London is far better known as a hub for fintech startups, but under the radar its cybersecurity ecosystem is silently accelerating at a startling speed.

The latest group of startups supported by CyLon –  originally London’s first cybersecurity accelerator – are nothing if not varied. But one of the more striking features of the eighth cohort is that only half the companies are UK-based, with three of the eight from outside Europe and one from Germany.

CyLon’s international nature speaks to London’s emerging status as a global centre for cyber innovation. In its third year, CyLon’s UK programme now boasts 65 supported companies led by entrepreneurs representing 30 different nationalities.

Subscribe to the Sifted Newsletter


Just under a year ago, a group of nine startups participating in London’s new ‘infosec’ accelerator run by GCHQ – a rival programme to CyLon’s – petitioned the government to apply the same strategic approach to home-growing the UK’s cybersecurity sector as it had for fintech.

Gary Stewart, director at Wayra UK which runs the accelerator with GCHQ at the National Cyber Security Centre (NCSC), said at the time that the UK government could and should turn its vision for London as a world-leader in cybersecurity into a reality by giving it the “fintech treatment”.

While both the United States and the UK governments are well-known for expertise in security intelligence, it’s not surprising that a number of North American startups now at CyLon ventured across the Atlantic for the support they need to power the next phase of their growth.

Compared to the US, where almost all of the cyber-focused programmes are partnerships with private universities, the UK offers far greater opportunity to leverage the significant national resources in cyber intelligence. CyLon itself was co-founded by two former intelligence advisors to the UK government and diplomatic service – Jonathan Luff and Grace Cassy – alongside internet security entrepreneur and venture capitalist Alex van Someren. Housed in the headquarters of data science-focused investment firm Winton Group, the cyber accelerator has now replaced Winton’s own defunct startup lab. The group’s VC arm – Winton Ventures – has most notably supported a spin-out from the UK’s intelligence agency GCHQ, Ripjar, which uses advanced analytics to tackle cyber and financial crime in real-time.

Which is all to say that the institutional support for cybersecurity innovation in the UK is vast and intimately entwined with the government’s security initiatives.

If CyLon is anything to go by, the UK cybersecurity scene has already reached significant milestones without any fanfare. At the demo day, CyLon’s Jonathan Luff announced a new Global Advisory Council set up to provide strategic advice to CyLon’s portfolio of companies, valued at over £200m. The committee includes influential tech leader Min-Liang Tan — co-founder, Chairman and CEO of Razer, Inc; Russell Haworth — CEO of Nominet, which runs the UK internet infrastructure, and David Harding, founder, CEO and co-CIO of global investment management firm, Winton.

In what may have been a coded reference to GCHQ’s rival programme, Luff also praised the CyLon team and its portfolio companies on “destroying the competition”. In spite of the inextricable connections between the UK’s cyber sector and state-supported UK security infrastructure, Luff credited his accelerator’s success to avoiding any “political agenda” and  instead narrowly focusing on promoting early-stage cyber businesses. It remains to be seen whether healthy competition between accelerators will further boost the UK’s cybersecurity innovation, but given the strategic and growing importance of cybersecurity globally, there certainly doesn’t seem to be a limited pool of investment opportunities for market share.

Pitching abroad

At CyLon’s demo day in London this week, Hawaii-based professor Reza Ghorbani presented his startup MatiCy, which uses patent-pending technology to secure internet-connected devices and sensors, including medical “wearables” and Apple watches.

US-based Lattice Security, run by CEO Mehul Patel, also pitched for seed investment to continue developing its live product: a dynamic, permission-based data protection tool for collaboration and information-sharing.

Kathryn Chamberlain, a fellow with Venture for Canada and COO of the Canadian startup Beauceron Security, particularly stood out with a message that ran counter to the usual received wisdom in the cybersecurity world. “Humans are not the problem,” she claimed, introducing the company’s employee training platform which gameifies cybersecurity compliance and risk evaluation inside an organisation.

The final presentation by serial entrepreneur Maximilian Moehring, CEO of German startup Keyp, proposed a decentralised digital wallet for identity verification. Moehring’s ambitious strategy is to get Keyp’s product onto every smartphone in Europe within five years, by creating a single home for the entire network of digital identity providers in Europe.