Not many companies can boast a former head of MI6, a former Chief Scientific Adviser for National Security and a former UK Defence Staff supremo as advisers or directors.
This is a £1mln turnover business listed on NEX, the small exchange for early stage entrepreneurial companies.
Tom Ilube, Crossword’s chief executive, says the heavyweight make-up of the board reflects his big plans for the company.
"We wouldn't need people like Sir Richard Dearlove, chairman and the ex-head of MI6, if we didn’t intend to build a large scale, listed company," he told Proactive.
Board highlights long-term ambition
A BBC non-executive director himself, Ilube says that having built and sold businesses successfully for venture capitalists and a variety of employers, this time he wants his own successful listed company.
Crossword is positioned in the right areas to achieve this, he believes.
The focus on the commercialisation of cybersecurity research at UK universities is in the sweet spot for two types of investors.
There are those who just like the model of technology transfer from universities, while cybersecurity is a hot area where there will always be people looking to invest.
That is especially true while hacking attacks continue to make huge headlines.
Uber and GDPR focus minds
Uber has just become the latest company to admit it had been hit by a major security breach.
Data related to 57mln drivers and users was hacked a year ago, said the taxi app giant, but it decided it would only release news of the breach now.
A big fine is likely, but in future the cost of being so tardy to own up might be crippling.
In May, a new European directive on data protection (GDPR) comes into force and any organisation found to be at fault can be hit with a fine of up to 4% of global annual turnover.
For Uber that would amount to a colossal sum. But with Equifax, Talk Talk and the NHS all also having suffered major attacks recently, concern over data security is becoming acute.
GDPR has really raised the stakes about how secure companies need to be, says Ilube.
Preparation the key
Using its university sourced intellectual property (IP), Crossword acts an adviser, suggesting approaches that, if applied, would help companies understand their cyber risks more clearly, where to focus investment and help defend against a hacking attack.
Describing itself as more on the ‘defence’ side than “an ambulance on stand-by” to help after an attack, Crossword talks to companies about how they should prepare themselves.
Rizikon is its lead cyber risk assessment product.
Based on intellectual property licensed from City University of London, Ilube says as well as helping a company understand its own cyber risks, crucially Rizikon assesses the cyber risks of its suppliers.
Suppliers a soft way in for hackers
And this is an avenue increasingly being exploited by hackers.
A large bank or major car company can have thousands of suppliers or part manufacturers.
All may have either secure payment or some other form of authorised access and cyberhackers have been quick to recognise these as potentially weak links.
US retailer Target, for example, suffered a major data breach after hackers, it is widely suspected, entered its network through an air-conditioning maintenance contractor.
“Companies need to secure themselves and check how secure their suppliers are,” said Ilube.
“Rizikon gives them a process driven and automated way of going to their supplier base and evaluating their cyber risk.”
An added benefit is the audit trail provided by Rizikon, which can be used as evidence of trying to improve security in the event of a data breach.
Nixer, meanwhile is a DDoS (distributed denial of service) protection platform that uses advanced machine learning techniques to guard critical online services against blackmail attacks.
Crossword is still in its early stages and its financial numbers reflect that.
Revenues in the half year to June were £397,000, a rise of 141% on the same period the previous year, and about 15% higher than last year’s total revenue. Rizikon and Crossword’s consulting activity account for most sales currently.
Losses were £586,000, up slightly on the same period last year as R&D investment continued. Cash holdings were about £1mln.
Centres of excellence
There are 14 UK universities classified as academic centres of excellence in the field of cybersecurity by the National Cyber Security Centre, part of GCHQ, the UK’s military intelligence gathering centre.
Crossword works by establishing a relationship with the lead academic on a piece of research or IP of interest.
“We are looking for IP that has global application rather than just being UK specific. For example, it can be used in Australia or the US as well.”
By sticking to the one speciality, Crossword avoids running into competition with more general tech transfer firms.
Next off the rank will be Cyber AI, a collaboration between Crossword, industry and three major universities, looking at innovative ways to apply artificial intelligence to complex, large scale cyber security challenges.
Having started off with 50 potential security applications, it is now down to the final two.
Crossword will turn the winner into a commercial product and market it.
A portfolio approach
And that’s the appeal of Crossword, says Ilube.
“It is a portfolio of solutions. We have multiple products based on cyber research.
“Not all will be blockbusters but it just needs one or two to take off and we are really going somewhere.”