Tessian - Experts & Thought Leaders

Infosecurity Europe, the most influential information security event running at ExCeL London from 4-6 June 2024, announced Mindgard, a start-up specialising in cyber security for AI, as the winner of the UK’s Most Innovative Cyber SME 2024 contest. The annual competition saw Nipun Gupta, Head of Product and Stefan Trawicki, Founding Machine Learning Engineer, Mindgard, presented with the award live at the event on the Innovation Stage on Wednesday 5th June in the Cyber Innovation Zone. Panel of cybersecurity experts selected Mindgard from fourteen finalists in the annual hunt for the UK’s Most Innovative Cyber SME. Cyber risk to AI systems Mindgard shows a free online tool for makers to act red teaming by evaluating the cyber risk Mindgard, founded in 2022 at world-renowned Lancaster University, was recognised for its innovation in AI with the Mindgard AI Security Labs. Built upon years of world-class research and development, Mindgard offers a free online tool for engineers to perform red teaming by evaluating the cyber risk to AI systems, including large language models (LLMs) like ChatGPT.  As well as derisking a wide range of AI deployment scenarios, the tool marks a major advance in the cyber threat educational tools available to engineers. Mindgard's AI Security Labs As enterprises rapidly develop or adopt AI to gain competitive advantage, they are exposed to new attack vectors that conventional security tools cannot address. Mindgard's AI Security Labs lifts the lid on exposure to ML attacks faced by model developers and user organisations. These risks are predominantly undetected due to the complexity of identification and the lack of the specialised skills needed. Current AI penetration tests require months of programming and testing by hard-to-find and highly expensive teams, leaving businesses unaware of the likely impact of any disruption. Repeatable AI security testing The results provide insight on what is the current “art of the possible” in AI attacks Mindgard's free AI Security Labs automates the threat discovery process, providing repeatable AI security testing and reliable risk assessment in minutes, allowing engineers to select from a range of attacks against popular AI models, datasets and frameworks to assess potential vulnerabilities. The results provide insight on what is the current “art of the possible” in AI attacks and the likelihood of evasion, IP theft, data leakage, and model copying threats. Dr. Peter Garraghan, CEO of Mindgard and Professor at Lancaster University commented: “We are thrilled to have been recognised for this award and it is a testament to the importance of how AI has been received by the UK market. Component for AI adoption Garraghan added: “Cyber security is a critical component for AI adoption. Organisations are either frantically trying to get AI/GenAI out the door without considering security repercussions, or blocking its deployment entirely due to unknown cyber risks, leaving them unable to unlock its commercial value. This is the gap we aim to fill." “We are grateful to Infosecurity Europe for creating this opportunity to demonstrate our innovation that swiftly identifies and remediates security vulnerabilities within AI.” Impressive list of past winners The prestigious match, open to micro, small and medium cybersecurity firms registered in UK The prestigious contest, open to micro, small and medium cybersecurity businesses registered in the UK, saw 14 of the UK’s most creative and original information security businesses shortlisted and competing for the title. The finalists were: 2T Security, Cyber Mentor Dojo, Cyber Tzar, ECG.ai, ESProfiler, Ethicronics, Gorilla Technology Group, Mindgard, Nova Blue Technologies, Oakdoor Hardware Security Solutions, Overe, Phoenix Security, Quantum Dice and Veracity Trust Network.  Mindgard joins an impressive list of past winners including ANGOKA (2023), TryHackMe (2022), CAPSLOCK (2021), Hack the Box (2019), KETS Quantum Security (2018), Check Recipient (now trading as Tessian) (2017), Device Authority (2016) and Geolang (2015). Change of cybersecurity technologies Nicole Mills, Exhibition Director at Infosecurity Group, comments: “Mindgard has been chosen for their ability to push the boundaries of cybersecurity and their relentless pursuit of groundbreaking solutions. Their commitment to innovation, whilst up against tough competition, has not only set them apart from their competitors, but showcases the pace and change of cybersecurity technologies and the need for continued innovation." "The accolade recognises this and serves as a catalyst for growth, inspiring others to revolutionise and stay one step ahead of emerging threats and challenges.”

The Department of Science, Information and Technology (DSIT) in partnership with Infosecurity Europe, the most influential information security event, has unveiled the shortlist for the UK’s Most Innovative Cyber SME 2023 contest. As part of Infosecurity Europe’s focus on innovation, the competition aims to spotlight micro, small, and medium cybersecurity businesses as they showcase the newest cybersecurity tech and solutions. DSIT competition Fourteen of the UK’s most creative and original information security businesses have been selected as finalists in the annual hunt for the UK’s Most Innovative Cyber SME. In its eighth year, Infosecurity Europe has once again partnered with DSIT for the prestigious event. The DSIT competition, which is judged by a panel of cybersecurity experts, will see the winner, and the 13 runners-up, invited to join the Cyber Innovation Zone at Infosecurity Europe 2023, which will take place on 20-22 June 2023 at ExCeL London. The winner will be announced at the event and will receive a feature piece in Infosecurity Magazine. All finalists will also receive an event stand, showcase speaking slots, and a marketing package.  Addressing cybersecurity challenges As threats continue to evolve, the tech must keep pace and these finalists have demonstrated their capability" Nicole Mills, Exhibition Director at Infosecurity Group, comments, “The DSIT competition is an important part of the Infosecurity Europe event. It’s about bringing new and innovative companies to the fore and providing a stepping stone to showcase solutions and highlight the ongoing need for innovation in the industry."  Nicole Mills adds, "As threats continue to evolve, tech must keep pace and these finalists have demonstrated their capability to bring to market, new and advanced technologies built to tackle the cybersecurity challenges of the future.”  Finalists The finalists span a myriad of cybersecurity solutions and services to tackle an array of common and evolving threats. The shortlist includes: Angoka - solutions for Smart Cities and Smart Mobility, heightening the cybersecurity and safety of devices, vehicles, and networks.  Contxt - offers a comprehensive solution to API security, focusing on leaky API discovery and remediation.  Crypto Quantique - IoT security - combining cryptography and quantum physics to develop security products that drive end-to-end security and unlock scalability for IoT networks.  Cytix - a cloud vulnerability management platform and a cluster of dedicated pentesters to help you identify & resolve vulnerabilities.  eCora - a programmable money platform for stablecoin and CBDC.  Fact360 - Fact360 is the only platform dedicated to forensic analysis of communication networks and data, providing businesses with the following capabilities.  Goldilock- a hardware cybersecurity company with a multi-patented device that allows users to remotely connect or disconnect any network or device, anywhere in the world without using the internet.  IDEE Limited - AuthN by IDEE enables people, organisations, and systems to quickly, privately, securely, and safely use the worlds-first 100% passwordless and 100% phish-proof identification, authentication, and authorisation solution.  Lupovis - an AI-based cybersecurity solution that proactively engages threat actors with deception technology and contextual threat intelligence. Riskocity – the Maritime Cyber Risk Assessment framework, is a unique solution for maritime cyber risk assessment.  Safeshark - backed by BSI, provides the only independent certification for new IoT cyber security standards.  Sitehop - a technology company creating innovative solutions for cyber-security and networking utilising its custom FPGA solutions to optimise and accelerate cloud/telco networks.  WCKD RZR - It provides a data enablement solution that harnesses machine learning to catalogue, govern and provide compliant access to a company's entire data estate from a single place.  Vistalworks Limited - Vistalworks intelligence software helps enforcement agencies and legitimate businesses keep ahead of organised cybercrime and the financial, environmental, and societal threats of illegal trade.  UK hardware cybersecurity innovator It is very challenging to find investors willing to back us, but this provides a halo effect" Stephen Kines, COO/Co-Founder, of Goldilock, commented, “It is excellent to be recognised for the investment we have made in innovation as the only UK hardware cybersecurity innovator that builds an appliance from scratch, it is very challenging to find investors willing to back us, but this provides a halo effect."  Stephen Kines adds, “In the current climate of hostile nation-state attacks on our Critical National, it is extremely important for us to provide the ultimate in cyber resilience.” Dynamic physical network segmentation “A recognition that this is possible using dynamic physical network segmentation moves the conversation from vulnerable software layers to the physical layer, especially when we consider the industrial control systems,” concluded Stephen Kines.  “We are thrilled to be finalists, not just because it celebrates the progress we have made as a young company tackling a meaningful problem, but because it increases our visibility and credibility at a time when we are looking to grow our solution globally," said Vicky Brock, CEO and Co-Founder, Vistalworks Limited.  Positive social impact Vicky Brock adds, “It is important for our team, our amazing stakeholders and customers, and the people who look to us for inspiration to know that the good guys can get ahead too. The area we work in can destroy your faith in humanity, but every aspect of what we do is aimed at delivering a positive social impact, as well as commercial innovation.” Visibility It is important to be recognised by the industry because it validates the value of our innovative solution" “We feel proud and honoured to be one of the finalists for this award. This makes a significant difference for us by increasing our visibility in the industry and providing an excellent platform to be able to showcase our solution,” said Chuck Teixeira, Founder, and CEO, of WCKD RZR. “It is important to be recognised by the industry because it validates the value our innovative solution can bring businesses while helping to build credibility and trust among potential clients and attract future investments and partnerships that will help contribute to our future growth and expansion,” Teixeira added.  Benefits for winners The winner will join an impressive list of past winners including, TryHackMe (2022) CAPSLOCK (2021), Hack the Box (2019), KETS Quantum Security (2018), Check Recipient (now trading as Tessian) (2017), Device Authority (2016) and Geolang (2015). 2019 winners, Hack The Box, have grown exponentially following their success and have since announced a Series A investment round of $10.6 million in 2021, and a further Series B funding announcement of $55 million in Jan 2023 to expand its business after racking up 1.7 million users. The Innovation Showcase The Innovation Showcase at Infosecurity Europe 2023 will be the place to be to discover, scope out and evaluate the newest cybersecurity technologies and solutions, and get to grips with how they can be deployed. Businesses will showcase and demonstrate the exciting new products and services they have to offer. Attendees can expect to hear real-world examples of how new technologies and solutions have been implemented, the customer benefits, and the overall ROI. 

The average United Kingdom (UK) business has experienced 16 successful email-based phishing attacks in 2022 so far, and 56 per cent of UK businesses had experienced an email attack, where account credentials were stolen or compromised. This was revealed in globally renowned email security company - Tessian’s recently launched new State of Email Security report. Out of the 79 per cent of UK businesses that had encountered a successful email phishing attack in 2022, 30 per cent said the repercussions included a breach of customer or client data, 28 per cent resulted in financial losses, 27 per cent resulted in ransomware infection, 21 per cent reported reputational damage, and 19 per cent had to deal with a regulatory fine. Tessian’s State of Email Security report UK businesses also encountered an average of 106 email-based ransomware attacks The report, based on Censuswide polling of 150 IT and Security professionals in the United Kingdom, also revealed that UK businesses were each targeted by an average of 113 spear phishing attacks each in 2022, of which one in seven were successful. UK businesses also encountered an average of 106 email-based ransomware attacks, 135 impersonation attacks and 274 bulk phishing attacks across the first nine months of 2022. Greater concern about ransomware and malware attacks Surveyed security leaders reported that they are most concerned about ransomware and malware attacks in the United Kingdom, with 45 per cent citing this as their biggest cause for concern. This was followed by email impersonation attacks at 31 per cent, and account takeover attacks at 29 per cent. On a global scale, however, email impersonation attacks ranked as the highest concern for security leaders. Cyber threats expand into other communication platforms Josh Yavor, the Chief Information Security Officer at Tessian, commented, “We all rely on email at work and at home, and as the gateway to valuable data and access, email accounts are always a valuable target to adversaries, especially those seeking to compromise business.” He adds, “We can also expect threats to continue to expand into other communication platforms like instant messaging tools, personal email or social media accounts as attackers seek to evade detection.” Email impersonation attacks The report revealed that employees are the most likely candidates for impersonation When looking at email impersonation attacks in more detail, the report revealed that employees are the most likely candidates for impersonation, and two in five businesses encountered a bad actor impersonating an employee. The second most impersonated targets were company suppliers and third party vendors, both at 32 per cent, followed by investors and C-Level executives, both at 25 per cent. Need for enterprises to proactively deliver security training Josh Yavor adds, “To keep employees secure on email, organisations should be proactive in delivering security training that addresses the common types of threats on email that’s tailored and personalised to their role and department.” He continues, “Company cultures also play a significant role in protecting employees. Security leaders should emphasise a culture that builds trust and confidence, which will ultimately improve security behaviours.”