GCHQ's latest startup picks aim at small business security

UK intelligence agency picks the next set of companies to go through its startup accelerator programme.

The UK's intelligence agency GCHQ has unveiled the latest participants set to take part in its startup accelerator -- and this set has a strong focus on helping small businesses and consumers improve their online security.

Now in its third wave, the Cyber Accelerator programme is run by GCHQ's National Cyber Security Centre (NCSC) and provides the selected startups with the opportunity to work alongside some of the UK's top intelligence experts over the course of nine months.

It also offers the companies access to business experts who provide advice on how to expand and scale-up their business. The six firms involved in the 2018 to 2019 intake also receive a £25,000 grant.

The two previous GCHQ accelerator programmes had a strong focus on enterprise security but this year, in line with the NCSC's goal of making the UK the safest place to live and work online, there's a group of startups offering security solutions to home and SME users.

"We wanted the third year to have a new focus on the citizen, that's what the government has set us up to do," Ciaran Martin, CEO of the NCSC told ZDNet.

"We do think that part of what success looks like for us is a better educated citizenry who know where to find decent advice. But part of that is how the internet is is fundamentally designed not to do security well and internet and devices are designed to make it hard to do security and we're trying to change that."

SEE: The secret to being a great spy agency in the 21st century: Incubating startups TechRepublic

The six companies showcased at NCSC's London HQ and selected to take part in the latest GCHQ cyber accelerator are:

  • Haandle: A company that offers a box to plug into your home router to restrict devices from accessing the internet according to time-based rules. The device is primarily aimed at parents who want to manage their children's access.
  • Barac Ltd: A company that has developed the technology to detect cyber attacks on normal and encrypted traffic in real time.
  • IHackLabs: A firm that offers what they describe as a pragmatic approach to cybersecurity training to develop cybersecurity talent.
  • Configured Things: A Bristol-based firm that provides three key components to build digital transformation on top of available automation and virtualisation platforms to offer greater control over security risks
  • LuJam: A company that offers enterprise-grade protection to SMEs, supply chains, home workers and charities that aim to be easy for a business owner or manager to use, without having to be an IT specialist.
  • Nettoken: Software that helps users find and keep track of every online account or subscription they're signed up to in one place. It also provides information on accounts and their related activity, which can be managed in one place.

"Each cohort has only gotten better and better with entrepreneurs applying from all over the world, including the US and Israel," said Gary Stewart, director at Wayra UK, a Telifonica operated startup operator that helps run the scheme.

The scheme is run by the NCSC, Department for Digital, Culture, Media and Sport, GCHQ and Wayra UK, part of Telefónica Open Future, and saw over 200 firms apply to be a part of the latest intake.

"We look at it in terms of will it solve a problem, will it help people do security more easily?," said Chris Ensor, deputy director of cyber skills and growth at the NCSC.

"We won't necessarily look at how good the company is, because that's not our strength -- our strength is in the technology and security side. That's where Wayra come in because they can see it from a different perspective".

The GCHQ accelerator first ran in 2017 and companies involved in the first two iterations have gone on to secure over £20m in funding and 15 contracts with organisations worth over £3m.

SEE: Defending against cyberwar: How the cybersecurity elite are working to prevent a digital apocalypse

One of those was Trust Elevate, which builds a security solution designed to solve the challenges around age-checking challenges faced by businesses that serve children and young people. Its founder, Rachel O'Connell, said being part of the programme had opened doors and "was just an extraordinary opportunity".

Like the previous incarnations of the accelerator, it isn't all about boosting the startups -- the scheme is also designed to go both ways and encourage GCHQ staff to witness a new, perhaps more innovative way of working.

"Yes we're trying to fix real problems, yes we want them to become great companies, but we also want to change some of the behaviours around how our staff work and how our staff work around agile companies," said Ensor.

Ultimately, what the scheme is attempting to do is make it harder for criminals to commit crimes online -- and it could be ideas from the startups, ideas GCHQ may not have thought of on its own, that helps to make life for cyber criminals that little bit harder.

"We don't have to completely defeat cyber crime -- we never will. We just need to think about things which make it such a pain for them they're not going to get in so easily and when they're in -- as they will get in from time to time -- they won't have a field day like they used to," said Martin.

"They'll have to go somewhere else, or spend more money and it'll get less attractive. That's the ecosystem we're trying to build here," he added.

READ MORE ON CYBER SECURITY