Hunched over a laptop in Europe’s first cyber security accelerator, Andrew Martin scrolls through a risk assessment programme he has created to help combat the $400bn (£273bn) global cybercrime industry.
“I used to reverse-engineer viruses for fun and track down bad guys,” he says. “So I’m commoditising all of my knowledge and putting it into an assessment.”
The Canadian former bank security worker, who is rated one of the top 100 cybersecurity experts in the world by the Sans Institute, is two weeks into an incubator programme, CyLon, at data-driven hedge fund Winton Capital’s Hammersmith offices, W6.
Conceived in April 2015 by Alex van Someren of venture capital firm Amadeus Capital Partners, and Jonathan Luff and Grace Cassy of Epsilon Advisory Partners, CyLon is a 12-week programme that is nurturing a growing office occupier group in the capital.
“It is a massive and growing market,” says Matthew Ridley, Winton’s technology ventures vice-president. “IT spend is going up globally, but cybersecurity spend within IT is actually going up twice as fast.”
The threat is real. Two-thirds of UK businesses have been targeted by cyberattacks in the past year, according to the government’s cybersecurity breaches survey with Ipsos Mori.
Yet just three in 10 businesses have written cybersecurity policies and only one in 10 have any formal processes for managing such incidents.
The UK market for cybersecurity was worth £2.8bn in 2013 and will rise to more than £3.4bn in 2017, according to the Department for Business, Innovation & Skills.
Silicon Valley has had an advantage over London with its more mature venture capital industry, says Winton’s chief investment officer Matthew Beddall. However, London’s access to talent and proximity to GCHQ, a centre for excellence in cybersecurity with £1.9bn in government backing, makes it a huge growth area.
“I think it is a clear growth area where the UK has clear expertise,” Beddall says. “So if I were a landlord, the idea of having exposure to something that is a growth area sounds like a good thing.”
Cyber start-ups are already starting to take space around the capital, such as security intelligence firm Panaseer, which has offices at 164-180 Union Street, SE1.
Ridley, who was formerly on BP’s cybersecurity team, says many companies have realised that their security experts need to be co-located as closely as possible to the people carrying out business.
“In the early days, lots of people tried to say, ‘well, actually this is just another part of the IT function that can sit out in the Midlands. They do not really need to know what the rest of the business does or know how it functions.’ But information security has got to have a good understanding of the kind of risks around the place and how people actually operate.”
West London has become a hub for cybersecurity businesses that want to have both easy access to City customers and skilled workers in the Silicon corridor, which stretches from Cheltenham to Reading and Bracknell along the M4. IBM, SAP, Cisco and BP’s digital security functions are all based south west of London.
Departments range from 12 staff to several hundred, depending on whether institutions choose to manage all of their security systems in-house, or contract out to specialist companies. The largest occupiers such as Deloitte and BAE Systems have so far chosen to locate around the M4 corridor.
Start-up companies have to balance proximity to business with access to talent and rental costs.
“I would not want to be based in [Canary] Wharf, but I would want to get there in 30 minutes,” Martin says.
However, Canary Wharf Group’s 80,000 sq ft accelerator, Level39 (above), currently has the highest concentration of cybersecurity start-ups in London,
with 17 companies located there.
These range from cyber and information risk management company Security Alliance to online identity security business miiCard.
James Varga, chief executive of miiCard, which operates in 31 countries, says: “The proximity of financial activity is important for us. Fintech and financial services is a challenging environment to be in, especially when you are trying to be disruptive and innovative in that space.”
However, he says the opportunities for collaboration and events offered by the accelerator, alongside good transport links and rents, are all benefits of the location.
Adizah Tejani, head of ecosystem development at Level39, says connectivity, access to potential investors and flexible leasing options are all major requirements for the cyber security sector.
Start-ups can begin with a “pantry” membership, which gives them access to Level39’s shared desks and WiFi, and grow through a range of hot desk and fixed desk memberships into their own office space in the accelerator.
Cybersecurity departments are mushrooming around institutions beyond Canary Wharf and into the City, says Mark Boleat, chairman of the City of London Corporation’s policy and resources committee.
“Many cybersecurity companies do not wish to have a huge amount of publicity and so often we do not know about them,” he says. “It is something that businesses tell us that they are doing. It has been a huge growth area in the past couple of years. Many companies do a lot of their work in-house. Others prefer to use consultants. Lots do both if they want to check what they are using is good.”
It is unclear what the future holds. But the rise of tech means the war between hackers and security experts will continue to rage.
Occupiers of the future?
CyLon is a 12-week incubator project for cybersecurity firms and experts. Its roster of start-ups include:
• Codebashing: provides application security training for developers by developers
• CyberSparta: provides network visibility and threat detection capabilities, with big data and machine learning
• DynaRisk: offers personal cyber risk management, with a risk score and report
• Galaxkey: helps organisations protect their e-mails and data on any smart device and the cloud
• TripleCheck: provides advice from experts in software originality and exposing plagiarism
• ZZZ: develops products that combine cybersecurity and psychology, to combat human error
Cyberattacks: The risk to property
Increasingly reliant on technology, commercial property companies are not immune to the threat. Sensitive information, strategic plans and tenant information are the most visible targets of cyberattacks, according to the Deloitte Centre for Financial Services.
Given the significant amounts of cash maintained on balance sheets as well as large transactions related to acquisitions, disposals and financing of commercial properties, the industry could be particularly vulnerable to financial cyber crime.
Sandeep Muraleedharan, a senior manager in risk advisory at Deloitte, says attackers will be particularly interested in property companies during merger and acquisition activity. Hackers have been known to impersonate sellers via email to change the bank account number that money should be transferred into. Hackers could also look to get hold of occupier data and the blueprints of buildings, so they can identify access points to the network.
