How UK Government Policy and Regulation Ensure Cybersecurity Investment Continues To Thrive

The largest financial institutions are entering the global cybersecurity market and as with so much in the technology sector, most of these transactions are taking place in the US. When it comes to cybersecurity, the concentration of capital is extreme, with the UK making up just six percent of overall venture capital compared to 69% in the US, according to CB Insights.

That said, the UK stands in a respectable third place behind Israel and far ahead of all other European counties. It is also poised to accelerate its in-country and global cybersecurity investments and leadership. 
Cybersecurity is becoming an important engine for the creation of British jobs and is a strategically important sector for the country’s defense. According to data cited in a recently published government cybersecurity strategy paper, the size of UK cybersecurity exports alone is expected to rise from £750 million in 2017 to £2.6 billion by 2021. 
There are a number of reasons why the UK leads in cybersecurity. Some are historic including Britain’s expertise in espionage during the world wars and the county’s continued investment in defence. Employees who cut their teeth at BAE Systems for example have helped to spawn a number of exciting cybersecurity companies including Panaseer and Quantexa. Also, the country’s role as an international center for both research and finance ensures that the best researchers, entrepreneurs and financiers continue to call the UK their home. 
That said, British cybersecurity is still in a developmental stage and requires public policy support and coordination by the government. 
Firstly, government must take up the role of the broker ensuring strong links between various government/public sector institutions and their counterparts in the private sector. Nowhere is this more imperative than in cybersecurity where technology from within government and GCHQ mingles with commercial sector ingenuity and agility to create exciting new start-ups.
Secondly, international cooperation between the UK and its allies, notably the US, ‘Five Eyes’ and the EU are vital to the success of a viable defense strategy. Because cyber threats are global, relationships with such US agencies as the National Security Agency and US Cyber Command as well as with their European counterparts such as Interpol allow an interchange of ideas, technologies and actions that further the leadership of the UK in cyber. 
Finally, the government must continuously ensure that the road to innovation remains a smooth path for entrepreneurs and academicians by fixing the potholes along the way, notably areas where the markets fail. 
The innovation pathway – funding and support requirements
The earliest stages of innovation – core research - are the most difficult to reach through the commercial sector alone. Direct government funding of the education sector coordinated by the newly formed UKRI and institutions such as Innovate UK produce world beating core research in underlying technologies such as artificial intelligence and quantum computing.
Further down the innovation path, programs like the Knowledge Transfer Network and the recently announced London Cyber Innovation Centre which will based at the Queen Elizabeth Olympic Park in Stratford serve a bridge function by supporting researchers helping to migrate their ideas out of academia and into the commercial sector. 
These organizations feed the cornucopia of incubators and accelerators that provide the entrepreneur with access to skills and mentorship in order to develop a fully-fledged business plan and go-to-market strategy along with funding to establish a company and begin hiring employees. 
The last step of the journey before entrepreneurs can reach scale is perhaps the weakest and where government needs to focus its attention: the UK still lacks a vibrant market for seed and A round financing. Before a company can demonstrate commercial traction, it needs a slug of capital, usually between 500k GBP and 5.0 million GBP to be able to demonstrate a viable and repeatable business case.

There is still insufficient funding for companies who have created their ‘Minimally Viable Product’ but may not yet have sufficient repeatable traction to be able to attract the larger venture capitalists. 
One solution is the creation of a pool of capital not unlike the Green Bank (now part of Macquarie Bank). The skills required to effectively invest capital into early stage companies in such a way to create a multiplier effect is sufficiently unlike the role of most of the public sector that it is perhaps better served with an indirect method, notably through other funds or through tax incentives.

The latter strategy is already a well-supported through initiative such as the Enterprise Investment Funds and similar other schemes. 
An indirect approach would see public money apportioned to established or new funds to grow the availability of capital to innovative companies that cannot yet demonstrate commercial traction. 
As important as the capital itself, is the ability of the fund manager to be able to mentor the entrepreneur and add value to the company by finding government and commercial markets around the globe.

Perhaps the greatest resource that needs to be developed over the next decade is the next generation of experienced cybersecurity investors who will in turn guide the growth of Britain’s next cybersecurity leaders.

What’s Hot on Infosecurity Magazine?