The Startup Ecosystem: A Crucial Battleground in the War Against Cybercrime
Cyber-threat actors are becoming increasingly sophisticated and adaptable in their approaches overcome improving defences. A case in point is the scourge of ransomware, where attackers are pivoting their techniques following a period of relative success in tackling this notorious threat vector.
Innovative ideas and the ability to adapt quickly are therefore essential to counter modern threats, and these are traits that are strongly associated with startups. Such companies tend to be more specialised and focused than their larger counterparts, making their solutions particularly effective.
Additionally, they’re renowned for adopting innovative solutions and practices to help them stand out in the field.
Startups’ more informal structures and processes also make them ideally positioned to pivot quickly – critical in a rapidly evolving cyber-threat environment.
Speaking in January 2021, Saj Huq, director of innovation at Plexal and formerly director of the London Office for Rapid Cybersecurity Advancement (LORCA), noted: “It is these companies that we will ultimately rely on to solve the inevitable new cyber-challenges arising from a society that is increasingly digital-first.”
A Challenging Place to Start
Nevertheless, startups face substantial barriers in their efforts to scale up and becoming a successful company, even when they have groundbreaking ideas and products.
Firstly, the cybersecurity industry is a large and growing sector, with Fortune Business Insights projecting the sector to grow from $172.32bn in 2023 to $424.97 bn in 2030, at a CAGR of 13.8%. This means it is a very crowded marketplace, and difficult for new players to stand out.
Adding to the noise is the vast amount of jargon and overly dramatic language used within the industry. For end users, it can be very difficult to cut through this noise, leading to fatigue and even apathy to innovation.
In addition, many cybersecurity startup companies are staffed by individuals with limited business knowledge, and crucially lack contacts in the financial world to find investment. Often, early-stage companies in this field are run by individuals with lots of technical acumen but struggle to communicate their ideas to potential customers and investors.
Speaking to Infosecurity Magazine in an interview in 2020, LORCA’s Huq emphasised the importance of these firms developing commercial skills. This includes understanding how to market effectively – understanding who to target and how to communicate their offering. Encouragingly, opportunities are emerging in this area.
UK Startup Programmes
In recent years, the UK government has emphasised the vital role it wants startups to play in strengthening society’s cyber resiliency. It was one of the key areas of focus for its national cyber strategy that was published in December 2021.
Therefore, the government has taken major strides with partners to create programs designed to help cyber startups in scaling their business and securing vital funding – overcoming the big hurdles they often face.
This began in 2018 with the government-backed LORCA program, run by innovation center Plexal. Supported by partners Deloitte and The Centre for Secure Information Technologies (CSIT) at Queen’s University Belfast, cyber startup companies were given the opportunity to apply to join five cohorts over a three-year period.
Successful applicants were given support and access to investors, connecting with an ecosystem of academia, innovators, government, investors and industry.
LORCA proved highly successful, helping 72 cyber innovators raise over £200m in investment. This massively exceeded the original target of £40m over the three-year timescale.
Following the end of the LORCA initiative, the Cyber Runway was launched. Again, delivered by Plexal with government funding and support from Deloitte and CSIT, the programme helps UK cyber startups Launch, Grow and Scale. Support includes increasing entrepreneurial representation within the innovation ecosystem, navigating the economic climate and creating greater connectivity between regional, national and international networks.
In May 2023, Cyber Runway 3.0 was announced following two earlier accelerators – in 2021 and 2022.
Additionally, in June 2021, the UK government announced the launch of the NCSC For Startups program, allowing selected companies to receive insights and guidance from NCSC experts over a 12-month period. In partnership with Deloitte, CyNam, Hub8 and QA, these companies are given support in areas like business development and access to help them shape their products and get them ready to grow.
Looking for more infosecurity & cybersecurity insights?
Be part of Europe’s largest information security event, Infosecurity Europe 2023 on 20-22 June, at ExCeL, London. Register for your complimentary ticket to attend the event.
The Investment Landscape
Despite the successes of these programmes, figures show that cybersecurity remains a difficult field to break into for new companies. In 2021, Plexal said that most funding remains targeted at already established business, warning that this imbalance could lead to a “lost generation” of cyber startups.
The impact of the global financial crisis also appears to be having a significant impact on investment for early-stage companies. The UK Cyber Security Sectoral Analysis 2023 found that £302m was raised by cyber security firms across 76 deals in 2022 – down from £1bn in 2021.
It is therefore crucial that cyber startups are given more support and education on how to gain visibility and access to funding in this uncertain economic climate.
Startups at Infosecurity Europe
This year’s Infosecurity Europe conference, taking place from 20-22 June 2023, will once again host the UK’s Most Innovative Cyber SME 2023 contest. In partnership with The Department of Science, Information and Technology (DSIT), the competition will place 14 of the UK’s most creative and original information security SMEs in the spotlight, with a panel of expert judges selecting the winner.
Last year’s winner was TryHackMe, a cybersecurity training platform launched in 2018 that focuses on providing gamified lessons to its users. Previous winners have gone on to be highly successful, such as cybersecurity reskilling provider CAPSLOCK (2021) and white hacking training platform Hack the Box (2019).
In addition to the SME contest, Infosecurity Europe will have a dedicated Start-up showcase, in which attendees can hear from the latest information security companies at the cutting edge of technology development.
On the keynote stage from 13.45-14.10 on Tuesday 20 June, Saj Huq will highlight the challenges faced by startups in cybersecurity, and how these can be navigated.
Enjoy this article? Make sure to share it!
Keep up to date with the latest infosecurity news and trends in our latest articles.
Receive monthly newsletters and updates about key events and news from Infosecurity Europe.
Looking for something else?