From the codebreakers at Bletchley Park, to Tim Berners-Lee and the invention of the internet itself, the UK has a rich history of computing and Cyber Security. That prestige and passion continues today with an innovative and fast-growing Cyber Security sector.

The UK Government are continuing to invest in Cyber Security, which is why they’re supporting the Tech Nation Cyber accelerator programme and why we have the privilege to present the UK’s most ambitious Cyber Security scaleups to the US market. 

A quick overview of UK Cyber

The Tech Nation Cyber cohort’s visit to the US in September 2019 is a unique chance to learn more about the most ambitious Cyber Security companies in the UK and uncover some exciting investment opportunities to diversify your portfolio.

As a way of introducing you to our Cyber Security companies, we’re showing you where they are, what they do and why it’s making a difference - but what about the overall landscape of Cyber in the UK?

Why the UK? 

If we’re to believe the predictions, worldwide spending on information security products and services will reach $124B by the end of 2019. As the world's fifth-largest economy, the UK is a big bite of that biscuit. 

In addition, the UK government is enthusiastically promoting and investing in the Cyber Security ecosystem, determined to stay competitive and innovate in the field. They kicked off this 2019 initiative by announcing a £100 million investment for the sector and supporting Tech Nation's Cyber programme. With an expert panel of judges, we've selected the most promising and ambitious Cyber companies:

Part 1

ISMS.online

Founder: Mark Darby

Location: Brighton

Website    |    Twitter  

The problem we solve: The requirement for organisations to demonstrate they can be trusted with valuable information is growing quickly, all over the world. Compliance with recognised standards, like ISO 27001 or adherence to regulations like GDPR, is becoming more important than ever. However, staying consistent with these complicated regulations is also becoming increasingly difficult, expensive and time-consuming, and experts in the field are few and far between. 

Our solution: ISMS.online provide an all-in-one platform for information security management systems (ISMS.online), making it quick and easy to achieve adherence to these regulations. It also makes it more sustainable, as it costs a fraction of other standard solutions and plays a big part in democratising Cyber Security. 

How we do it: ISMS.online is the only provider of an “all-in-one-place ISMS”. We have staff and supply chain compliance available securely in the cloud. Our commercial licence model makes it affordable for all organisations in the supply chain, not just very large enterprises.

Our goals for the next year: 

• Achieve increased penetration of the fast-growing international ISO 27001 market
• Release new services for business continuity management including ISO 22301
• Secure Series A funding to accelerate the proposition
• Become the equivalent of Xero for the Cyber and Information Security management market

Cybsafe

Founder: Oz Alashe

Location: London

Website  |  Twitter 

The problem we solve: Cyber risk needs to focus on the human side of the equation as well as the technology. Traditionally, organisations have employed tick-box security awareness training and phishing solutions, despite the fact they don’t correlate to reduced risk or make changes to security behaviour or culture. Companies also have no way of knowing if their security awareness efforts are working, nor the data and metrics to meaningfully report progress. Many companies depend on shallow phishing simulation metrics and training completion rates based on guesswork rather than robust scientific theory or evidence. 

Our solution: We remove dependence on tick-box security awareness training by delivering AI-curated content, virtual cyber assistance, targeted GCHQ-accredited learning and personalised ‘nudge’ interventions that scientifically address cyber awareness, behaviour and culture. This means a better understanding of risk, demonstrable risk reduction, a clearer view of ROI, reduced costs, greater productivity and better tech adoption across the workforce.

How we do it: The CybSafe platform uses proprietary technology and advanced data analysis to extract and present the risk metrics, measurements, indicators and insights. This helps companies make better decisions about human cyber risk. This unique blend of deep insight technology, advanced data analysis and intelligent automation has been applied to the behaviour change, risk reduction and reporting aspects of cyber awareness, behaviour and culture. Our innovative technology is underpinned by a world-leading scientific research and analysis capability.

Our goals for the next year: 

• Develop our high-quality channel partner programme
• Unveil further exciting and market-leading technology interventions and technical integrations
• Increase adoption in the UK and a number of overseas jurisdictions such as the GCC, US and Mainland Europe

Red Sift

Founder: Randal Pinto, Rahul Powar

Location: London

Website | Twitter

The problem we solve: A major problem in Cyber Security lies in the asymmetry of the cost to attack vs the cost to defend. The best estimate suggests it is 400 times cheaper to launch an attack than it is to defend against one. Red Sift exists to change the economics of this model and enable organisations to defend themselves against the daily onslaught.

Our solution: Red Sift brings a consumer-led product suite to Cyber Security that can deliver value to any type of business or organization with a digital presence. Red Sift believes in using computers instead of consultants to enable organizations to make meaningful improvements to their Cyber Security defences. For example, OnDMARC gives users specific actions to follow and tools to use, so they can secure their email domains against spoofing.

How we do it: Red Sift Open Cloud is a data analysis platform, purpose-built for the challenges of Cyber Security. By harnessing the power of AI, we can securely collate, compute and visualise data from thousands of individual signals to help organizations optimize their Cyber Security. The first product on the Red Sift platform is OnDMARC, a SaaS product that helps organizations to implement and maintain DMARC. An email authentication protocol effectively blocks phishing attacks and increases the deliverability of genuine emails.

Our goals for the next year: 

• Grow sales and our product portfolio
• Continue to scale sales for our OnDMARC product
• Complete the commercial launch of our OnINBOX product to fully round out our email security strategy
• Finalise the commercial launch of InGRAIN, our anomaly detection platform

XQ Cyber

CEO: David Carroll

Location: Cheltenham

Website | Twitter

The problem we solve: Decision-makers do not have a simple view of their organisations' exposure to cyber threats or which corrective actions to take. 

How we do it: Through detailed scanning and smart analytics, CyberScore(TM) gives organisations an easy-to-understand insight of their exposure to cyber threats, and a ‘Get Well’ plan of prioritised recommendations for remedial action. We have the ability to score, peer rate and report both internally (behind the firewall) and externally on organisations and their supply chains.

Our goals for the next year: 

• Significant progress into the UK's SMB (50 - 1,000 staff) market
• Initial expansion into overseas territories

Corax

Founder: Jonathan Pope

Location: London

Website | Twitter

The problem we solve: Company directors, insurers, IT and security companies want quantified intelligence on the level of cyber risk affecting individual or groups of companies, i.e. the likelihood and expected loss costs of data theft, data compromise and IT disruption, so they can manage cyber risk more effectively by making more informed decisions about security actions, expenditure and insurance.

Our solution: Corax provides data and reports on the continuous, external assessment and quantification of cyber exposure. Rather than simply rating an individual or groups of companies, Corax uses AI-enabled, insurance-validated models to predict the probability of, and expected loss costs of data theft, data compromise and IT disruption, benchmarked against millions of other companies. 

How we do it: Corax has the largest source of cyber risk data and analytics with an unprecedented 10 million companies modelled for cyber risk in our database. Now spanning 233 countries and 213 industry sectors, the database will continue to grow fast, as Corax is assessing and modelling – not simply rating – hundreds of thousands of new companies every single day for cyber risk. Not only does this enhance the ability of companies and insurers to manage cyber risk more accurately, it also unlocks value in cyber by providing a searchable database for insurers, brokers, consultancies and the security community to mobilise resources.

Our goals for the next year: 

• Series A
• 50 million companies in our database
• 100 paying customers
• Seen as category leader in predictive cyber modelling
• Penetrate new target markets outside of insurance market e.g. enterprise, government agencies & police, security consultancies

iProov

Founder: Andrew Bud

Location: London

Website | Twitter

The problem we solve: Simply and securely authenticating remote users for ID verification and logical access control.

Our solution: iProov's Flashmark technology securely establishes the Genuine Presence of a remote user's biometric without requiring any particular hardware nor demanding any user action. Our ID Matcher solution compares the user's face to a Government-issued ID document photo, whereas our Verifier solution compares it with a trusted selfie. Our Palm Verifier authenticates users by verifying their genuinely present palm prints, captured on any mobile phone.

How we do it: We are uniquely usable, as evidenced by many controlled tests, with outstanding transaction completion rates. Yet we are uniquely secure and robust against the full range of presentation and replay attacks, as evidenced by several competitive tests carried out by governments and national laboratories. Our technology is the subject of 15 granted patents.

Our goals for the next year: 

• Deploy in the national ID infrastructure of a leading state
• Used on a national level in several others
• Grow by over 100%

Part 2

SE Labs

Founder: Simon Edwards  

Location: London

Website | Twitter

The problem we solve: Companies spend billions of dollars annually on Cyber Security products and services, but they usually lack the expertise to assess quality prior to purchase. Usually, the best they can achieve is a so-called Proof of Concept test that is nearly always directed by the vendor of the product. This reduces the credibility of the results. 

Our solution: SE Labs offers testing services to security software and services vendors and their customers.

How we do it: We specialise in testing endpoint, network and cloud detection, protection and response products using advanced attack techniques supported by digital forensics to prove successful attacks and aid product improvement. Detailed, ethical and realistic testing conducted with the goal of product recognition (when products are good), but with the capacity to improve products that fail to detect and/or prevent cyber threats.

Our goals for the next year:

• Increased testing of network and cloud products
• A new report licencing programme

Awen Collective

Founder: Daniel Lewis

Location: Caerphilly, Wales

Website   |   Twitter

The problem we solve: The push towards Industry 4.0 has seen the convergence of IT and Operational Technologies (OT), and legacy and contemporary technologies within factories and critical national infrastructure. This opens up the frequency and complexity of cyber attacks on these systems.

Our solution: Awen Collective reduces the cost of cyber threat within manufacturing and critical national infrastructure by developing software products that simplify the whole Digital Forensics & Incident Response lifecycle before and after an incident.

How we do it: Our first two software products within the suite are Profile (a SaaS product for compliance checking CNI against regulation) and Dot (a software product for asset & vulnerability discovery on Operational Technologies). We apply the well-defined field of Digital Forensics & Incident Response to Operational Technologies. We have a deep understanding of manufacturing and critical infrastructure, and recognise that IT tools should not be applied to safety-critical engineering environments.

Our goals for the next year:

• Expansion across UK markets, and significant growth across Europe
• Upgrade our software products for use alongside other standards/regulations, and with support for other protocols/devices
• Perform collaborative R&D which can be commercially exploited

Fortium Tech

CEO: Tony Miles

Location: Bridgend, Wales

Website  |   Twitter

The problem we solve: Piracy of digital entertainment is one of the best known and most widely practiced forms of cyber crime, and with movies grossing millions of dollars at the box office, losses due to pre-premier leaks can be very significant. 

Our solution: Fortium secures files at-rest in B2B media and entertainment environments.

How we do it: We do this using MediaSeal, our file encryption at-rest, in motion and in use. MediaSeal encrypts any file, on any system, in any location. Files stay encrypted even during access or editing processes.

Our goals for the next year: 

• Enterprise licences within Media and Entertainment
• Reach 1000 monthly users
• Raise capital that will allow us to invest in new markets - healthcare, advertising, HR, industrial and public sector.

Novastone

Founder: Douglas Orr

Location: London

Website  | Twitter

The problem we solve: We live in a world where the primary means of business communications with clients is transitioning from being centred on correspondence (letters, fax, email) to one centred on conversation such as voice and instant messaging (IM). Internally, organisations are struggling to engage staff with email and corporate messaging systems such as Slack and its many imitators including MSFT Teams. Consequently, staff resort to their personal phones and consumer messaging platforms that are neither secure, GDPR compliant or integrated. 

Our solution: Novastone mainly helps organisations in regulated industries, by making the transition to IM centred communications. Our patented technology has proven its unique ability to enable IM that both clients and staff will engage with. The initial focus has been on the banking sector, but the company has more recently begun to engage with other verticals such as government, insurance and health. 

How we do it: Novastone’s software is deployed in the cloud or data centre environments of its clients as a white label (own branded) solution for staff and clients. Clients can also ‘chat’ via popular consumer IM platforms such as WhatsApp, Apple Message and WeChat to staff deployed on Novastone. Later in 2019 an SDK for use with existing apps will be released. It can also be integrated with existing software such as CRM, workflow and new bot/AI solutions. It has also been granted patents for some of its core technologies, both in the UK and USA, with more pending. 

How we do it: The revenue model is a subscription SAAS model based upon the number of staff and clients using Novastone. We are a leading provider of IM centric client and staff collaboration systems with unique patented IP who are backed by years of experience and work with some of the world's largest banks. We challenge the prevailing chat architectures with a solution that clients and staff will actually use. 

Our goals for the next year: 

• Continued depth of our financial industry client bases 
• Break-out into verticals defined by security, compliance and integration with existing SW

CryptaLabs

Founder: Joe Luong

Location: London

Website  | Twitter

The problem we solve: Intelligent Transport Systems (ITS) need security to be built by design at the beginning of the process. Secure communication between devices is critical to develop trust between the vehicles and the central hubs to coordinate traffic flow and reduce road accidents. 

Our solution: Crypta Labs provides secure communication with our military-grade quantum technology. 

How we do it: Crypta Labs has developed a quantum enabled Hardware Security Module (HSM) fully integrated with an established Public Key Infrastructure solution to secure the communication between V2V and V2X. We have 3 USPs: We're the only company in the world that has an ETSI 1.3.1 compliant HSM, we have built a full end to end On Board Unit, Roadside Unit, integrated with an HSM and PKI and backed up by O2 server systems, and we are the only company that has developed a quantum enabled HSM to provide quantum safe encryption. 

Our goals for the next year: 

• To sign our second contract worth £5 million in revenue

Keepnet Labs

Founder: Ozan Ucar

Location: London

Website   | Twitter

The problem we solve: Phishing forms the basis of more than 91% of breaches. 95% of successful cyber-attacks start using the same email-based method. It is the preferred method of attack for high-threat actors due to its effectiveness. It takes an average of 146 days to identify a breach and a further 82 days to contain it. Recent examples include the WannaCry ransomware outbreak, where the NHS faced a recovery bill in excess of £92M to restore systems.  

Our solution: Keepnet covers all phases of email threats with unique solutions that are designed for that specific phase of the email attack chain and thus can stop an email-based attack before it propagates. 

How we do it: Keepnet Labs solution delivers a full-spectrum approach to mitigating phishing risk by analysing phishing attacks using artificial intelligence and third-party integration for identification, notification and deletion of suspicious mails. Through safely simulating phishing attacks using a broad range of real-world models and automating malicious email management through “one-click” removal, as well as many other levels of support and protection, Keepnet allows organisations to safely test their email technical security perimeter.

Our goals for the next year: 

• Maximize shareholder and stakeholder value by growing the company and revenue
• Keep innovating and testing new products and technologies in order to keep pace with the global demand for security
• Penetrate the US market and the EMEA market by the end of 2020
• Generate a minimum of 5000 new leads
• Make sales to an average of 400 customers
• Find more network and resellers
• Raise Series A
• Expand a skilled team

Part 3

White Bullet Solutions

Founder: Peter Szyszko 

Location: London

Website

The problem we solve: Businesses who advertise online can often find it difficult to control where their ads appear, meaning they are unwittingly helping to fund illegal websites and applications or associating with unsafe domains.

Our solution: White Bullet Solutions ensures that users can simply and securely authenticate remote users for ID verification and logical access control.

How we do it: We use AI to assess over 400 data points to accurately identify and verify IP infringement in real time. We also apply optical image processing and natural language processing to assess and identify billions of ads that fund these platforms. Through technology, we have created a unique risk index that can be applied much like a dynamic and constantly updated credit score for websites and apps. This helps advertisers and many more parties to understand the risk profile of a web page or app at any given time and provides transparency on misaligned ad placement. 

Our goals for the next year: 

• Scale up our monitor and scoring to cover Asia and Asian advertising
• Expand our talent to grow the sales team and R&D
• Launch new services tracking advertising compliance in-app
• Address the growth of playable (gaming) and video ads appearing on pirate sites and apps.

Salt DNA

Founder: Joe Boyle

Location: Belfast

Website   |   Twitter

The problem we solve: Mobile phones are a hotspot for hackers to intercept important information about your work and personal life. With the huge number of communication options on a smartphone, the attack surface for hacking and the interception of strategic information is large and growing. 

Our solution: SaltDNA’s solution provides secure voice, messaging, conference calling and image/file transfer for busy professionals who need to make important decisions while on the move. SaltDNA's customers include large oil & gas companies, defense & security services, enterprise executives, government bodies, financial institutions and legal firms.

How we do it: We offer a multi-tier, multi-tenant system which organisations can deploy within their own servers, or utilise as a SaaS platform. Unlike many products, which offer a completely open system, SaltDNA’s closed system means that users need to be invited by an official organisation. Organisations can also fully white-label the solution to provide to users internally, or to sell to their own customer base with their own branding. 

Our goals for the next year: 

• Grow by doubling our sales revenue.
• Increase our footprint within a number of key regions including the United States
• Gain greater recognition from analysts
• Deploy a number of major feature releases which will significantly increase our product offering 

Skurio

CEO: Jeremy Hendy

Location: Belfast

Website   | Twitter

The problem we solve: Digital transformation, transition to cloud services and increasingly complex data supply chains, means businesses can no longer protect their data by just defending their network. Traditional Cyber Security solutions can't protect your data when it's outside your perimeter. With GDPR fines now running into hundreds of millions, businesses need to look beyond the perimeter and take a different approach to manage their Digital Risk.

Our solution: Skurio is a Digital Risk Protection company providing SaaS applications for data breach detection, Dark Web monitoring, and data watermarking. Skurio’s solutions safely reveal the threats to your data that exist outside your network and illuminate digital risk, so you can act sooner and faster to mitigate it. 

How we do it: BreachAlert is an automated, easy-to-use SaaS application which continuously monitors the open, deep and Dark Web, and alerts you in real time if your organisation’s data has been sold, marketed, or leaked online. It is easy to use, automated and integrates directly. Our cloud-hosted solutions can be deployed in minutes, making them accessible to mid-tier organisations without a dedicated SOC or IT Security team, and can scale down to "zero touch" for SME deployments. We don't require expensive expert users to set up and manage our solution, which makes them very affordable, in comparison to alternative manual solutions.

Our goals for the next year: 

• Grow our digital marketing and sales teams 
• Expand our European presence through channel partners
• Triple our revenues, and secure our next 100 customers
• To launch several new API integrations with third-party platforms 

LuJam

Founder: Tim Moran

Location: Bristol

Website   |   Twitter

The problem we solve: More than 97% of all global businesses are small and medium-sized enterprises that account for half the value of the world’s economy. These businesses have historically been unable to afford much more than a firewall and antivirus software. It is estimated from UK figures that in 2018, some 31% of all global SMEs suffered from an attack costing the world economy more than $52bn. The worst thing of all is that this was mainly preventable.

Our solution: LuJam delivers effective Cyber Security within 7 days through gamification and continuous weekly recommendations for improvement. Our comprehensive service combines asset discovery, compliance monitoring, network control, blocking through behavioural monitoring, visibility of cloud services, vulnerability scanning and the ability to query detailed desktop information to provide a comprehensive risk profile of small company IT environments.

How we do it: There are five basic technical controls that if implemented correctly, are known to eliminate 95% of today’s cyber threats. LuJam is a simple but powerful network scanner with cloud analytics for MSPs and their SMEs that not only monitors these five controls, but also discovers IT assets, assesses risk, recommends improvements and provides continuous IT monitoring. LuJam is the best-in-class proprietary Cyber Security solution designed to be delivered to SMEs via a multi-tenanted Managed Service Provider platform. 

Our goals for the next year: 

• Close a $1 million Seed round to expand
• Expand our channel sales operation and establish a high-quality customer support team
• Acquire 950 new customers
• Sign an additional 50 Managed Services Providers and 5 Distributors/ISPs
• Seek Series A within 15 months.

My1Login

Founder: Mike Newman 

Location: Glasgow, Scotland

Website   |    Twitter

The problem we solve: The trend towards SaaS is moving enterprise identities outside the traditional corporate infrastructure. This increases organisations threat landscape and creates the challenge of securing access to applications that sit outside the organisation’s direct control. 

The risk for organisations is that of compromised identities and a data breach. Verizon’s Data Breach Investigations Report confirms this, with their research finding that 81% of hacking-related breaches involved weak or stolen passwords. 

My1Login solves this problem by removing the need for employees to know, create, manage or even enter passwords. My1Login integrates with an organisations existing directory structure and provides Single Sign-On into every app type, putting the business back in control of securing access to applications.

How we do it: My1Login is the UK’s most secure, most widely-compatible, award-winning enterprise Identity & Access Management solution that enables organisations to mitigate password-related cyber-security risks, control user identities and help meet critical compliance obligations such as GDPR.

Our IAM solution solves the problem of weak passwords and practices, enabling organisations to control user access and centralise identity through Single Sign-On. Its SSO integrates with all app types - web apps, mobile apps, flash apps, virtualized apps, and even legacy, thick-client apps and mainframes. 

My1Login can also be used to prevent phishing by centrally creating password policies that automatically update user passwords on third-party applications. These passwords can then be hidden from users on the My1Login system so users are able to log into the application, but are unaware of the password for it - and if they don’t know the password, how can they be ‘phished’ for it?

Our goals for the next year: 

• Build our existing base of large enterprise customers.
• Leverage our experience across all vertical markets to accelerate growth.
• Build upon existing international customer base to further expand into European market.

Best of British Cyber Security

Presented by Tech Nation

Who we are

Tech Nation is the UK’s network for ambitious tech entrepreneurs. Our job is to make the UK the best place to imagine and grow a tech company. 

Our services include:

• Growth programmes for companies of all sizes and sectors.
•  Visa services for Exceptional Tech Talent wanting to move to the UK
• Leading insights and expert resources
• Our Digital Business Academy offering online courses to build business skills

How to get in touch with us

We’d love to hear from you - take your pick on how to get in touch.