DEVELOPING THE UK’S CYBER SECURITY ECOSYSTEM THROUGH ACCELERATING INNOVATIVE START-UPS

The GCHQ Cyber Accelerator is a collaboration between the UK Government Department for Culture, Media and Sport (DCMS), the Government Communications Headquarters (GCHQ) and Wayra UK, part of Telefónica Open Future_.

The first step in the development of two world-leading innovation centres as part of the Government’s £1.9bn National Cyber Security Programme, it will drive innovation in the cyber security sector and help keep British businesses and consumers safe from online attacks and threats.

Successful applicants will gain access to GCHQ’s world-class personnel and technological expertise to allow them to expand capability, improve ideas and devise cutting-edge products to outpace current and emerging threats.

The partnership will help teams develop their businesses and secure the investment needed to take their companies to the next level. A roster of best-in-class coaches and mentors from GCHQ and the wider Telefónica Group – including O2 and ElevenPaths – will provide support. Start-ups will also receive a financial grant, and access to work space.

Our challenge to the start-up community

We are looking for companies who are using novel techniques to solve real problems, and whose products could be applied in a cyber security context – for anyone from individuals at home to the world’s biggest companies. We also want next-generation solutions that are faster, better and cheaper than existing products. However, they must solve a known problem – we are not looking for research proposals, but ideas that make a difference now.
Data

Develop next generation data mining tools based on behavioural analytics, mathematical modelling or other techniques.

The tools should enable the analysis of network activity to detect, monitor, investigate and respond to cyber attacks, including tracing their origin and determining the tools and methods used to enact them. They should provide simple visual representations that operate over entire networks, allowing people to rapidly and interactively perform investigations, share knowledge gained, and work with others in the community.

The topic includes generic approaches to the study of and detection of malware or other indicators of compromise, as well as mechanisms to predict attacks.

1. Enterprise data discovery:

A big challenge in securing a large organisation is keeping track of where sensitive information actually is, against where the user thinks it is. This may be because of inadvertent data replication of data, or by users taking copies of data, or starting to use new processes and solutions outside of the visibility of the enterprise. Tooling to help an organisation discover exactly where its data is, and the information and services that it relies upon, is valuable in helping to prioritising focus, and also to identify compliance issues in regulated sectors.

2. Audit and monitoring:

Not ‘total cyber awareness’ but some simple straightforward tools/techniques and capabilities to make it easy to monitor the network of systems. Today, most people pipe the logs to disk and only review them post-incident. Tooling that makes use of enterprise audit and monitoring to make improvement – eg spotting system crashes and working how many lost business hours there are – is of interest.

3. Tools that allow import transformation and verification:

Existing solutions tend to consider cross-domain technology as meeting a high-assurance need. We are interested in similar capabilities, but developed with more of a commodity threat model in mind.

4. Beyond anti-virus:

Anti-virus companies are well-versed in identifying cyber attacks and iterate their response as attacks evolve. Cutting-edge, disruptive techniques that would identify attacks are of interest, especially those that can anticipate early stages of process – preparation, information gathering, reconnaissance, and build-up. An attacker will generally assemble an infrastructure and utilise a number of methods to anonymise themselves. Next-generation tools to help characterise this are also welcome.

5. Data processing:

As with detection methods, there are numerous mature products in existence. We are interested in innovative, simplified, more efficient ways to stream, store, mine, and visualise heterogeneous network data, while retaining necessary security policy and auditing requirements, to enable the greatest capacity of analysts. This could include the automation of routine procedures around data landing, linkage, sematic assignment, formatting, identity resolution, aggregated feature construction, imputation, and interpretation of missing data, anomaly detection and correction.
People

Develop tools to make it easy for anyone to be secure online, whilst minimising opportunities for cyber attackers.

This could include ways to assist software developers and network designers to produce highly secure solutions even when re-using the work of others, or to improve the take-up of Cyber Essentials.

Mechanisms to reduce the effectiveness of attackers with significant resources are also welcome, as are tools that will reduce the risk that people face from the aggregation of all of their internet activity.

1. Improved take up of Cyber Essentials:

We would like to see many more small companies meeting the Cyber Essentials benchmark. Any tools that can assist in this regard would be of interest. We want companies both to achieve Cyber Essentials, but also to maintain their security posture so, for example, automated vulnerability assessment may also feature here. As the objective relates to small companies, a low-cost solution is preferable.

2. Identifying ‘the good’:

Tools that have a capability to ’learn’ what normal looks like (noting and accommodating the fact that the norm is not always the good) in terms of system/user access to sensitive sets of data in order to allow system owners to produce profiles (or other artefacts) from which anomalous behaviour can be identified and acted upon. Related to this, an ability to profile user behaviour would assist us in awareness campaigns and to highlight areas where greater awareness may be necessary (or where no intervention is required).

3. Making it easier to be secure:

Tools that enable mobile phone users to be aware of and manage the activities and privileges of the apps they run are of interest, as are those that enable users to more easily use white/black lists for apps. In addition, tools that make it easier for app users to manage the risks they face when they click “yes” to highly complex and voluminous terms and conditions, or how much identity and other information they are giving away, would be of value. Low-cost solutions are preferred.
Technology

Develop new tools and prototypes that enhance or enable security on existing devices, including those containing potentially insecure third-party applications.

Solutions might include mechanisms that enable the use of Cloud technology for highly secure data storage or processing.

They may also include tools that reliably automate resource intensive or complex processes.

1. Managing third-party dependencies:

Organisations developing software solutions often end up incorporating third-party components, either knowingly or unknowingly. These introduce a security challenge – as the dependencies are patched, these updates need to be assessed and incorporated into the main solution, or security problems can be exposed. But doing this reliably and knowing that good coverage has been achieved is difficult. Tooling to provide confidence in this respect is of interest.

2. Cloud service attack surface identification:

A big challenge in securely using cloud services is that it can be really hard to keep things in a well-understood state, particularly as more and more services are available at a free entry level. Something to help risk owners understand what they’ve actually got, how it is configured, how services are communicating / sharing data in the cloud, and where points of interest might be would be of value.

3. Tools and Techniques that improve the adoption of Hardware Security Technology:

People find it very hard to generate and remember different and complex passwords required for every Service. They also find it tiresome to enter them manually. We are looking for novel approaches that make it easy for the normal person to adopt highly secure practices; New generic Authentication & Trust solutions, easy to use for all devices/services, for example, or tools to enable continuous verification of a user as they use their devices.

WHAT WE OFFER

If you’re developing an innovative solution that meets the challenges outlined, the GCHQ Cyber Accelerator is the place to make it grow.

Access to GCHQ and Telefónica cyber experts

Mentoring from the country’s leading cyber experts

Extensive acceleration services

Access to Wayra UK’s network and knowhow, and training in entrepreneurship and business skills

£5,000 Wayra grant

Financial assistance throughout the programme

Our investor network

Wayra’s investor network will help businesses scale

Access to a dedicated accelerator facility

Access to state-of-the-art, modern facility for start-ups

Telefónica business development

Access to Telefónica’s network of 300m customers across 17 countries

FAQS

What is the GCHQ Cyber Accelerator?

The GCHQ Cyber Accelerator is a collaboration between the UK Government Department for Culture, Media and Sport (DCMS), the Government Communications Headquarters (GCHQ) and Wayra UK, part of Telefónica Open Future_.

The first step in the development of two world-leading innovation centres as part of the Government’s £1.9bn National Cyber Security Programme, it will drive innovation in the cyber security sector and help keep British businesses and consumers safe from online attacks and threats.

Successful applicants will gain access to GCHQ’s world-class personnel and technological expertise to allow them to expand capability, improve ideas and devise cutting-edge products to outpace current and emerging threats.

The partnership will help teams develop their businesses and secure the investment needed to take their companies to the next level.

A roster of best-in-class coaches and mentors from GCHQ and the wider Telefónica Group – including O2 and ElevenPaths – will provide support. Start-ups will also receive a financial grant, and access to work space.

Why is GCHQ running an Accelerator?

The accelerator is a key component of one of two cyber innovation centres announced by the Government in 2015.

Both innovation centres are intended to support the growth and development of the next generation of cyber security companies. This is intended to support the development of new and innovative companies in cyber security, growing capacity and capability nationally, supporting GCHQ’s core activity as well as contributing to Government ambitions to promote prosperity.

Is the Accelerator open to everyone?

Wayra UK ran an open competition to select the companies and any UK-registered company was able to apply. The companies must have a presence in the UK. Staff working in the accelerator must be willing to submit to government security clearance if required.

Are there any restrictions on the nationality of the founders who can apply?

No – but all founders must be willing to submit to government security clearance if required.

All of the companies have been selected through a rigorous competition and have been subjected to appropriate background checks.

What sort of start-ups are of interest?

We’re looking for mature start-ups that can demonstrate, through evidence, early-stage post product/market fit. Revenue-generating businesses and those with a client base are desirable.

A key aspect of the recruitment process is a challenge list of real-world cyber security problems. We are most interested in those companies developing products and solutions aligned to those problems.

Does this mean the companies will be producing products solely for GCHQ?

No. Those companies entering the accelerator will be developing products and solutions for wider commercial distribution.

Will companies be required to licence or transfer any of their Intellectual Property to GCHQ or Wayra?

No. By participating in the programme companies do not give away any rights to their IP whatsoever.

Will GCHQ and/or Wayra UK be taking equity?

Wayra will not take equity in companies as part the Cyber Accelerator programme. It is possible that Wayra may seek to invest separately, for example if a company subsequently enters the main Wayra UK acceleration programme.

Will investment be offered to the start-ups?

GCHQ will not be investing in the start-ups. Wayra will provide a £5,000 grant and leverage its venture capital network and other third-party investment opportunities. There may also be opportunities for follow-on contracts with GCHQ (handled through established procurement processes) and with Telefónica, parent company of Wayra.

When will the programme begin and what is its duration?

The programme began in January 2017. The duration of the programme will be three months.

Are teams expected to be in the accelerator throughout the time of the programme?

A senior decision-maker from the company must be present in the office for at least three days per week – from Tuesday to Thursday – to take full advantage of the opportunities on offer.

Will the three-month programme be extended?

A decision will be made at the end of the initial three-month programme.

What will be available within the accelerator facility?

The facilities available will be consistent with the government’s aspiration of giving the start-ups the best possible support and includes a physical space from which to operate from, high-quality IT, and a range of expert business and technical support.

This includes access to GCHQ and Telefónica cyber experts; access to Wayra UK’s network of investors, coaches and mentors, and training in entrepreneurship and business; a £5,000 Wayra grant; access to Telefónica’s network of 300m customers across 17 countries; and insights to government procurement processes, IP management, export controls and information assurance architecture.

For selected products, there will be an opportunity to gain fast-track cyber product assessment and to pitch products and services to select government departments, including the MoD. GCHQ will also offer direct access to its range of national and international commercial partners across the cyber security sector.

What happens after the programme ends?

Wayra UK has an active alumni community, who return each month to provide updates and take full advantage of the networking opportunities available at many of Wayra’s events. They too utilise the academy in Central London to run their own events and hold meetings.

What will GCHQ offer after the programme in terms of support?

This will depend on the individual companies, but may include contractual relationships, invitation for deeper research opportunities and partnerships with existing major suppliers.

How long will the partnership run for?

At present, the partnership is intended to last for three months, but will be reviewed at the end of this initial period.

Who will this programme benefit?

Primarily, this programme, part of the broader government initiative around cyber growth, will benefit start-ups looking to grow into strong national and international companies. The products and services these innovative companies develop will benefit government, industry and citizens alike through the ability to work safely on the internet, promoting e-commerce and protecting vital Intellectual Property. GCHQ will benefit through working collaboratively with these new companies in furthering its cyber security aims as defined by the government.

How was Wayra selected?

A procurement competition, run in accordance with normal GCHQ procurement procedure, considered a number of high-quality submissions, with Wayra being the eventual winner.

Who is Wayra?

Wayra UK is part of Telefónica Open Future_, the open programme that integrates the different initiatives of the whole Telefónica Group related to entrepreneurship and innovation.

Wayra UK gives direct funding, acceleration and pre-acceleration services (such as co-working space, connectivity services, mentoring, access to Wayra UK’s network and knowhow, training in entrepreneurship and business skills) to selected start-ups. Since 2012, Wayra UK start-ups have raised over $110m in third-party investment.

Why is Wayra UK suited to help GCHQ?

As well as being part of Telefónica Open Future_ – the world-leading accelerator programme, which has 11 academies in 10 countries, and is part of the wider Telefónica network – Wayra UK has partnerships with major corporates including pharmaceutical company Merck Sharpe & Dohme (MSD) and fashion retailer ASOS. As a result, Wayra UK is especially well placed to work with start-ups to help them understand the challenges faced by larger corporate and government entities, and how to work with them successfully.

REGISTER YOUR INTEREST