Company Accounting Oversight Board.
Response. Our auditor has revised their report for the audit to a copy of which is included in page F-2 of our amended S-1 filing.
10. We note the consent of Buckley Dodds LLP indicates that its report includes an explanatory paragraph related to the preparation of the financial statements assuming that the Company will continue as a going concern. Tell us why the Buckley Dodds report does not include such an explanatory paragraph. Otherwise, please have your auditor revise their report.
Response. Our auditor has revised their report, a copy of which is included in page F-2 of our amended S-1 filing.
General
11. Please supplementally provide us with copies of all written communications, as defined in Rule 405 under the Securities Act, that you, or anyone authorized to do so on your behalf, present to potential investors in reliance on Section 5(d) of the Securities Act, whether or not they retain copies of the communication
Response. We advise the Staff that, to date, neither the Company nor anyone authorized to do so on its behalf has presented any written communications as defined in Rule 405 under the Securities Act, to potential investors in reliance on Section 5(d) of the Securities Act in connection with the proposed offering of the Company’s securities. The Company undertakes to the extent that there are any written communications, as defined in Rule 405 under the Securities Act, that the Company, or anyone authorized to do so on the Company’s behalf, presents to potential investors in reliance on Section 5(d) of the Securities Act, or research reports, the Company will supplementally provide them to the Commission for review.
Should you have any additional questions, please contact me at (702) 336-5751.
Sincerely,
/s/ Shannon Wilkinson
Chief Executive Officer
cc: Joseph Kempf, Securities and Exchange Commission
Robert Littlepage, Securities and Exchange Commission
Jan Woo, Securities and Exchange Commission
Jessica M. Lockett, Esq.
| 8565 S. Eastern Avenue, Suite 150 Las Vegas, NV 89123 | tegocyber.com | +1 855 939-0100 |