NCSC Cyber Accelerator Programme. What is it, and what does it say about the companies selected?
PixelPin is proud to be part of the acclaimed NCSC Cyber Accelerator programme. It’s a great honour to be associated with the NCSC and adds greatly to our credibility as the provider of an innovative, highly secure authentication solution. We get very excited about it. But then, we are on the cyber security nerd spectrum.
We realise, however, that our customers - and end users - may not be fellow cyber security enthusiasts, and if you work in a different field, you might be wondering what exactly it is all about.
So, what is the NCSC Cyber Accelerator? Or perhaps we should being starting with “What is the NCSC?”
NCSC stands for the National Cyber Security Centre whose stated purpose is “helping to make the UK the safest place to live and work online”, and is part of the Government Communications Headquarters (GCHQ).
The NCSC was launched in 2016 and brought together expertise from several prominent cyber security bodies, including CESG (the information assurance arm of GCHQ), into a single point of contact for businesses and organisations of all sizes, government agencies and the general public
When cyber security issues occur, the NCSC provides incident response to ensure minimal impact to the UK, and assistance with recovery. It uses its in-depth knowledge and understanding of cyber security to provide advice and practical guidance for people and businesses / organisations. It secures public and private sector networks, reducing risk to the UK. In addition, it uses industry and academic expertise to nurture the country’s cyber security capability.
So, back to the original question: what is the NCSC Cyber Accelerator?
In short, the Cyber Accelerator is a mentoring programme which supports the growth of start-up cyber security companies who aim to bring “better, faster and cheaper” security products to market. It is part of the UK Government’s £1.9 billion National Cyber Security Strategy, and as well as bringing obvious benefit to organisations and the public, the programme is also supporting the emerging cyber security industry in the UK, encouraging skills, jobs and growth. The program is powered by Wayra, Telefónica’s open innovation arm, which supports enterprises creating new products for the UK’s security industry
Competition is fierce to access the programme, given the obvious prestige for tech entrepreneurs to be associated with the NCSC and the Cyber Accelerator. Fledgling businesses have much to gain: as well as potential commercial opportunities, there is a wealth of mentoring and advice from the NCSC.
Start-ups apply to take part through open competition, using technical challenges written by technical leaders within the NCSC. The challenges identify areas of cyber security weakness where new products are needed. And successful applicants have to demonstrate a product which directly meets one of those areas of weakness.
To use PixelPin as an example, the NCSC has identified that password security is a major area of concern in the UK. Breached passwords is a daily occurrence, resulting in financial loss for internet users. Breach analysis data shows that 23.2 million victim accounts worldwide used 123456 as password. (This information was taken from a list of breached usernames and passwords, were collected and published on “Have I Been Pwned” by international web security expert Troy Hunt.)
NCSC’s first ‘UK Cyber Survey’ undertaken last year (2019) showed that 42% of Brits expect to lose money to online fraud. It also showed that less than half do not always use a strong, separate password for their main email account.
It is one of NCSC’s aims to reduce the risk of further breaches by building awareness of how attackers use easy to guess passwords.
Troy Hunt said recently that “Making good password choices is the single biggest control consumers have over their own personal security posture. We typically haven’t done a very good job of that either as individuals or as the organisations asking us to register with them.”
It’s easy to see how a password-free authentication solution like PixelPin fits with the NCSC’s direction. Many people find it impractical to have a different password for each and every website they use, which is why they tend to cut corners and use the same one on multiple sites, or use simple or obvious ones. They don’t want to use social logins (Facebook or Google for example) as they don’t want to share any more of their personal data or behaviour with them. And many don’t trust password managers.
PixelPin’s solution offers a completely new, highly secure solution, which does away with alpha-numeric passwords altogether. Instead, users choose a single picture, and picks four specific “pass-points” on the image. Then, for all future logins, they must click those four points, in the correct order.
It almost sounds too simple to be secure - which is why being selected by the rigorous NCSC Cyber Accelerator programme means so much.
It works thanks to our pioneering technology and the highest encryption standards, which make it next to impossible for hackers or bots to breach. If you think of the pass-points as coordinates on a 1000 x 1000 pixel grid, you realise how many potential variations there are in just one image. Four points out of a million pixels offers far greater combination potential than PINs, passwords and biometrics.
It also means no login data is entered into or stored on any other website, just the once, on PixelPin’s secure servers.
We are in the fourth and current cohort of participants in NCSC Cyber Accelerator programme, and we are in good company. Our fellow cyber security innovators include: Fraud Net, Keybox, Ohalo, Secure School, Trust Stamp and The Cyber Fish Company.
Once a company like ours has completed the programme, it then joins the Cyber Accelerator Alumni. These are all the innovative businesses who have made a name for themselves since the Cyber Accelerator began in January 2017: Aquilai Cyber Intelligence, barac, BlackDice, Configured Things, CounterCraft, CyberSmart, CyberOwl, Elemendar, Elliptic, ExactTrak, iHackLabs, intruder, Ioetec, LuJam, Mission Secure, nettoken, RazorSecure, Secure Code Warrior, Spherical Defence, StatusToday, trustelevate, verimuchme, Warden
If you’re reading this, and thinking that your cyber security company is doing something that the NCSC Cyber Accelerator will want to hear about, you can apply here: https://www.wayra.uk/programs/ncsc-cyber-accelerator.
We would strongly encourage you to make the leap; it has been the most incredible process for our business to go through. As well as the 10-week programme based in Cheltenham, where we met major figures in the cyber security profession, we were also able pitch their ideas to potential clients and investors. And in February this year, we were invited to take part in the RSA conference on cyber security in California’s Silicon Valley. The trip also included a private coaching session at the ranch home of Steve Blank, the originator of the Lean-Start-Up movement.