Information Age has partnered with Tech Nation to help explore 20 of the UK’s leading cyber security scaleups.
Tech Nation Cyber is the UK’s first national scaleup programme for the cyber security sector. It is aimed at ambitious tech companies ready for growth.
In a series of 20 company profiles, we will be introducing you to the cyber security scaleups that make up Tech Nation’s first cyber cohort.
13. Assuria
All answers provided by Terry Pudwell, CEO and co-founder at Assuria.
What does your company do?
From its offices on the campus of Reading University, Assuria develops and markets a government grade portfolio of cyber security monitoring and defence software solutions and managed services to a world customer base. Government and commercial client organisations in the US, UK, Europe, Middle East, Africa, Japan and Hong Kong use Assuria solutions. Our new SOC (Security Operation Centre) platform allows our selected partner companies to deliver cyber security managed services to their clients at the lowest possible cost. A number of partner SOC operations like these are now operational in the UK and new ones are being established in new regions, including Germany, Nigeria, Senegal, Singapore and Australia, with more to follow.
How do you differentiate to your competitors?
Amongst the industry acknowledged providers of proven, trusted and enterprise grade essential cyber security monitoring technologies (especially SIEM technology), Assuria is the only provider that is UK owned and domiciled. Our customers are global, but our IP is entirely developed in the UK. We work within strong professional and ethical standards and trust is our mantra; we don’t go for hype and under delivery. What we say we can do is what we can do. We are independent of Government influence. Ongoing development of our solutions is entirely driven by what our customers need from us, rather than by what we would like to sell them. As a private company, our cost base is hugely lower than our (mostly US) competitors and our primary focus is on generating sufficient revenues to re-invest in our technologies and into our staff, rather than to provide huge financial gains for our investors and to deflect pressure from stock markets and industry analysts.
What are the common challenges in the cyber security space?
Education about the the real threat of cyber security attacks to mid market companies (i.e. everything other than Governments and big enterprises, which have traditionally invested in cyber security defences) has been a serious challenge over the past few years. But, this has dramatically reduced in the past 12 to 18 months, driven partly by new, much more powerful data protection laws and ever increasing incidents. If anything now, the challenge is in rising above the noise created by hundreds of new entrants into what is now a ‘hot’ industry, when in reality many of these new entrants have little to offer.
What are the biggest mistakes a company can make regarding security?
Apart from not believing there is not a threat at all (much less common these days), I would say; (1) believing too much of the hype, (2) turning to the big multinational cyber security players for help, as they’ll almost certainly ‘sell’ you a lot more than is needed and also will lock you technologically into their eco-system, (3) not undertake careful risk assessment exercises with some help from experienced practitioners, prior to investing in cyber security defences.
Cyber security best practice: Definition, diversity, training, responsibility and technology
Provide your best practice advice/top tip for effective cyber security?
In a nutshell, (1) work out what what you are trying to protect and where that is within your business/infrastructure, (2) assess the likely costs/results if compromise were to happen and decide what you would be happy to spend to prevent compromise, (3) invest in monitoring technology/services to start understanding and recording everything that is happening within and without your organisation, (4) design and implement a plan to build appropriate levels of defence, (5) rapidly educate all employees about the risks and what is required of them in terms of of ‘good security practice’.
What’s next?
We’re establishing a global network of partnerships with excellent local companies and equipping them with the tools to deliver enterprise grade cyber security monitoring and defence services and solutions.