ZoneFox seeks to treble team in fight against data risks

Edinburgh-based security software specialist ZoneFox has set itself the ambitious target of trebling its headcount next year as it rolls out its new product aimed at protecting firms from 'insider threats'.

ZoneFox boss Jamie Graves, left, with SBRC chief Mandy Haeburn-Little and fellow award winner Bill Buchanan. Picture: Contributed

The start-up, based at the CodeBase technology incubator, currently employs ten people and chief executive Jamie Graves said that figure was set to rise to 20 by the beginning of next year.

He told The Scotsman: “A lot of that’s around sales support and making sure our customers get the right experience as we grow as a company. By the end of next year, if everything goes to plan, we’ll be up to 30.

Sign up to our daily newsletter

The i newsletter cut through the noise

“We’ve had to plan it out properly and make sure we’re not scaling too quickly, but we have really ambitious targets for next year.”

Read More

Read More
Security start-up ZoneFox secures £650,000 injection

His comments came as ZoneFox – a spin-out from Edinburgh Napier University that last year received a £650,000 funding boost from investors including the Archangel and Tri Cap business angel syndicates, as well as the Scottish Investment Bank – unveiled a new “machine learning” product that will allow companies to monitor unusual use of data by their staff and instantly flag any security risks.

The result of six years of research and development work, ZoneFox Augmented Intelligence (AI) is said to be the most advanced of its kind to be developed in the UK.

Graves said: “It builds a profile of normal activities and behaviour. The use of machine learning and big data is nothing new in the tech industry but when it comes to this specific type of threat to an organisation, we believe it’s the very first time that it’s been applied.”

The ZoneFox AI system can build bespoke user profiles for each employee within two hours of being set up, using data from across everyday workplace tools such as laptops, PCs and employer-issued mobile phones. It then displays real-time data so IT teams can track “high risk anomalies” as they happen.

“What we’re trying to do is ensure the organisation isn’t swamped by poor quality alerts and make sure the security team have the right information at the right time,” Graves said.

“Our industry has been great at selling silver bullets and snake oil, but there are some fantastic new companies coming up – ours included – that are really starting to grasp the nettle with regards to tackling the problems. It’s not about using buzzwords like big data and machine learning and AI – it’s using the capabilities of people and machines to their greatest extent.”

Graves insisted that staff subjected to the monitoring system would not find their privacy being compromised, as it does not divulge the content of their emails, for example, but can identify whether secure information is being shared inappropriately.

ZoneFox, which last night won the international contribution to cyber security and “champion of champions” awards at the inaugural Scottish Cyber Awards, is now gathering feedback from existing customers ahead of a full launch of the package at the end of this year.

“We’ve got customers across financial services, pharmaceuticals, high-tech manufacturing and production, all the way through to gambling and video games,” said Graves.

“Compliance and protecting data are two high-level areas of concern for those organisations, and they’re typically the main reasons for purchasing ZoneFox. Insider threat is almost the final frontier of security – we’ve been building lots of walls around organisations, which is great for keeping people out, but people often aren’t aware of the wider risks of over-sharing information. It may not be done maliciously, and they may just be trying to get their job done, so that’s why incorporating awareness into the organisation is so important.

“Security is very much a cultural thing, so in order to ensure we do have secure organisations, we need to make sure this is part of a wider process that’s implemented.”

Last night’s Scottish Cyber Awards – hosted by the Scottish Business Resilience Centre (SBRC) and supported by Scottish Enterprise and PwC – also saw Stirling-based Net Defence pick up the award for best cyber start-up, while Harry McLaren of ECS in Edinburgh was named best new cyber talent.

Bill Buchanan of Edinburgh Napier University won the accolade of cyber evangelist of the year, the Law Society of Scotland took home the gong for “leading light innovation” and Natalie Coull of Dundee’s Abertay University picked up the title of “outstanding woman in cyber”.

Edinburgh-based 7 Elements was named SME defender of the year, Glasgow Caledonian University won the community impact award, cyber teacher of the year went to Scott Hunter of Kyle Academy in Ayr and Edinburgh Napier University vSoc/DFET picked up a title for collaboration with Police Scotland.

SBRC chief executive Mandy Haeburn-Little said: “Scotland has a proud history of innovation and we are making great strides to continue this tradition by becoming an international leader in cyber resilience – and to seize the opportunities that being at the forefront of cyber security can bring to our nation.”