Information Age has partnered with Tech Nation to help explore 20 of the UK’s leading cyber security scaleups.
Tech Nation Cyber is the UK’s first national scaleup programme for the cyber security sector. It is aimed at ambitious tech companies ready for growth.
In a series of 20 company profiles, we will be introducing you to the cyber security scaleups that make up Tech Nation’s first cyber cohort.
6. Awen Collective
All answers provided by Daniel Lewis, co-founder and CEO of Awen Collective.
What does your company do?
Awen Collective reduces the costs of cyber threat to critical infrastructure and manufacturing by making the whole Digital Forensics & Incident Response lifecycle more efficient through software and automation.
Top tips for protecting crucial data in the manufacturing industry
How do you differentiate from your competitors?
Within cyber-security we specialise in Operational Technologies, rather than IT – in other words we are experts in cyber-security of the systems that you find in factories and utility companies.
Within vulnerability assessments we differ from many of our competitors in that we approach problems with a digital forensics perspective, rather than an intrusion detection perspective.
Within digital forensics we focus on complex network forensics rather than single digital device forensics, this better reflects the nature of industry.
The Awen Collective team has many years experience in digital forensics, information security, industrial control systems, software engineering and data science – and we embed this experience within our software and automation techniques.
What are the common challenges in the cyber security space?
The frequency and complexity of cyber-attacks to our critical infrastructure is very scary. These attacks extend to other industrial sectors too, such as manufacturing. This is worrying, because it not only effects the businesses that have been attacked, but supply chains and society in general.
Another area of concern is the security of IoT, and this could be IoT in the home, business or Industry (where it is called Industrial IoT or IIoT). Many devices are cheap, with low levels of security in order to simplify setup. However, these devices are causing vulnerabilities in the network, leading to issues with privacy and general cyber-physical security and safety.
Hand in hand: cyber security and industry 4.0
What are the biggest mistakes a company can make regarding security?
Not looking at the human element of cyber security. Many security vulnerabilities are caused by internal threat, either malicious internal actors or accidental. Proper training and support is required for all staff within a business, and more cyber-security awareness in the public is required.
From an industrial perspective the convergence of IT systems and Operational Technologies (OT) naturally leads to contemporary technologies being connected with legacy technologies. This unfortunately exposes any vulnerable devices to potential attacks, these vulnerabilities are mostly due to either outdated firmware or misconfigured security settings and systems.
Provide your best practice advice/top tip for effective cyber security?
Ensure that security is set-up to be effective for you and your business, and make sure passwords are complex but memorable.
What’s next?
We are concerned about the unknown/unplanned cyber threats to smart buildings, smart factories and smart cities. We’ve heard about attacks to critical infrastructure, it is only a matter of time before a coordinated cyber attack on a number of facilities leads to a severe disruption to communities.
Awen Collective are working very hard to ensure that industrial organisations are aware of their vulnerabilities and can plan an appropriate response, and a full and detailed investigation can occur.
We are starting with the UK and Europe, and plan to take our solution to the rest of the world. We feel that we have (ever-improving) solutions to a continued global problem.
Awen Collective is part of Tech Nation Cyber — the UK’s first national scaleup programme for the cyber security sector. It is aimed at ambitious tech companies ready for growth.