Last week’s news of the ETF Securities’ launch of the first European ETF focused on cybersecurity was greeted by Dr Nithin Thomas, (pictured) founder and CEO of security start-up SQR Systems as ‘excellent news’.
“The strategic importance of cybersecurity for the country is enormous, and a dedicated fund listed on LSE is a step in the right direction. I hope we will see much more activity in the coming months with funds dedicated to early stage companies as it is vital that we are able to call on home-grown expertise and technology rather than importing it from overseas” he says.
“I hope that the ETFS ISE Cyber Security UCITS fund (ISPY) will be the first of many cyber security focussed funds and that we will see more interest in early stage investment, which is vital to support the next generation of security pioneers.”
Thomas founded his firm in late 2010 to develop and commercialise technologies for secure transmission of data over low bandwidth networks. “We had found a new way of encrypting data so that each user gets a good experience and end to end security” he says.
Initially, the firm was funded by the Ministry of Defence and worked in the defence sector but to Thomas, it quickly became apparent that the same technology could be used in facing the challenges around secure communications in companies.
“We have been looking at new regulations from the data protection perspective” Thomas says. “One of the key things was that some heavy fines can be imposed on organisations for breaches of security but can be avoided if you have end to end encryption.”
In Thomas’s experience, encryption tends to be patchy in terms of how it is deployed.
“If you are using a cloud service encryption from your device to a cloud server that is fine, but then the cloud has access to your data and could be attacked” Thomas explains. “End to end encryption would avoid that as the data is encrypted from the moment of creation to consumption at the other end.”
Because of the sensitivity of the data used in the financial industry, Thomas tends to find that it is at the forefront of data regulation.
“The regulations coming through from the EU will be a huge challenge putting a lot of restrictions on what can be used and how data can be handled” he says. “Most organisations are not prepared and the biggest challenge will also come from the vendor on how to support these regulations without inhibiting the company’s ability to function.”
But the danger is not exaggerated, he believes. “The threat is very much real and organisations need to understand the risk and take a measured approach to the threat – understand what threats you are addressing and take whatever methods are necessary to counter that threat.”
