CyberSmart has become an official supplier on G-Cloud 11, a major government procurement framework.
G-Cloud, created in 2014 by the Crown Commercial Service and Government Digital Service, makes government procurement easier, transparent and much more efficient, reducing the usual lengthy procurement processes from weeks/months down to days. It is straightforward and well guided.
After making it through a rigorous tender process, which ensured our products and services fit in with the needs of G-Cloud, we were confirmed as a supplier from July 2019, ensuring cybersecurity compliance and assurance are easily accessible to everyone on the framework.
The framework allows the central government, local authorities, NHS Trusts, Ministry of Defense and other public sector bodies (including agencies and arm’s length bodies) to access a central website and purchase cloud-based services.
With CyberSmart Active Protect in G-Cloud 11, the tools are in place to ensure full cybersecurity compliance and assurance in public sector bodies and meet recognised cybersecurity standards across full organisations.
From ensuring all devices are continuously compliant; to achieving certifications, often on the same day, such as Cyber Essentials, Cyber Essentials Plus or IASME GDPR Ready, the opportunity is now clear and much faster than before.
Jamie Ahktar, CyberSmart’s CEO said: “ Cybersecurity in the public sector is a matter of great concern, so we are happy to be able to provide our innovative platform and products, to support and safeguard key British organisations. Being included in G-Cloud 11 is yet another endorsement of CyberSmart’s platform, and is testament to our already successful and growing relationship with the public sector.”
Can you purchase via G-Cloud 11? See here for government guidance or contact us.
CyberSmart raises £1.3M VC funding to accelerate growth
We are happy to announce, CyberSmart has secured £1.3 million in new financing led by deep-tech investor IQ Capital, after two years in stealth mode. This funding will allow us to further accelerate our rapid growth, build next-generation technical capabilities and secure Britain’s future as a leader in cybersecurity.
CyberSmart’s core mission is to protect and empower SMEs, often the weak link in cybersecurity, but at the same time, the bread and butter of UK business landscape. CyberSmart’s platform and products allow any size SME, with or without technical resources, to protect itself and its staff, easily and affordably. The exciting platform is bringing cybersecurity standards to the masses, with millions of UK SMEs in its sights, a truly scalable cybersecurity solution.
CyberSmart is able to automatically check, fix and certify for Cyber Essentials compliance – a UK government cybersecurity certification. This is recommended by the Information Commissioner’s Office (ICO) and is increasingly required across supply chains in multiple industries.
A Cyber Essentials certification is easily attainable via the CyberSmart platform, reducing the cost and resource typically required to achieve compliance to a matter of hours. SMEs are able to maintain 24/7 compliance across multiple devices, a considerable challenge for most SMEs. The products offers simplicity and scalability to a complex and manual process.
The London-based startup backed by IQ Capital and Seedcamp was founded by Jamie Akhtar and Mariella Thanner in January 2017. It uses cutting-edge technology and data science to assess and address a company’s cyber compliance and vulnerabilities. Designed to offer SMEs an innovative approach to compliance, it is being used by fast-growing (“Thriva, LiveSmart, Receipt Bank”), and more established businesses (“Hitachi, The Supreme Court”) alike.
CyberSmart helps organisations identify weaknesses in their information security practices and develop proactive strategies to address cybersecurity threats, thwarting up to 99.3% of cyber threats.
Commenting on the announcement, Jamie Akhtar, CEO of CyberSmart said: “Having been in stealth mode since 2017,through both GCHQ’s Cyber Accelerator and CyLon, we’re excited to be able to scale our operations and start talking about how we’re helping to protect our nation’s most promising businesses from cyber threats. This funding will enable us to achieve scale, within our home market and invest in enhanced technical capability.”
The fundraise was led by specialist deep-tech VC, IQ Capital. The firm recently raised a $300m fund to continue deploying capital to deep-tech and AI startups, offering unrivalled knowledge and solid strategic advice to its portfolio companies
Kerry Baldwin, Partner at IQ Capital said: “CyberSmart is a superb example of the types of companies that IQ Capital invests in – deep tech startups with the potential for global scale. Cybersecurity is now at the top of the agenda at board-level for all data-rich businesses, however, few have proactive strategies in place to tackle the issue. CyberSmart is backed by the Government to help and certify businesses, and we are excited to be part of their growth journey.”
Commenting on the platform, Sally Blake, Marketing Director at Legal Edge said: “CyberSmart was recommended by our own clients who use the platform. They speak our language and are in tune with the requirements of SMEs. Their platform and processes were clearly explained and easily navigated and their responsive platform enables us to communicate and track our compliance activity. The team are extremely helpful, friendly and knowledgeable supporting you at every step of the journey.”
Founded in 2017 by Jamie Akhtar and Mariella Thanner, CyberSmart was selected, after a rigorous competition, to take part in the first GCHQ accelerator programme. From this, the companies were able to have access to government tenders and work with GCHQ’s international network of partners.
CyberSmart has a bold mission to protect and empower SMEs. In order to do so, we need to provide continuous compliance through the entire organisation. This is no small feat, as today’s organisations have diverse systems and modern ways of working. We are extremely excited to announce the next big step in our journey is now live.
A mobile world
The world has gone mobile, and SMEs are more than ever, relying on their mobile phones and tablets to do business. After all, they are pocket-sized computers, connected to fast mobile networks, with all the applications we need to be productive. The smartphone has allowed us to get the most out of these devices including handling and storing sensitive data, processing payments and communicating with others.
The ability to carry such devices in our pockets is driving growth and efficiency on a scale not seen before, allowing SMEs to do business, anywhere, everywhere. But like any internet connected device, this is leaving users open to mobile security threats.
Every device. Every user. Everywhere.
CyberSmart Active Protect is already protecting thousands of devices for hundreds of organisations in the UK, and now that protection and assurance can be deployed on mobile devices. Our new mobile application brings the best of our desktop app to every device in your organisation, securing every user, wherever they are, so your business can focus on what it does best, with peace of mind.
CyberSmart Active Protect
Active Protect checks mobile devices are configured to the recommended security practices, as per the requirements of Cyber Essentials. It guides users on how to protect the device and themselves. It also supports policy distribution to make sure users comply with their company’s internal policies. As it’s an app instead of a profile, it supports both user-managed and corporate provided devices.
Why does my organisation need the mobile app?
Ensure all devices within the organisation are checked for compliance with Cyber Essentials, preventing potential cyber threats such as mobile spyware and malware.
Guides users through remediation if they need to address any issues.
Real-time information feeds back into the CyberSmart dashboard for a single view of compliance.
Allows users to read and agree on policies on their mobile devices.
What’s next?
The launch of Active Protect is just another step, albeit a very exciting one, in the CyberSmart journey towards our mission. Our team is focusing on rolling out many more advancements across our product range. This includes inspiring and educating SMEs on practices and strategies to combat cyber threats and further simplifying cybersecurity and compliance for organisations.
CyberSmart Active Protect is live in the following stores:
Cyber Essentials has become the fastest-growing information security standard in the world. So there’s no doubt the scheme has been successful. However, the future of Cyber Essentials is uncertain, and this is putting the cybersecurity of UK businesses at risk.
As a member of the first cohort of GCHQ cyber accelerator, the London Office for Rapid Cybersecurity Advancement (LORCA), working closely with NCSC and DCMS, and presenter at CYBERUK, we have had the unparalleled opportunity to draw insights from key stakeholders. After discussions with stakeholders from businesses, industry and government, one thing is clear – there is substantial confusion in the sector. We are in a position to shed light on the challenges and bring clarity to a sector that is shaken and riddled with uncertainty.
It’s important we consider the feedback of all stakeholders so that we can move forward in a concerted effort to ensure the future security of our nation. All stakeholders share the same vision, but with several conflicting perspectives, there is a lack of agreement to how we get there. As it stands, the scheme and it’s success so far is at risk. This uncertainty has led to underinvestment from the sector and confusion amongst the very organisations needing to be assured.
If the foundation isn’t put in place for the scheme, much of the progress will be lost or at worse, reversed. If the right decisions are made, for the right reasons, then the scheme can achieve a level of success beyond anyone’s expectations.
In order to make those decisions, clarity of information and a source of truth is required. Here are the key characteristics that will underline the scheme’s future success.
Scalable
Most information security standards are inherently unscalable – they require physical audits, extensive documentation and manual processes. Cyber Essentials set out to address this with self-attestation at the basic level. This allowed the scheme to scale in its initial phase but it’s still not ready for mass adoption. At the current take-up rate, it will take centuries to secure all the businesses that exist within the UK. A delivery chain is needed for the vast and diverse range of organisations within the country. In particular, current certification bodies and the thousands of managed service providers need to be engaged in order to deliver the assurance scheme to all that need it.
Affordable
Cyber Essentials at its basic level needs to be at a cost that every organisation can afford. That includes the costs of assessing, implementing, certifying and maintaining the standard on an on-going basis. The vast majority of SMEs do not have the ability to implement and maintain the scheme or have the resources to hire dedicated security professionals to assist. There’s also a huge skills shortage of professionals that are best utilised for ensuring the assurance of critical data and infrastructure.
Accessible
The confusion, fear, uncertainty, doubt within the industry means security and compliance are often overwhelming for more organisations. The NCSC website, cohesive guidance and clear language have helped organisations understand what is needed to implement a baseline level of security. The issue remains, it doesn’t help them to implement this. Through the lowering of the technical expertise required to implement and maintain Cyber Essentials, it brings it within reach of many organisations previously inaccessible.
Consistent
For any scheme to succeed, it must be consistent. Any Cyber Essentials certification should be equal to another. There should be a single standard from an authoritative source, and this should be as objective as possible. The challenge is ensuring consistency across the diverse range of approaches to managing information technology that exists. This includes the micro and small business which don’t have an IT team, those that have third-party managed IT, and larger organisations with dedicated IT professionals.
Data-driven
In order to deliver assurance at this level of scale, we need to use digital systems and data. This brings with it the challenges of managing such data and the requirement for Security by Design and assured technology. However, this also provides real-time insights into the adoption, implementation, maintenance and effectiveness of controls. Data brings us closer to the truth and allows us to ensure the scheme is meeting its aims and adapting to the ever-changing landscape.
Assured
The effectiveness of the current scheme is driven by the focus on ensuring appropriate levels of assurance from a small yet comprehensive control set. With the majority of attacks originating from basic factors not being properly implemented or maintained. The assurance is only provided if continuous compliance is in place. In order to this, it needs to be easier to maintain than to fall out of compliance.
The future of Cyber Essentials
Fast forward to 2025, after a concerted effort, the UK is now the world leader in cybersecurity. The country is the safest place to live and do business online. This was achieved by making assurance programs accessible, affordable and scalable. It has been brought to a level that everyone can attain with confidence that there is consistency. Data drives the on-going development of the schemes as they respond to the changing environment. Other countries look towards the UK as a model of how an adaptable scheme can defend and assure a nation.
Looking to improve your cybersecurity but not sure where to begin? Start by getting certified in Cyber Essentials, the UK government scheme that covers all the fundamentals of cyber hygiene.
LiveSmart aims to create a better world through health analysis and behaviour change. With great power comes great responsibility and we put our clients at the centre of everything we do – including protecting them and their data. We collect both personally identifiable data and sensitive data which means our security needs to be well thought out and very tight to protect our users.
Your Experience
What did you do about compliance before?
For the first two years, compliance was pretty relaxed. The main reason we began addressing our compliance was due to a significant client who required certain things to be in place. Additionally, with GDPR coming into play in May this year it highlighted the importance of data security and compliance. It was very much a hard and fast lesson – building the parachute while you are falling off the cliff so to speak – but it was a lesson well learnt and now that we have everything coming into place the team have a good structure to work within.
Why did you choose to use CyberSmart?
We were referred to CyberSmart by a fellow startup and after our CTO spoke with them, we felt like it would be a simple way to implement the compliance we needed to. Plus – CyberSmart… LiveSmart, seemed meant to be?!
Did it deliver on what you were hoping for?
CyberSmart has been better than we hoped. The team are incredibly friendly and helpful, they simplify some very complex issues into manageable components and make compliance much less scary than it is, while not removing the importance behind it.
Your Advice
What one tip would you give to other MedTech startups in terms of compliance?
You need to feel very certain about what is going on with your data very quickly.
Get crystal clear on what processes exist, where the data flows and who you use to process your data. Without this knowledge, you are at risk of data breaches, data loss and coming under scrutiny from your all-important customers.
2017: What a year!
Jamie
As CyberSmart turns 1 year old, we are taking a moment to pause and reflect. This year was huge for us, individually and as a team. We had a vague idea, built a platform, got our first paying customers and closed a Pre-Seed round. At CyberSmart we believe in transparency, not only in regards to data, but also transparency in everything we do, transparency towards our stakeholders and eco-system. Hence, without further ado – here is what happened in 2017 at the CyberSmart HQ in East London.
As CyberSmart turns 1 year old, we are taking a moment to pause and reflect. This year was huge for us, individually and as a team. We had a vague idea, built a platform, got our first paying customers and closed a Pre-Seed round. At CyberSmart we believe in transparency, not only in regards to data, but also transparency in everything we do, transparency towards our stakeholders and eco-system. Hence, without further ado – here is what happened in 2017 at the CyberSmart HQ in East London.
A few months ago we were applying for the GCHQ Cyber Accelerator. Today we have graduated. Full with gratitude, excitement and enthusiasm, we went back to London, continuing building our CyberSmart and our network.
A few months ago we were applying for the GCHQ Cyber Accelerator. Today we have graduated. Full with gratitude, excitement and enthusiasm, we went back to London, continuing building our CyberSmart and our network.
