The Startup Ecosystem: A Crucial Battleground in the War Against Cybercrime

Cyber-threat actors are becoming increasingly sophisticated and adaptable in their approaches overcome improving defences. A case in point is the scourge of ransomware, where attackers are pivoting their techniques following a period of relative success in tackling this notorious threat vector.

Innovative ideas and the ability to adapt quickly are therefore essential to counter modern threats, and these are traits that are strongly associated with startups. Such companies tend to be more specialised and focused than their larger counterparts, making their solutions particularly effective.

Additionally, they’re renowned for adopting innovative solutions and practices to help them stand out in the field.

Startups’ more informal structures and processes also make them ideally positioned to pivot quickly – critical in a rapidly evolving cyber-threat environment.  

Speaking in January 2021, Saj Huq, director of innovation at Plexal and formerly director of the London Office for Rapid Cybersecurity Advancement (LORCA), noted: “It is these companies that we will ultimately rely on to solve the inevitable new cyber-challenges arising from a society that is increasingly digital-first.”

Nevertheless, startups face substantial barriers in their efforts to scale up and becoming a successful company, even when they have groundbreaking ideas and products.

Firstly, the cybersecurity industry is a large and growing sector, with Fortune Business Insights projecting the sector to grow from $172.32bn in 2023 to $424.97 bn in 2030, at a CAGR of 13.8%. This means it is a very crowded marketplace, and difficult for new players to stand out.

Adding to the noise is the vast amount of jargon and overly dramatic language used within the industry. For end users, it can be very difficult to cut through this noise, leading to fatigue and even apathy to innovation.

In addition, many cybersecurity startup companies are staffed by individuals with limited business knowledge, and crucially lack contacts in the financial world to find investment. Often, early-stage companies in this field are run by individuals with lots of technical acumen but struggle to communicate their ideas to potential customers and investors.

Speaking to Infosecurity Magazine in an interview in 2020, LORCA’s Huq emphasised the importance of these firms developing commercial skills. This includes understanding how to market effectively – understanding who to target and how to communicate their offering. Encouragingly, opportunities are emerging in this area.

In recent years, the UK government has emphasised the vital role it wants startups to play in strengthening society’s cyber resiliency. It was one of the key areas of focus for its national cyber strategy that was published in December 2021.

Therefore, the government has taken major strides with partners to create programs designed to help cyber startups in scaling their business and securing vital funding – overcoming the big hurdles they often face.

This began in 2018 with the government-backed LORCA program, run by innovation center Plexal. Supported by partners Deloitte and The Centre for Secure Information Technologies (CSIT) at Queen’s University Belfast, cyber startup companies were given the opportunity to apply to join five cohorts over a three-year period.

Successful applicants were given support and access to investors, connecting with an ecosystem of academia, innovators, government, investors and industry.

LORCA proved highly successful, helping 72 cyber innovators raise over £200m in investment. This massively exceeded the original target of £40m over the three-year timescale.

Following the end of the LORCA initiative, the Cyber Runway was launched. Again, delivered by Plexal with government funding and support from Deloitte and CSIT, the programme helps UK cyber startups Launch, Grow and Scale. Support includes increasing entrepreneurial representation within the innovation ecosystem, navigating the economic climate and creating greater connectivity between regional, national and international networks.

In May 2023, Cyber Runway 3.0 was announced following two earlier accelerators – in 2021 and 2022.

Additionally, in June 2021, the UK government announced the launch of the NCSC For Startups program, allowing selected companies to receive insights and guidance from NCSC experts over a 12-month period. In partnership with Deloitte, CyNam, Hub8 and QA, these companies are given support in areas like business development and access to help them shape their products and get them ready to grow.  

Enjoyed this article? Make sure to share it!

Looking for something else?