Press release

Cyber security boost for UK firms

Measures to help UK businesses face the cyber security challenge and help our cyber security firms tap into the US market have been announced.

This was published under the 2010 to 2015 Conservative and Liberal Democrat coalition government

New measures to help UK businesses face the cyber security challenge and help our cyber security companies tap into the US market have been announced today (16 January 2015), as the Prime Minister visits the United States with UK cyber security firms.

The Prime Minister is in the US for talks with President Obama and cyber security is high on the agenda as the government steps up its efforts to combat cyber threats against the industry. In a bid to win more British business for the growing sector, a group of 12 UK cyber security firms are also travelling to Washington to meet a host of US businesses.

New government support to keep UK businesses stay safe in cyberspace includes:

  • a new cyber security envoy has been appointed to help British small businesses and first-time exporters promote their business interests across the US. Andy Williams will be based in the British Embassy in Washington and help boost UK-US cyber security deals
  • an updated ‘10 Steps to Cyber Security’ guide which shows businesses how to combat cyber threats
  • new research published today by the Department for Business, Innovation and Skills (BIS) which shows top UK companies are improving their responses to cyber threats. The results of the annual ‘Cyber Governance Health Check’ for FTSE350 companies shows increased awareness and action, along with areas for improvement
  • publication of a new report from GCHQ detailing the common cyber-attacks used against industry by cyber criminals and how to stop them

Prime Minister David Cameron said:

The UK is already leading the way in cyber security and this government is committed to ensuring it continues to be a leader in this multi-billion dollar industry. That’s why on this trip I’m showcasing some of the leading UK cyber security small businesses, some of whom are already beating off the competition and opening offices and securing contracts in the US. We’re also stepping up the practical support we offer UK cyber security companies to make sure they have the best opportunity to win even more business in the US.

We need to make sure the UK remains one of the most cyber secure places in the world to do business. It’s great news that even more companies have signed up to our Cyber Essentials Scheme to keep themselves safe and we will continue to invest in supporting companies of all sizes with their cyber security.

Business Secretary Vince Cable said:

The UK has a world-leading digital economy, growing three times as fast as our overall economy and employing over a million people. Our businesses earn £1 in every £5 from the internet, so it’s vital that we work with them to combat online crime, and make sure large and small firms alike are protected.

The measures we’re announcing today will boost the UK cyber security industry and ensure UK Plc can continue to stay safe and thrive online.

The UK cyber security sector has world-leading capabilities and is worth over £6 billion, employing 40,000 people. UK cyber security exports increased 22% from £850 million to over £1 billion during 2013 and are on track to meet a target of £2 billion by 2016.

Further cyber security announcements made today include:

  • improved cyber security information and advice for businesses via the government’s Business Support Helpline, the Business Growth Service and www.greatbusiness.gov.uk
  • funding for a new cyber security “Pre-Accelerator” programme to support early stage cyber security start-up firms and fast track them to success
  • funding for a second US-UK Cyber Security Innovation Summit to showcase UK cyber companies, increase collaboration with US partners and support innovation
  • companies across all sectors are realising the importance of protecting themselves from cyber threats and taking advantage of the support the UK government already offers to help businesses protect themselves. Five more FTSE100 companies (National Grid, GlaxoSmithKline, Standard Chartered Bank, Aberdeen Asset Management and Babcock International) and data firm EMC have today announced their intention to adopt the UK’s Cyber Essentials Scheme. The Cyber Essentials Scheme was launched in June 2014 and provides a set of basic controls to help all organisations protect themselves against the most common cyber threats. Over 200 companies have now achieved the Cyber Essentials badge with a further 150 in the process

The announcements strengthen the government’s National Cyber Security Programme (NCSP) which was launched in 2011 and is backed with £860 million investment. It furthers the work of the Cyber Growth Partnership, the joint industry and government group promoting growth and exports in the UK cyber security sector.

A number of commercial cyber announcements have also been made:

Washington-based cyber security specialist private equity firm Paladin Capital Group is also helping to grow the UK cyber security market by opening a new European Office in London.

And, following a successful pilot programme, Lockheed Martin is investing £250,000 in a cyber security Virtual Technology Cluster, bringing together industry, academia and the investment community, in partnership with London-based Restoration Partners. It will offer 2,500 UK tech innovators the opportunity to become involved in 5 cyber security contracts which could support a further 250 jobs in the UK.

Companies on the Prime Minister’s delegation with announcements include:

RepKnight, a UK company which specialises in open-source cyber intelligence monitoring and analytics. RepKnight has won its first contract with the US government, worth £1.7 million over the next 4 years.

Also Digital Shadows, a London based cyber intelligence firm which helps businesses protect themselves from hackers, has announced they will be opening their first US office and creating another 30 jobs.

Cambridge-based cyber defence company DarkTrace which applies human immune system principles to detect cyber threat has announced that they will be extending their US presence with a new HQ in Washington.

Other companies on the delegation include:

  • Cambridge Intelligence (Cambridge) helps organisations visualise connected data. Successful customers span sectors including cyber security, law enforcement, military intelligence, intelligence analysis, anti-fraud, data discovery and business intelligence
  • Deep-Secure (Malvern, Worcestershire) is a cyber security software specialist with considerable technology track record for helping organisations in defence, security, private and public sectors to securely share information
  • Ripjar - (Gloucestershire and London) the firm’s platform provides simple, configurable realtime dashboards and interactive graphics to help organisations benefit from the richness of social media, blogs, news and internal data. The platform is used in command centres, analyst desks and front of house to bring clarity to organisations’ data
  • Garrison Technology (London) is developing a hack-proof internet experience for corporates that allows users to browse the web, click on links and open email attachments without fear of compromise. Their patent-pending technology uses the latest chip design from UK technology leader ARM
  • Panaseer (London) cuts through the cyber fear, uncertainty and doubt by helping company executives to answer the question, “How secure are we?” The Panaseer platform uses Big Data technology to provide the insight needed to understand cyber security risk through an intuitive, executive friendly interface
  • Titania (Worcester) launched commercially in 2010 and has grown rapidly and now supplies to over 60 countries. Their multi-award-winning software (Nipper Studio and Paws Studio) automates network security and compliance audit reporting processes. It enables organisations to make substantial savings by achieving in seconds what typically takes days or weeks to carry out manually
  • Certivox (London) are the creators of M-Pin, a Zero Password™ Strong Authentication Platform, enabling cost-effective and agile strong authentication at mobile internet scale. M-Pin eliminates passwords and password database breaches altogether while increasing user safety and convenience
  • Surevine (London) designs, builds and supports secure collaboration environments for UK Central Government and organisations with the most demanding security requirements. Its smart collaboration technology joins people up securely, enabling a real-time response to cyber threats and incidents
  • Cyberlytic (London) provides security intelligence software that reduces the demand and workload of security teams and provides decision support. Through research originally completed for the UK Ministry of Defence, Cyberlytic is the originator and owner of intellectual property relating to real-time risk assessment and prioritisation of cyber-attacks

Also joining the official delegation during the trip was Intercede, a cyber-security software company with offices in the UK and US. Intercede’s MyID system enables enhanced digital trust for authentication, confidentiality and IP protection from networks, mobile devices and the Internet-of-Things.

Notes to editors:

  1. The ‘10 Steps to Cyber Security’ is a successful guide from GCHQ, CPNI, BIS and the Cabinet Office showing businesses the practical steps they can take to improve the security of their networks and the information carried on them. Originally published in 2012, it has been updated to ensure its continuing relevance in the climate of an every growing cyber threat, and the new schemes and services (such as Cyber Essentials and the Cyber Incident Response Scheme) recently launched as part of the National Cyber Security Programme. You can see the updated document Cyber security guidance for business.
  2. The relaunch of the ‘10 Steps… ’ accompanies a landmark report on Common Cyber Attacks issued by GCHQ, detailing for the first time the common attacks used by cyber criminals. The report uses real case studies to explain the nature of the risk and how it can be prevented. Around 80% of cyber attacks could be prevented if businesses put simple security controls in place. The Cyber Essentials scheme shows how to put these controls in place.
  3. The Cyber Governance Health Check is carried out in partnership with leading audit firms (BDO, Deloitte, EY, Grant Thornton, KPMG and PWC) and tracks how well FTSE350 companies are managing and responding to cyber risks. The 2014 results show an increasing maturity among top UK firms in dealing with cyber threats, with 58% of firms using the government’s “10 Steps” cyber security guidance (up from 40% in 2013) and 88% including cyber security on their risk register (up from 58% in 2013). All participating companies receive a confidential benchmarking report, which enables them to compare governance behaviours with their peers. The report can also help identify vulnerabilities, which the companies can discuss with their trusted advisors. The full health check report and summary infographic are available at Cyber governance health check: 2014.
  4. The UK Cyber Security Strategy sets out how the UK will support economic prosperity, protect national security and safeguard the public’s way of life by building a more trusted and resilient digital environment.
  5. Further information on the Cyber Essentials scheme can be found here: www.cyberstreetwise.com/cyberessentials.
  6. About CESGCESG is the UK government’s National Technical Authority for Information Assurance (IA) and is the Information Security arm of GCHQ. CESG protects the vital interests of the UK by providing policy and assistance on the security of communications and electronic data, working in partnership with industry academia.
  7. GCHQ is 1 of the 3 UK intelligence agencies.
  8. CPNI is the government authority on protective security in relation to national security threat. It provides advice to businesses and organisations across the national infrastructure covering physical personnel and cyber security/information assurance.
  9. The Cyber Growth Partnership (CGP) is a joint initiative between industry, academia and government, to boost the UK’s global market position in cyber security products and services. The main UK ICT trade association, techUK, coordinates business and academic involvement in the CGP, while a high-level board, co-chaired by Ed Vaizey, Minister for Culture and the Digital Economy, and Gavin Patterson, Chair of BT Group, provides governance.
Published 16 January 2015