Purpose: To provide key insights into UK Cyber Security Market
Speaker: Cameron Brown
Event: Unlocking the UK opportunity for Tech (London Tech Week 2022)
Organiser: The UK Launchpad
Summarised by: Haoyue Xue
This blog follows on from The UK Launchpad event at London Tech Week 2022. Cameron Brown, the Director of Cyber Security and Risk Advisory at Deloitte UK, gave his key insights into the perspectives that need to be considered when going into the UK cybersecurity market.
The UK, as a member of Five Eyes, ranks among the leading cybersecurity powers globally, and has a large amount ofgovernment investment and shared tech in this space. The total annual revenue is north of about £9 billion and that represents 1500 firms in the UK. The National Cyber Security Strategy highlights that one of its key objectives and goals is to maintain competitiveness on the world stage through the development of the cybersecurity industry.
With regard to the impact of COVID-19 on cybersecurity, it has changed the way the market responds to challenges because mainly the threat actors behave differently. During this time, the incidence of ransomware has increased significantly and because of this, it has adapted to the main demand for services and products in the market.
Interesting feedback from Brown’s clients has been that they do not want more cybersecurity products and services but more products and services that are secure. There are a number of fledgling services coming into play at the moment. The challenge, however, is that because relationships are based on trust, the risk appetite is often quite low. So for new products and services, the business needs to establish itself with more credentials by working with some providers or buyers in the market who are willing to give testimonials to prove its trustworthiness.
Location is critical to be around support networks, where the business can get access to finance, engage with others in the market, leverage from terms of their customer base, and most importantly surround by talent pools.
The talent shortage has been a real issue. Retaining talent and getting access to talent are challenging. Opportunely, talent is abundant in the UK and there are many of them to draw upon. Such as, many talents rather than going into normal consultancies are now being picked up by tech firms. In addition, there are several fast-track visas for global talents who have got skills joining scale up in startups.
Access to finance is another key piece. The UK tends to favor scale-ups as opposed to startups. Investors prefer established businesses with a track record and proven appetite in the market.
The UK is one of the easiest places to set up a business. The reason for this is that the level of regulation in the UK is somewhat more liberal compared to other parts of the world. As the UK went through Brexit, it is particularly important to be aware of the issues related to data sovereignty as well as managing and understanding the appetite for cross-border data transfers.
The right things to care about are the need, the approach, the benefit, and the competition. Typically, the first mistake is deafness to clients’ needs and feedback, which has been made repeatedly by overly focusing on the approach. So, clientsare enamored in terms of what they are offering and their approaches being world-leading or groundbreaking. They might spend an hour and a half talking about the approach rather than trying to understand the needs of the clients. But listening to what clients need on the market is the key.
The second mistake is trying to compete rather than looking at existing providers in the space tech providers. There is often a niche in the market, partnership with other businesses, providing a force magnify for what they are doing, and getting access to some of their customer base can also take the business forward.
UK’s National Cyber Security Strategy
UK’s national cyber security strategy is to defend, deter and develop. Defend means to defend the UK against evolving cyber threats to respond effectively to incidents. Deter means that the UK aims be a hard target for all forms of aggression in cyberspace. Develop is aimed to have an innovative, growing cyber security industry, underpinned by world-leading scientific research and development. And the UK government wants to commercialize innovation in academia under this strategy.
The most commonly provided cybersecurity products and services are SCADA, ICS, and IoT, which take up approximately 10% of the market. And Endpoint Security Mobile takes about 33%. Threat Intel monitoring detection analysis, which is about 42%, and the bulk of its professional services. So, consideration of where are the most cluttered and where to position is important. The skills gap is around the normal technical areas. Nonetheless, the skills gap is also around soft skills, which means it is outstanding to be an accomplished hacker or to be good at architecture.
Hubs across the UK
There are many hubs across the UK besides London, such as Belfast, Cheltenham, Bristol, etc. As investment is going to scale up, it is unnecessary to choose one specific area.
Learn from Others
There are a bunch of accelerators, such as the London Office for Rapid Cybersecurity Advancement (LORCA), Plexal, Cyber Runway, the London Cyber Innovation Centre, Cyber 39, etc.
UK Government Initiatives
Various government initiatives are unique to the UK research and development as well as tax credits, such as Seed Enterprise Investment Scheme, Enterprise Investment Scheme, Innovation Grants, Patent Box, the Small Business Research Initiative, and Help to Grow Initiative, etc.
Want to know more?
The UK Launchpad is an innovation ecosystem specialising in supporting tech companies looking to enter or raise money in the UK and European markets
If you would like to see if we can help your company: