/*

technology

Cyber security for punks. This IT company do things differently.

Video by Influence Media.

Computers are everywhere. All businesses rely on computers, IT infrastructure and the internet for at least some day-to-day operations and wherever there’s computers, there’s also a threat.

Statistics suggest that rather than being a thing of the past, cybercrime is on the rise across the world. But it’s not the hobby of a few bad eggs. Cyber criminals are often highly organised, with considerable resources at their fingertips.

The 2022 Global Risks Report from the World Economic Forum warned that 'cybersecurity measures put in place by businesses, governments and individuals are increasingly being rendered obsolete by the growing sophistication of cybercriminals.’ The 2023 UK government cyber security breaches survey reported that 59% of medium businesses and 69% of large businesses reported a cyber breach or attack in the last 12 months. Meanwhile, analyst firm Gartner predicted that by 2025, 45% of global organisations will be impacted by a supply chain attack.

It's a real and scary prospect for businesses of all sizes, and one on which many IT support contracts are won. But one company is taking a different approach.

Punk Security, who are based in C4DI Northallerton, are unique in several ways. For a start their multi-coloured, mohawked Zebra logo is a welcome splash of colour in an industry that isn’t always known for its vibrancy and represents their more positive approach to cybersecurity.

Why the Zebra? It’s the punk of the animal kingdom according to co-founder Daniel Oates-Lee. "We were told that nobody would like the company logo, by multiple graphic designers. But everybody loves it, and the stickers. They love the fact that it's completely different from everything else. We wanted to be different. We didn't want to just blend in with the rest of them." It seems like a pretty good strategy, and it seems to be working. They’ve grown to a team of 8, mostly remote workers, in two and half years.

We caught up with him to find out more about the company and the state of cybersecurity today.

Co-founders Daniel Oates-Lee and Simon Gurney

Helping the human squishy things

Punk Security’s approach to working with clients is not about fear mongering, says Daniel. “We help companies understand where they're weak and show them where they need to get to and help them along that process. Rather than selling this idea of fear and everywhere burning to the ground. We promote what we believe is going to help customers the most rather than just bolting everything down, so that nobody can do anything.”

Some cybersecurity measures can feel over the top and many businesses may feel that they’re not big enough to be targeted. The reality is of course, that any business is theoretically under threat and the weakest link is the human rather than the tech.

According to Deloitte, 91% of cyber-attacks begin with email, even if the final attack was administered differently. And in 2022, phishing attacks (those which attempt to trick the recipient into opening a malicious link or file) increased by 61%. They fall into the wider category of social engineering attacks which are increasingly becoming the primary weapon in a hacker’s arsenal. You can have all the latest anti-malware software on your system but there will always be a way into a company. The employees.

“Cybersecurity is getting better over time. But the biggest vulnerability we have unfortunately is the squishy things, the human elements,” says Daniel. “We help secure the human by doing live demonstrations, carrying out simulated phishing attacks, or we will give good security advice to employees about how to protect themselves on social media? What settings should they be enabling? How can they better protect themselves at home? Because that will leak into their business life as well.”

Of course, any technical advancement in cyber will soon develop vulnerabilities as criminals find a work-around, so it’s ultimately down to individual human awareness and procedure to ensure a company stays safe. He feels it’s not worth banging on about the multitude of threats that are out there.

“Everybody knows that bad things happen if you don't secure yourself properly.” They acknowledge that is a very real possibility but take a more pragmatic approach from there.

Working with the community

Punk Security started off the back of an 8-year friendship between the two co-founders, Daniel Oates-Lee and Simon Gurney and has grown since then, hiring developers and other roles along the way. The team is scattered across the UK with Simon being based in Northallerton and Daniel in Leek. But the advent of remote working tools means they’re able to easily work on projects concurrently.

As for what they work on? It’s quite varied. And often bespoke.

Clients vary “from the military, which are several 1000 people strong, to online music retail companies, which might have 20 people.” And the work they do all depends on the customer. Military contracts are understandably stricter and more directional whereas businesses may come with a problem, they just don’t know how to solve.

“We also do a lot of open-source projects. That’s where we are developing capabilities for the community to use our software for free and to enhance their cybersecurity posture.” They’re very much involved in the cybersecurity and developer sphere and are hoping to do more training around DevSecOps. This endeavour goes beyond setting up systems after the fact but rather feeds security into the very early processes of development at a software company. And it was a key part of setting up Punk Security. It's a creative and innovative side of the business that is not always found in IT companies and it fits with their ethos of sharing what they know and working at the cutting edge of IT.

“The idea of DevSecOps is about bringing developers and operations teams together so the developers can help operations teams deploy their software and diagnose problems. So as the developers write their piece of code, we will scan it for what we call secrets. These are like hard coded passwords, or API keys or certificates that shouldn't be being leaked in the source code.”

“We’re building a platform to be able to upskill people and teach them more about it and we've got a few more open-source projects that we're planning on working on as well.”

Such is their commitment to open source and community that they’ve made use of the C4DI community to run events. Joining C4DI was about having a central physical presence in Northallerton and Daniel says that “from there, we started using C4DI for its events and its connections to the wider area.”

"In conjunction with C4DI, we ran a cybersecurity event in Hull where we carried out a live Hack taking business people through what would happen in a ransomware event and then showed them how to prevent it. That was also in conjunction with Northeast Cyber Resiliency Centre which is a police funded charity organisation. So, the police gave their experience of various different cyber-attacks, along with our live demo."

Their involvement in military projects as an Armed Forces Covenant signed business is also relevant to an area of cybersecurity that is growing.

A classic devs laptop emblazoned with the Punk Security logo (top right) amongst others…

Where is cyber heading?

Cyber in the military is a topic that our speaker is familiar with as a member of a reservist unit, and hackers are increasingly being deployed in warfare.

As far as why it’s being used, he says “it's being able to carry out an action without firing any typical weapons” that will make it increasingly appealing as time goes on. But he cautions the threat is not solely from the likes of “Russia and China, that people do seem to focus on. There are also some really good hackers in Brazil. Or North Korea.” The totalitarian state in particular is renowned for being a hotbed of ransomware and ultimately there are links back to China and Russia, relaying internet through the former and activity often being linked to Russia.

But innovation will continue and there are positives to hold onto about how companies like Punk can stay ahead of the criminals. One such innovation that has entered every part of industry is, of course, AI. Daniel is open minded.

"We've been investigating how we can use it as part of testing our systems. And we've got it to build what we call zero day attacks in a matter of hours. So I think this is going to be another useful tool to help bolster our cybersecurity. But on the flip side, it's also going to make our adversaries, the attackers, lives a little easier as well.”

Ultimately the reason companies like Punk exist is to ensure most employees and workers don’t have to worry about these threats too much. For them, the focus is clear and Daniel talks about “building a firewall inside the person”. Stay alert and take your time to establish whether what you see in front of you is legitimate. And you’re doing the best you can.

Quantum Computing: Revolutionising Medicine, Science and Engineering

Quantum Computing: Revolutionising Medicine, Science and Engineering

In the next decade, we could see computers uncovering some of life’s most prominent puzzles, from world hunger to global warming.

Quantum computing is a mind-boggling topic. However, we have software developer and quantum enthusiast, Steve Bowman, on hand to explain some of the basic principles and how these machines are set to transform the world…

Using Visualisation to Transform Team Communication

Using Visualisation to Transform Team Communication

Marketing specialist John Cant works independently to help start-up businesses with their initial establishment and early growth. We caught up with him in our hot-desk area to learn more about how he does it all, and which project he is focusing on at the moment.
 
“I’m currently working with a software start-up called Hubscope,” explains John. “It’s a visualisation application used by IT project teams that shows how people, requirements, services and technology interconnect.”

Adding a Splash of {sauce} to the Source

Adding a Splash of {sauce} to the Source

Sauce is a development team born out of the C4DI that comprises Matt Gibson, John Polling and Jim Wardlaw (pictured left to right). Together they work on web and app projects across a wide range of client sectors, bringing solutions to problems of all sizes. We met up with Matt to find out more about a current piece of work, which will help members of Hull University Union to make the most of their student journey.
 
“Hull University Union (HUU) want to improve  student engagement using a phone application,” explains Matt at their offices in C4DI. “We’ve been tasked with creating an app for WelcomeFest, which will allow the student population to access info on services available to them, view and plan events, and learn about the campus and city.”

Novel industry solutions created by Hull’s flourishing digital community

Studio-Kiwi-digital-awards-2015-small-cropped.jpg
IMG_6384 v2 small

IMG_6384 v2 small

Hi, I'm Dee - the newest member to join C4DI's talented team. I have had experience working in a variety of industries, ranging from project management to teaching. It's going to be great working with everyone, supporting the community and getting immersed in the innovative projects we run. You can read my full bio here. C4DI is at the heart of Hull's digital economy. With a flourishing community of over 180 members, drawn from a wide array of fields across the digital sector, the synergies arising from our collaborative environment have secured new business opportunities and even, in some cases, solved some industry-wide problems! We've picked out just a few of our favourite member quotes for you below.

Andy Mcmillan, Training and R&D - Escada Systems Europe says;

"At C4DI we brought new products to market in record time to solve an industry-wide problem. Our product will increase the accuracy and reduce maintenance of sensors that are used in the packaging industry. This was made possible because of C4DI's collaborative working space."

Matt Gibson, Accounts Executive - Studio Kiwi says;

"The access to support, advice, and mentoring added to the networking potential, diversity of skills, and knowledge that is available at C4DI helps our business to grow. It is a privilege to be set in such a vibrant and beautiful location within the City of Hull."

C4DI's community  is always growing and we've had some incredible talent join us this month. Read all about our newest members like Hull born and bred trader 'Dean Melton', social media guru 'Joanne Brady' or Francis Osih an entrepreneur and founder of 'Betamenu' (as well as many others) below.

From the end of November 2015 we will be running tours around our new home, every Friday, so if you would like to come and visit, meet any of our fantastic members or simply just try a cup of our famous coffee please do get in touch and email me on dr@c4di.net

Without further adieu please say hi to our brilliant new members:

Joanne2

Joanne2

Joanne Brady - freelance social media manager "I help SMEs set-up and develop a social media presence through a variety of methods from regular weekly consultations to full-on daily management. I also write content for websites and blogs, and have a pretty good knowledge of SEO. I enjoy collaborative working and see C4DI as a way of meeting like-minded professionals. I'm always happy to help with any questions about social media."

Francis

Francis

Francis Osihentrepreneur "I lived in the US and Spain for business school. New to Hull, so my entrepreneurship & VC connections are limited to Barcelona and Berlin.  Starting programming in 2005, I have contributed to startups as diverse as they come along the way.  I am also the founder of Betamenu and Witelist.  Looking forward to assisting and having fun with everyone here!"

Dean

Dean

Dean Melton - trader "I was born and brought up in Hull. I worked as an Investment Analyst for a Hedge Fund for many years. I left the trading arena 10 years ago and set up on my own, working part time from a home office trading the Stock Indices, Forex and Commodity Markets, when I wasn’t trading; I was the 'house husband', looking after my two children, who having finally flown the nest, leaving me with time on my hands again."

Richard

Richard

Richard Farrer - Co-founder of Fractal Software & graduate "As a software developer I have experience in .net languages and agile software development, also a keen eye for graphics and UI.  I look forward to tackling the challenges of building a software business at C4DI."

Pat

Pat

Pat Coyle - director at Rollits "Pat's main role involves leading and managing the marketing function within Rollits. She is the current chair of the East Yorkshire (Humber) IoD branch committee, sits on the Steering Group for Humber Business Week, and is also a member of the committee of Hull Businesswomen's Breakfast Club."

Andrew

Andrew

Andrew Downie - R&D manager "Andrew has recently joined RB working as Health Transformation R&D Manager - working across the healthcare brands in areas including connected health and innovation beyond the product. Andrew has a background in biological sciences and has experience in FMCG and pharmaceutical businesses, including AstraZeneca and Unilever."

Josh

Josh

Josh Cunliffe - Co-founder of Fractal Software & games developer "I’m a recent graduate from the University of Hull, with a first class MEng degree in computer sciences with games development. I am well versed in .NET languages and frameworks, and after a year of working in SEED within the university, can use Scrum to manage and execute projects in an agile manner. I look forward to being able to apply everything I've learned within C4Di!"

Mike

Mike

Mike Wasling - Director of I.T. "Since joining Rollits, Mike has developed and enhanced the firm's IT infrastructure to support the needs of both the firm and clients. He is responsible for the IT team and helps deliver high standards of IT support and innovation throughout the practice. Some of Mike's key responsibilities include developing and maintaining relationships with IT suppliers and implementing "best of breed" technologies."

Lewis

Lewis

Lewis Taylor - Co-founder of Fractal Software "I am a software developer with a BSc and MSc(pending) in computer science from the University of Hull. Proficient in a wide range of programming languages and frameworks ranging from .NET to Python. I enjoy riding bikes and playing bass guitars. Looking forward to building software that matters."