LORCALive: Key Takeaways

LORCALive kicked off on the 29TH March with the first instalment of the three day virtual event. Day one focused on Restoring trust and enabling innovation, hosted by BBC presenter Ben Thompson.

Interview with Plexal and LORCA Andrew Roughan | Plexal Saj Huq | LORCA

Starting us off we heard from Managing Director of Plexal, Andrew Roughan and Director of LORCA, Saj Huq.

Andrew explains that throughout the year entrepreneurs, start-ups and scale-ups are clearly naturally adaptive, agile and able to cope with change, but a need for re-engagement and reality to return to normal is imperative for three reasons:

  • Collaboration – getting teams together, for start-ups and scale-ups – it’s important to have synergistic collaboration.
  • Engagement – being able to get in front of customers to prove themselves worthy of funding.
  • Funding – The need to see the early stages of funding gaining trust of the venture capital community.

Saj describes how in the last six months there have been multiple continuations:

  • The impact of COVID-19 on the economy and digital economy
  • The need and all pervasiveness on cyber
  • The success of the cyber security start-up ecosystem in the UK and the endurant resilience of business.

Moving online has fundamentally changed the environment on how we all operate, and research has shown 40% of companies in the last year have suffered a cyber attack or cyber incident/breach – a large number of those businesses are SME’s, third sector organisation, charities and health care providers. These sectors are those we need to help to propel out the other side with the resources, technologies and tools they need.

Keynote: Growth of the Cyber Ecosystem – Matt Warman MP | Minister for Digital Infrastructure

Matt details how since Plexal appointed DCMS (Department for Digital, Culture, Media & Sport) in 2018, they’ve supported companies from 5 cohorts raising £167m in investments, generating £128m in revenue and more than 900 contracts – paving the way for 800 jobs by 2022, stimulating innovation, creating better cyber products and services, and growing the cyber economy.

Within the wider work of the National Cyber security strategy and programme which has invest 1.9 billion in new capabilities, they are developing large scale training programmes and have positioned the UK as a world leader in cyber security and developed the cyber sector.

The 2021 cyber security analysis has seen a 21% increase in the number of cyber security firms (up by 1500), and the number of full time employees in the cyber security sector is up 10% by almost 47,000 – overall the sector is now worth £9b.

Funding for start-ups is crucial, through LORCA’s 2020 report, some start-ups have been facing a tough investment climate and struggling to find the growth capital they need.

Also from the LORCA report it was noted that 83% of businesses didn’t have up-to-date anti-virus software, the basics in cyber security – what’s even more concerning is the fact that this is down 5% from the previous year.

The development of the Golden Valley Cyber Park is underway in Cheltenham (home of GCHQ and NCSC) offering huge amounts of opportunity for businesses and the cyber industry to collaborate and develop new approaches to cyber security.

It’s crucial for the cyber security industry and the future workforce that we inspire the younger generation into tech and digital roles, while also providing a pathway to cyber security. For those looking to get into the cyber industry, check out the Cyber First programme delivered through NCSC : https://www.ncsc.gov.uk/cyberfirst/overview

In February a new independent UK cyber security council was announced which allows new entrants to access career practitioners to develop skills and organisations to understand their needs and recruit accordingly.

Panel: Innovation in the Age of Post-Truth

Will Moy – Full Fact | Anna-Sophie Harling – NewsGuard | Dr Bertie Vidgen – The Alan Turing Institute | Adam Micklethwaite – Good Things Foundation

Fake news is a serious problem that  can cause confusion and misunderstanding about important social and political issues, but in can also harm peoples mental health.

Will tells us that Full Fact break down the problems of misinformation and disinformation and work to understand where it comes from and how to tackle it.

Anna-Sophie explains how threats of misinformation and disinformation come from the same places and actors – which are called “Super Spreaders of Misinformation” these are website or accounts that repeatedly spread misinformation. NewsGuard rate at source level and tell people what piece of information has been fact-checked multiple times, helping people thinking critically from the start.

Dr Bertie explains there has been a big focus on how individuals can become more robust in detecting misinformation and disinformation. There is more we can do to scrutinise the content they are exposed to, but we also must look at what the big platforms are doing.

Adam draws attention to the digital divide, pre-pandemic 9 million people in the UK were unable to use the internet without support and 7 million without access at all to the internet, lockdown and the acceleration of digital transformation has only exacerbated the problem of misinformation and disinformation to those limited to internet access or those who use it for limited purposes (social media) – these people are more susceptible to online scams and other harms. The Good Things Foundation helps develop people with media, digital and data literacy as well as solutions at a grass roots level and as exclusively as possible.

We all have the responsibility to choose what we share, Full fact have collaborated with major internet companies and UK and Canadian government officials to share a consultation on how to classify different severities of information incidents and define general incident responses as a shared framework: https://fullfact.org/about/policy/consultations/incidentframework/

Interview with Reid derby | Cyber Central UK | Cheltenham as a Cyber Cluster

Cheltenham is leading the way in cyber, as mentioned before – Cheltenham is home to GCHQ and NCSC – it’s made up of global tech companies and corporations as well as start-ups and world class academic research in the wider region.

The ecosystem is flourishing in Cheltenham, The Golden Valley Development will have cyber at its hook – it’ll be a smart city with innovation at its heart. With a 24/7 campus (opening in 2024), it’ll a place to live, work and hang out.

Reid mentions the fantastic work of the CyNam (Cyber Cheltenham) who are a community interest company and the largest cyber community clusters in the UK, they hold quarterly events in which students have been welcomed on to panel discussions which has led to job opportunities and further access to training.

CyNam are now working with clusters around the UK bringing leadership together to create a cyber cluster collaboration, bringing in opportunities and assets for all.

Keynote: AI, ML and Cybersecurity – myths, buzzwords and reality. | Robert Hannigan – Former Director, GCHQ

There are many scare stories of criminal groups and terrorists and using AI, Robert explains how he has seen virtually no evidence of this, (apart from in social engineering) it’s being confused with automation. The tools being used are more automation at large scale, not what would be called AI.

As mentioned, AI has been used for social engineering – farming social media accounts at scale or via audio deep fakes, which is more AI enabled fraud.

AI will come as part of the arm race the cyber security industry already in, but there are enough rich pickings of poorly defended companies who are not getting the basics right that are attacked by malware.

He also tells us how AI in cyber defence is looking more encouraging. Ai will be used in managed security services in companies for network speed, detection and remediations, as well as in cloud security.

Robert does say that AI is a work in progress and still in development but there is still huge potential.

After such a difficult year for everyone – there are opportunities. Cyber security is fundamental for the recovery of the economy, it’s essential to unlock technologies for all and to have baseline knowledge as digital citizens.

Day two: Enabling future innovation

Panel: The great Cyber Reset

Eleanor Fairford – NCSC | Troels Oerting – Chairman

We are much more dependent on the internet now, due not being able to meet physically anymore, which means we generate much more information, the great reset is a response to this to get everyone together.

80% of unwanted activity on the internet is attributed to criminal groups and around 8-10% to Nation States.

We’ve seen a huge number of crimes exploiting COVID, the fear and unease the pandemic as brought, such as phishing emails, leading to malware and onto further scams.

A rise in ransomware attacks on schools where students working from home are having their credentials stolen, which provides easy access into these organisations.

The more we can foster collaboration the better, we should be seeking common ground and cyber-crime is one of those areas we should look to work together.

Panel: Unlocking emerging technologies

Paul Branley – Lloyds Banking Group | Emma Lindley – Women In Identity | Mark Woods – Splunk

There have always been issues with trust and potentially always will be now we are more interconnected. Despite being connected we are also more divided and fragmented than before due to data breaches, ransomware attacks and nation-state attacks.

We’ve seen with building trust or building things better in general, that the more we can access data and share data in the RIGHT way, the more we can start to build trust and opportunities.

We have to start talking about frameworks that allow us to instil trust, both for the consumer and for organisations – this includes liability frameworks, accountability and governance. GDPR has allowed user to have recourse for their data being misused.

A lot of organisations are moving to cloud, which offers a big opportunity to raise the standards of some of the technology issues.

Report: Greater Manchester

Beena Puri – Greater Manchester Combined Authority | Dom Eade – BAE Systems | Counsellor. Elise Wilson – Stockport Metropolitan Borough Council | Professor Danny Dresner – University of Manchester

Dom Eade tells us how quickly and well the cyber industry is able to innovate and how innovation is entirely an incremental process, driven by exchanging ideas with other people.

Professor Danny Dresner talks about capturing and driving innovation, how the universities and the European regional development fund are investing 6 million into the region to be able to help SME’s find their ideas and work with academic teams.

Counsellor Elise Wilson gave a brief history on Greater Manchester, how 10 councils were brought together to create Greater Manchester, which brought collaboration and sharing of creative ideas. Greater Manchester has such a vibrate culture offering with a huge potential for the future.

Beena Puri explains how the ability to collaborate and work together as an ecosystem has seen great success in terms of response and the ability to respond at pace. Greater Manchester’s conditions are quite unique based on the diverse sectors coming together, the academia, the SME’s and local government, the diversity drives innovation and collaboration.

Panel: Understanding the changing risk landscape for businesses

Alastair Paterson – Digital Shadows | Sian john MBE – Microsoft | Stephen Wray – Deloitte |Ruth Schofield – Heimdal security

From a risk perspective there has been a huge change in the last year, We saw a shift to remote working overnight, people rolling out VPNs, accelerating their digital transformation programs and pushing onto the cloud more than ever before.

A big spike in attacks on VPNs and the access is being sold, Digital Shadows research reported VPN accounts trading for around £3,000 per account, and attacks on Execs have also gone up due to everyone now being outside the perimeter.

During the earlier days of the pandemic there were a considerable number of attacks on healthcare provers and on research institutes.

Some cyber criminals are going back to basics and looking at traditional ways of attack, like ransomware and phishing attacks. It’s encouraged that organisation don’t forget about the basics.

It was noted that organisations are now becoming more proactive and looking at how they can prevent cyberthreats instead of just detecting and responding.

Interview: Taking a proactive approach to intrinsic security

Sanjay Poonen: VMWARE

Solar Winds was a wake-up call due to the nature of the attack, almost like a terrorist type of attack, very involved and very hard to detect because it’s embedded inside a software supply chain, it requires all of us to combat security in a different way.

The world is becoming one where data collected from a lot of these potential threats allows a system to be smart about detecting possible threats ahead of time.

Even post pandemic we will see hybrid working, in the workplace and also in schools – with video connectivity it will fundamentally change a lot of the way we communicate and work in the future.

The main takeaway from day two is the huge focus necessary for collaboration, working together will bring a huge amount of opportunity and will benefit every one in the grander scheme of things, bringing in new technology to thwart cyber crime and guide everyone into better understanding the cyber security industry.


Day Three: A Cyber-enabled digital future

PANEL: Securing the future, today

Seemant Sehgal – Breadlock | Alan Platt – Cyberhive |Robert Griffin – Miracl | Dr Godfrey Gaston – ECIT

Seemant Sehgal tell us how it’s been a year of forced transformation; businesses had no choice to move to the cloud and progress, but Innovation is still happening and at a pace and the pandemic has just spurred it on.

Robert Griffin said the need for perimeter controls is greater than ever. If we go back to the grass roots essentials – they concentrate on knowing your devices and areas of incoming traffic, if you don’t, you have to act accordingly.

Cloud will be so much more important as we adopt remote working and learning.

Alan Platt explains how fundamentally the biggest problem of human error hasn’t changed and Working From Home is here to stay, even after the pandemic.

Dr Godfrey Gaston mentions one of the biggest challenges is 5G around a hyper connective world, bringing different domains together like wireless, data analytics, AI learning, these domains do come with additional problems but also bring opportunity as everyone comes together to collaborate and work to address problems.

Panel: The next Cyber Unicorn

Kerry Baldwin – IQ Capital | Kirsten Connell – Octopus Ventures | Cat Mcdonald – AlbionVC | Henry Mason – Dawn Capital

Cyber security is a key component, the next decade will see investments in companies looking to go into space and in drones.

Exciting things in security such as human behaviour, the working from home element, end point protection, federated learning, the use of data and sharing data sets – a lot of  synthetic data being used so companies can collaborate and work on the same data.

A rise in cyber products that are a bit softer around AI and black box, and more workflow related productivity features, as well as tools which integrate cyber solutions and the efficiency of these tools.

Advice for people looking for funding/early stage organisations:

  • Find a customer who believes in your product and get them to be your champion – get the early traction, show your evidence to prove others your product works and keep everyone safer.
  • The softer advice would be to reach out to founders who are a couple of chapters ahead of you – get their advice on how they became who they are.
  • Workout what your customers want, cyber is built on trust and creditability.
  • Be clear of your long-term success.
  • Do your homework – reach out early well in advance and get feedback, be generous with your time. Explore and challenge thought leaders.

Interview: Cyber in Space – Securing the next frontier

Rob Meyerson – Delalune Space

We will soon see companies Manufacturing products in space that improve life on earth, such as pharmaceuticals, 3D bio printing – speciality materials for automotive or automotive could be built in space and bought back to earth.

In the next 20 years, humanity is going to start moving into space and in doing so It’ll be a part of our global security and protection plan for preserving earth for the long term for humanity.

In 20-50 years we will see a significant number of people living on lower orbit or on the moon – and economic benefit mining water ice at the poles or other recourses that are in the linear soil that could be used for supporting life on earth or in space.

The next chapter

London is behind only san Fran, Beijing and New York in terms of attracting tech VC investment

The UK Start-up and scale up ecosystem is valued now at £585 billion, more than double the next most valuable eco system.

It is clear that cyber security and start-ups will be the driving force for the economy and needs to be nurtured, protected, and encouraged to realise it’s full potentially.

It’s been an absolute pleasure to be Silver Sponsors of LORCALive, all three days were filled with insightful panel sessions, interviews and workshops from entrepreneurs, investors, government departments, vendors and global tech companies.