C2 Cyber on Inogesis' Innovator Showcase
C2 Cyber Ltd are experts in cyber security and vendor risk management. They use their skills and passion for security to achieve their overarching goal: To make it simpler and safer for businesses to function and thrive in the digital economy. They are firm believers that to succeed online, even small organisations need to protect their data and use robust governance.
Today, we ask C2 Cyber Ltd some questions to find out about their perspective on innovation and security-focused technology in today’s constantly changing environment.
1. When did you initially have the idea to set up your own company?
I was working with my cofounder on improving vendor risk management within an UK agency. We decided the private sector would benefit from it as well, and launched C2 Cyber Ltd.
2. What were the driving factors/reasons behind your decision?
I wanted to grow something genuinely useful, delivering solutions to the ‘boring’ areas of governance and compliance that are often overlooked in Information security.
3. What has been your most difficult problem to overcome?
As an SME with now 11 employees balanced against an offer to the enterprise market. Accessing enterprise customers without having the Bid Team resources of a large corporate is a big challenge. Once we’ve successfully sold ourselves in, the client seems to love the service!
4. What do you feel are the emerging trends in the current market?
There is a rapidly growing awareness of any organisations reliance on vendors and supply chain (just look at SolarWinds hack yesterday, or the Google outage on Monday). The traditional answers of a consultancy doesn’t scale for a client with thousands of suppliers to assess, and the online only security rating services are only superficially attractive. The latter provide evidence you tried, and spent money, but they don’t give you a way to improve the risk landscape you face. Our platform and service does these things, and is proving a real hit!
5. Do you have many competitors? What are your USP’s?
As above, our competitors are the large consultancies who supply manpower, and the Security rating services. There are also ‘risk exchanges’ however these don’t go into the depth needed at. A project level to assure risk in a meaningful way for an enterprise. Our USPs are that we combine OSINT, vendor questioning and interaction, evidence assurance (policies/accreditations) and a secure non-email way of clarifying answers and advising suppliers of ways to improve their security posture. Our approach is collaborative rather than punitive, which both clients and their supply chain seems to really enjoy.
6. How do you/your organisation define innovation?
We are seeking to change the way risk is viewed from a ‘tick-box’ management exercise to a part of business life that if properly managed can ‘make your boat go faster’. This requires innovation in how activity is conducted, who is involved and how VRM programmes are funded.
7. Have you had to alter your strategy or leadership style due to elements that have stifled innovation recently?
We closely observe the market, and we’ve had to change the way C2 operates internally because of the COVID pandemic. I’m a keen believer in the team getting far more done when all around the same whiteboard (yes, I realise it’s a bit old Skool!!) but we’ve managed to keep the band together virtually with a lot of video calls and occasional meetings in our office.
8. What mindsets, qualities or talents do you feel characterises the Innovators whom you most admire?
The willpower to succeed, and people who are honest about the challenges faced as well as the positives. I have a lot more respect for people who can show weakness/learning than I do for those who pretend it was all easy! Innovation and competition in the technology sphere is hard, but it can also be fun!