GCHQ Is Investing In Cybersecurity Start-Ups

The UK's intelligence agency GCHQ is backing a new hub for tech start-ups in a rare glimpse into its approach to cybersecurity.

Among the companies is a firm using artificial intelligence to monitor workplace behaviour and another, running decoy computers to fool hackers.

They will have access to staff at the UK's most secretive agency and help bolster the country's online security. The hub is in Cheltenham, but not inside GCHQ's doughnut-shaped complex (pictured).

The tie-ups could be a "twin-edged sword" for the agency, said Prof Anthony Glees, the director of the Buckingham University Centre for Security and Intelligence Studies.

"On the one hand the people at GCHQ work very hard to keep us safe from terrorists and increasingly, you hope, from hackers," he said. Working with the private sector brought in new ideas, but "the other edge of the sword" was that it also came with security risks.

Rigorous Competition

Although GCHQ had long worked with outside contractors, it would need to manage the risks of other firms having access to its staff and resources, he added.

A spokesman for the GCHQ Cyber Accelerator, which launched recently, suggested the agency was aware of the risks. "All of the companies have been selected through a rigorous competition and have been subjected to appropriate background checks," he said.

The centre, which is in partnership with the government and telecoms firm Telefonica, also aims to boost the UK's £22bn cybersecurity sector.

"What GCHQ and the government recognise is that it's no longer just the big companies where you will find innovative ideas on cybersecurity," said Prof Alan Woodward, a cybersecurity expert at the University of Surrey.

Gloucester has long been a hub for defence contractors working with GCHQ, but the accelerator and the new National Cyber Security Centre are designed to attract new businesses to Cheltenham, he said.

The start-ups will be given a £5,000 grant each, access to government tenders and can work with GCHQ's network of international partners.

The seven chosen startups are:

CounterCraft: a counter-intelligence company that protects large organisations with a cybersecurity deception platform by fooling their adversaries with decoy computers, false data and fake identities.

Cyberowl, an early-warning system for cyber-attacks, which uses advanced security analytics.

FutureScaper, an intelligence platform to help visualise complex issues.

StatusToday, building artificial intelligence that attempts to understand human behaviour

Spherical Defence, which uses deep learning to detect banking intrusions.

Cybersmart, which automates compliance with cybersecurity standards.

Verimuchme, a digital wallet used to secure and verify personal information.

For cynics, there will be raised eyebrows at the involvement of GCHQ in the development of startups. In recent years the agency has had questionable techniques exposed by whistleblower Edward Snowden and been ruled to have unlawfully collected private data for 10 years.

Although, the National Cyber Security Centre is attempting to change any of the agency's negative perceptions by collaborating with others.

BBC:         Wired:         Cybersecurity Start-Ups Working With GCHQ:  

 

 

« Hologram Technology Is Finding Military Users
Yahoo Spins A Cautionary Tale Dealing With Data Privacy »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Certification Europe

Certification Europe

Certification Europe is an accredited certification body which provides ISO management system certification, including ISO 27001, to organisations globally.

IntSights

IntSights

IntSights is an intelligence driven security provider offering rapid, accurate cyberthreat intelligence and incident mitigation in real time

SAS Institute

SAS Institute

SAS is a leader in business analytics software and services providing solutions for a wide range of critical business areas including risk management, compliance and fraud prevention.

Tecnalia Research & Innovation

Tecnalia Research & Innovation

Tecnalia is the largest center of applied research and technological development in Spain, a benchmark in Europe and a member of the Basque Research and Technology Alliance.

Civic Technologies

Civic Technologies

Civic’s Secure Identity Platform (SIP) uses a verified identity for multi-factor authentication on web and mobile apps without the need for usernames or passwords.

Startup Wise Guys

Startup Wise Guys

Startup Wise Guys is a mentorship-driven accelerator program for early stage B2B SaaS, Fintech, Cybersecurity & Defense AI startups.

Banshie

Banshie

Banshie is an independent cyber security company with a small team of recognized specialist that are among the best in their field.

GreyNoise Intelligence

GreyNoise Intelligence

GreyNoise Intelligence is a cyber security company that collects, labels, and analyzes Internet-wide scan and attack data.

Prodera Group

Prodera Group

Prodera Group is a specialist technology consulting partner trusted to help navigate the complex and dynamic lifecycle of change and transformation.

Riskaware

Riskaware

CyberAware, by Riskaware, provides business-critical cyber attack analysis and impact assessments using NIST standards aligned with NCSC guidance.

OX Security

OX Security

OX is a DevOps software supply chain security solution. Teams can verify the integrity and security of every artifact using a pipeline bill of materials (PBOM).

Verisign

Verisign

Verisign is a Global Leader in Domain Names & Internet Security, providing protection for websites and enterprises around the world.

Cyber Capital Partners

Cyber Capital Partners

Cyber Capital Partners build strategic and financial partnerships with small and mid-sized cybersecurity companies in highly regulated markets.

c0c0n

c0c0n

c0c0n is the longest running conferences in the area of Information Security and Hacking, in India.

QANplatform

QANplatform

QANplatform is a Quantum-resistant hybrid blockchain platform.

Miggo Security

Miggo Security

Miggo is the first Application Detection and Response (ADR) platform on a mission to stop application breaches.