Innovation and cyber security

03 January 2018 

Engaging the cyber problem


Traditional cyber security relies on static protection methods. In practice, this means that companies make a best guess of their risks and vulnerabilities, and then try to put in defences based on that best guess. In reality, as soon as they’ve finished building defences against those initial threats, attackers have already moved on and are finding different ways of getting into their businesses.

Static approaches are incredibly archaic: not only do you end up in a situation where your defences don’t match your threat profile, but you’re also either entirely unprotected against those threats, or have totally overspent or both. Budgeting for cyber security is an interesting question for any Chief Information Security Officer: “how much budget should I request for cyber security?” If you have no idea what threats you’re facing, that number is actually pretty arbitrary.

Building a dynamic response system

What if, as an alternative, you could have up- to-date awareness of what your threat level is? With this knowledge, you could tune your defences up and down dynamically - based on real-time information.

The idea is to match your resources spend to the threats that you face. What CyberOwl aims to do is fulfil that paradigm: giving people access to a dynamic, proactive defence.

Broadly, contemporary approaches to cyber security focus on three areas:

  • threat visibility;
  • the deployment (or ‘orchestration’) of measures; and
  • strategy, or how results feed back into visibility and orchestration.

Our work has started with threat visibility.

Most organisations already collect data from their network – but they do not necessarily actively engage with it to draw insights on threats that may be present. CyberOwl offers an early warning system for cyber-attacks through real-time monitoring of high value targets for malicious behaviour. Smart software and algorithms conduct large-scale, real-time analysis of this data and pinpoint potential threats. The system then raises an alarm on the network where possible undesirable activity is identified.

The path to the accelarator

CyberOwl began as a research project at Coventry University, which was spun out to become a start-up. Although this is a recognised path, the reality is that we’re not yet particularly good at that in the UK, especially when compared to the US. The original research was shortlisted for the Lloyds Science of Risk prize in 2015; we spun the business out in 2016, and began work on a prototype where we could test our research and algorithms.

As part of this development, we applied and were accepted onto the GCHQ programme. The requirements were that the technology solved a real cyber security problem, was technologically complex and that it could be of interest to both the UK in general and GCHQ in particular.

The three-month programme was intense. We gained access to their experts to help validate and shape the product, and then Wayra (Telefónica’s start-up accelerator) helped us develop the more commercial side of the business and interact with investors. It was a highly intensive acceleration programme to get us product fit, customer fit, market fit – a big and necessary step in our journey.

 

Smith & Williamson websites use cookies. Find out about cookies here. By continuing to browse this site you are agreeing to our use of cookies.