When an organisation is deciding how best to protect its operations the first instinct is often to opt for a big, household-name cyber security company.
However, according to Mitchell Scherr, Chief Executive Officer, Vauban Cyber Technologies Limited, the smarter option would be to look at newer companies which are racing ahead of the curve - companies staffed by top talent from leading universities who bring fresh up-to-the-minute thinking to building security systems that are more likely to withstand the constant barrage of new threats.
Vauban is working with a range of such companies in the UK, explained Scherr, whose extensive global experience over two decades includes working with government agencies in the US, UK and the Gulf region.
Just last week he returned from a business trip to Qatar where he has been negotiating joint ventures with major Doha-based partners.
To use a military analogy, the companies he sees as being the most effective in cyber war today are like the SAS or Special Forces - compact and fast moving teams with the ability to operate in a highly targeted and focused way.
They are stealing a march on the more cumbersome ‘one size fits all’ operations which in many cases are much slower to react.
He observed: “What I have come to understand is that the solutions in the market place are remiss in the way that they are handling the cyber threat. Why? Because most of the big companies and a lot of government decision-makers or enterprise-based decision-makers want to buy ‘the brand’ and unfortunately the brand is behind the times.
“They are five years behind the curve because the decision-making process is so slow that by the time the product is deployed it is obsolete.”
Asked about the personnel staffing the new, fast paced companies, he said: “The brains are coming from universities such as Oxford, Cambridge, Imperial, Reading and Warwick which all have cyber programmes that are feeding young companies with highly innovative solutions. The UK is one of the thought leaders in cyber security in the world.
“When I came to the UK two years ago I saw that the Thames Valley is the Silicon Valley of cyber. It is by far the most innovative environment for turning out cyber technologies and the innovation is coming from the SMEs.”
Vauban presently has 25 UK cyber technology businesses under its umbrella all of which have to undergo the company’s rigorous due diligence process tied to cyber and deliver innovative best of breed cyber security solutions.
Scherr warned that companies needed to be making decisions about their cyber security at the highest executive level.
“The internal responsibility needs to be at C-suite level - needs to be Board aware - and should fall into the hands of the Chief Compliance Officer or Chief Risk Officer. You need to know enough about the technology to ask the right questions and those individuals really understand what the risk to the organisation is,” he said.
Leaving the responsibility for cyber security solely in the hands of the Chief Technology Officer is in his view a mistake.
“There is a conflict of interest to have your CTO in charge of cyber. I don’t know any CTO that will go to their CEO and say ‘I chose
the wrong technology’,” he said.
With regard to its current operations in Qatar, Scherr said that Vauban respected the need for client confidentiality but was prepared to speak in general terms.
“Presently we are in discussions in Qatar with companies in the financial services, government and health and commercial enterprises including SMEs who have sought our solutions,” he said.
The company recognises the importance of educating the leadership of organisations about the kind of issues that should be top priorities.
“We are currently offering in Qatar half-day coaching sessions designed for C-suite members to help them understand a little more about cyber and understand what questions they should be asking the CTOs, and their IT and Security sections.
“I understand the needs of organisations to protect communications, to have the mobile environment and server network locked down,” he said.
The need for constant vigilance and effective defences is vital, he warned.
“When you speak to government officials they think World War III will be fought via the means of cyber, whether it’s tied to natural resources such as water or LNG. When you look at the supply chain to those resources - it’s very scary. Because now you have cyber adversaries that are nation states. So they mean harm and they can compete at a level that wasn’t possible before. You are not going to be able to compete with the US military but just as the Russians did in Ukraine you can take the electronic grid down,” he said.