Five companies join NCSC for Startups to deal with ransomware

The UK’s National Cyber Security Centre (NCSC) has chosen five startups to help address the persistent threat of ransomware attacks.

In response to a global wave of increasingly frequent and sophisticated ransomware attacks throughout 2021, the NCSC and startup incubator Plexal put out a call to the private sector in January 2022 for companies working on new ideas and technologies to take part in their joint NCSC for Startups initiative.

The NCSC – which is part of UK signals intelligence agency GCHQ – said at the time it was keen to hear from startups that: think they can provide more accessible and low-cost forms of protection and mitigation; are working on secure backups or other technologies that can minimise the impact of a ransomware attack, should one occur; and have developed technology that addresses the risks posed by remote desktop protocol (RDP), in support of remote workers.

Another aim of the accelerator is to develop tech that can be used by SMEs and organisations with fewer resources to protect themselves.

In joining the initiative, the five selected startups will be able to develop, adapt and pilot technologies to help address the threat of ransomware, which the government described as “the most significant cyber threat facing the UK” in its National Cyber Strategy, published in February.

As well as workshops on marketing, funding and business development, the startups will also get access to technical experts and incident response teams from within the NCSC.

The startups include Cyntegra, which is working on tech to help organisations recover operations following a ransomware or other cyber attack; Goldilock, which is developing physical hardware to create an air gap between on and offline systems, in turn isolating assets and networks from the internet; and Vault Sentinel, which aims to help clients minimise operational down time and reduce their cyber attack recovery from weeks to days.

The other startups are Validato, a security controls validation platform that simulates threat scenarios to help companies test their defences, and SOS Intelligence, which is working on an automation technology that collects pre-selected keywords from organisations and then scans the dark web, ingesting threat data and looking for mentions of those keywords in Telegram channels or forums.

“Ransomware remains the biggest cyber threat to UK organisations, and tackling it requires a collective effort,” said Chris Ensor, deputy director for cyber growth at the NCSC.

“The five companies selected to join the NCSC for Startups initiative offer various innovative approaches to dealing with ransomware – we look forward to working with them and ultimately further boosting the UK’s cyber security.”

Saj Huq, chief commercial officer at Plexal, added: “The opportunity for innovative and novel ways to address ransomware can often be overlooked. The startups selected to meet this challenge will experience a unique collaboration opportunity with Plexal and the NCSC, gaining critical insights and developing solutions to enhance the resilience of society in the face of unprecedented digital risks and increasingly motivated threat actors.”

The NCSC for Startups initiative is also supported by Deloitte, Cheltenham-based cyber networking firm CyNam, tech skills provider QA and Cheltenham-based co-working space Hub8. The initiative itself is also run from Cheltenham, where GCHQ is based.

Steve Barclay, lead minister on cyber and chancellor of the Duchy of the Lancaster, said: “We have long-recognised the importance of cyber security, but with Russia’s invasion of Ukraine there is an increased risk of activity which means the urgency is now more visible. That is why it is crucial that government and business work together as one in order to counter the threats that we face.”