Today, Think Cyber Security Ltd has announced that it has raised a £3 million late seed funding round to deliver measurable secure behaviour change. The multi-award winning, National Cyber Security Centre recognised firm offers an innovative and uniquely real-time Redflags® subscription software solution which gently guides and nudges staff to secure behaviours, with measurable impact. UK investor Fuel Ventures led the funding round. To date, ThinkCyber has raised a total of £3.6 million in funding.
Organisations have been spending millions on technical cyber security controls but they have tended to poorly address their exposure to attacks that start with the “human in the loop”, where a staggering 83% of cyber breaches start. Technical controls for this can only do so much, and industry standards of eLearning and phishing simulations have ranged from ineffective to alienating staff.
Cyber attacks and data breaches have consistently started with human action and a technical focused industry has tended to blame those users for falling for these attacks or acting insecurely. Phishing, and spear phishing, in particular, is a leading attack vector. However, accidental data breaches caused by misdirected emails, use of insecure file sharing mechanisms, poor password hygiene, and even cutting and pasting commercial data into ChatGPT are of equal concern.
Many of these attacks use an understanding of behavioural psychology against us. Phishing attacks that use urgency, authority (from the CEO), social proof (recognised brands), fear, etc., are all designed to make us click without thinking, such that traditional eLearning approaches have little chance of helping – your brain simply “can’t stop and think”.
Building on their experience combatting these threats as Global Heads of IT and Information Security respectively, at the Cyber Division of BAE Systems (Detica), Tim Ward and Dr Mike Butler the co-founders launched Think Cyber Security Ltd with InnovateUK funded research grants to go back to the basics of behavioural and learning science with an emphasis on using these same psychological techniques “for good”.
The outcome is Redflags®, a uniquely real-time approach to nudging risky behaviours directly on a device and directly at the point of risk—as a link is about to be clicked, a password entered, or a file uploaded. Making these behaviours measurable and offering pre-emptive and preventative nudges allows ThinkCyber to measurably reduce risk for their clients.
Tim Ward, co-founder and CEO at Think Cyber Security Ltd, commented: “The unique ability of Redflags® to impact cyber hygiene in real time and measurably change an organisation’s risk profile has been recognised again this month with another award. Our investment from Fuel allows us to widen our reach across industries and sectors, with the ultimate goal of the Redflags® approach simply being the way we empower people to protect themselves against cyber threats in the future”.
Redflags® has seen rapid adoption over the past few years with a 200% increase in revenue and clients, including household names across high-street banking, financial services, energy and utilities, retail, and fast-moving consumer goods.
Speaking about the value Think Cyber Security provides, the former CISO of NHS, GSK, and National Grid, Robert Coles, stated that “Experienced CISOs know that phishing simulations have limited effect and that we can all fall for tricks when we are vulnerable; awareness campaigns only work for a short period before people forget the messages; and everyone hates computer-based compliance training! What I like about Redflags® is that messages can be tailored and delivered “in the moment” as someone is about to do something risky.”
Fuel Ventures invested £2.8m from its Seed funds. Mark Pearson of Fuel Ventures added “We’ve seen throughout our own portfolio how seriously modern companies are taking cyber security threats. Supporting and empowering employees to form good habits is the main way to prevent security breaches. Think Cyber Security are revolutionising the way this is done, moving away from yearly multiple choice tests and inter-company meetings and instead providing real, actionable support to employees at points where success in their role can make them forget about complicated security protocols. We’ve been incredibly impressed in Think Cyber Security’s traction to date and are thrilled to now be on this journey with them.’
Think Cyber Security’s mission is to empower people to protect themselves against cyber threats that target the human user – embedding measurable security behaviours through real-time interventions.
Tim Ward added, “We are excited to have Fuel onboard with us and delighted with the validation that we are already shaking up this market with our innovation and have considerable further potential!”
About Think Cyber
ThinkCyber offers the next generation of security awareness. Their product Redflags® embeds awareness training into the day-to-day user experience, applying behavioural and learning science theory to deliver risk-based, context-sensitive, just-in-time guidance that creates enduring behaviour change.