New guidance from the NCSC and the Centre for the Protection of National Infrastructure (CPNI) set to help fledgling technical companies consider key questions around security.
UK startups working on world-leading emerging technology are being offered new guidance to help secure their innovations from a range of security risks.
The guidance from the National Cyber Security Centre (NCSC) - a part of GCHQ - and the Centre for the Protection of National Infrastructure (CPNI) helps fledgling companies working in emerging technologies consider key questions around security.
Launched during the NCSC’s flagship CYBERUK event last week, the guidance encourages companies to take steps to strengthen their defences against criminals, competitors and hostile state actors.
UK companies working in emerging technologies are likely to be a particularly attractive target to a wide range of actors, including those backed by foreign states seeking technological advancement.
The ‘Secure Innovation’ package of guidance was developed in consultation with emerging technology companies and highlights the importance of laying strong security foundations that can evolve as startups grow, in a cost-effective and proportionate manner.
NCSC Technical Director Dr Ian Levy said: “The UK has one of the world’s best startup ecosystems, which makes companies working in emerging technologies a target for hostile actors.
“That’s why alongside CPNI we have created bespoke guidance which aims to show these companies what good physical and cyber security looks like and how to implement it.
“Putting good security in place now is a sound investment for these companies, helping lower the risks of future disruption and enhancing their attractiveness to investors.”
The Director of CPNI said: “UK start-ups and scaleups raised record investment in 2020, closing nearly £11billion in venture-capital funding, despite the obvious challenges. A large part of this success story is how open and engaging UK businesses have always been with their international partners. As new markets continue to emerge, so will the potential threats to companies’ intellectual property and ideas at the hands of hostile states, criminals, and competitors.
“Developed in partnership between CPNI and NCSC and aimed at companies in emerging technology, Secure Innovation provides a holistic approach to all aspects of security, ensuring that good cyber principles are not undermined by physical, and people risks which could threaten the success of a start-up if not managed well from the outset.
“Based on CPNI and NCSC’s technical expertise in protective security, this guidance provides the tools to establish simple, low cost and pragmatic security-minded behaviours from the outset, making protecting their innovation and ingenuity as easy as possible.”
The Secure Innovation guidance, aimed at founders or chief executives of emerging technology startups, explains how security can be integrated into an organisation’s culture and advocates for security focused risk management around supply chains, IT networks, information, people and physical security, cloud computing and more.
Startups are urged to consider the security implications for their business as they grow, specifically when choosing partners to collaborate with and expanding into new markets.
Further reading: Secure Innovation | CPNI
Reporting
Report all Fraud and Cybercrime to Action Fraud by calling 0300 123 2040 or online. Forward suspicious emails to report@phishing.gov.uk. Report SMS scams by forwarding the original message to 7726 (spells SPAM on the keypad).