We asked investors, startups and (ex)GCHQ their thoughts on cyber technology. This is the conversation that followed…

On Wednesday night Founders Factory and Firstminute Capital had the pleasure of hosting some of the most renowned figures in the cyber space to debate and explore the opportunities, barriers and exciting emerging technology within the cyber space. Guests from a variety of backgrounds attended including; Barclays, Atomico, Oxford Academics, Alibaba, KPMG, Partech Ventures and Lombard Odier.

The evening kicked off with a panel discussion by Robert Hannigan (Former Director, GCHQ), Grace Cassy (Co-Founder, CyLon), Ken Pentimonti (Principal, Paladin Group), and Dave Palmer (Co-founder, Darktrace), moderated by Henry Lane-Fox (CEO, Founders Factory). Summaries of the questions can be found below.

What worries you most when it comes to Cyber?

The increasing overlap between Crime and State which itself is enhanced by recent increases in political instability. This itself has been accompanied by an increased number and sophistication of threats, many of which use tools stolen from governments.

What areas within Cyber are people currently tackling in an interesting way?

  1. Insider threat — A huge percentage of data breaches originate from inside an organisation, not necessarily with malicious intentions. Hence, we are seeing an increase in the use of AI, ML and predictive technology to identify such events before they occur. However, there is a clear need for sensitivity here given the risk in predicting events that never occur.
  2. Safe by default — We are seeing a move from widespread permissiveness when installing applications to now empowering the user to be safe by default, allowing them to get on with their day to day job.
  3. Addressing the skills gap — Solutions to identify cyber aptitude in the rest of the workforce and enhance the education piece around this.
  4. Low friction — given the importance of humans in the buying decisions of cyber products, solutions need to be low friction and low error.

Is the most powerful way to cope with data breaches just education rather than complicated tech?

Education is the most critical factor behind big data breaches, with the most serious attacks last year being down to faults in basic practices. An obvious way to reduce such an issue is to train people in their personal lives where individuals have a much stronger interest in preserving security. This will translate into good practices at work, benefiting everyone. Secondly, product builders should aim to make their products as safe as possible for the average user, going back to the point of safe by default.

What are the main barriers to early stage startups breaking through the noise and achieving scale?

  1. Competition — Given the market is now hugely saturated and ripe for consolidation, being heard is a key barrier to gaining scale.
  2. Long enterprise sales cycles
  3. Friction — Cyber technology is often hard to understand for the average individual. Thus, new products need to be easy/quick to implement and adopt to ensure take-up.
  4. Value — startups need to be able to prove value quickly but in an incremental way such that customers remain engaged with the product.
  5. Customers — finding a few cornerstone customers is key to validate to product and prove that it is solving a true pain point.

Which country has best married the private and public sector within Cyber (excluding the UK)?

Israel is an obvious first choice as they have been providing practical support to their private sector for far longer than other countries. One aspect of the support being how they help to reduce the barriers to entry for their startups eg by funding their trade missions abroad. Moreover, they have the huge advantage of national service and being able to syphon off the best talent from here.

A lesser mentioned country doing well in this area is Singapore. Some of their defence appetite is far more advanced than the UK. They have also effectively dealt with many types of attacks we are only just starting to face.

Why are there no seemingly credible cyber insurance startups in the market?

Given the appetite from insurers for a solution here, the lack of notable players is surprising. Nevertheless, this is a quickly growing market and it is just a matter of time before some key players emerge. However, the main barrier that first must be dealt with is ‘how to quantify risk’. In the commercial space it is slightly easier to measure a monetary loss of a cyber attack, however, in the personal space where does one even start? It is likely that startups will first tackle narrow problems and then once more historical data is built up, become broader in focus.

Startup Pitches

We concluded the night with pitches from two startups:


Starting with the data an insurer has about a client, their platform automatically identifies and collects data on their external IT systems and then uses this raw data to produce a unique cyber insurance profile for each insured.


Cybertonica provides a cloud risk intelligence hub to reduce basket drop-off and increase conversion for banks, PSPs and e-merchants.

Thank you to everyone who made it to Founders Factory to debate and discuss cyber technology with us! Particular thanks going to our speakers Robert Hannigan, Grace Cassy, Ken Pentimonti, Dave Palmer, and Henry Lane-Fox.

To keep up to date with further events please subscribe to our newsletter here. We look forward to welcoming everyone back for our next event.