Skip to content

How LORCA works with industry to shape our cybersecurity programmes //28.01.19

How LORCA works with industry to shape our cybersecurity programmes

Author: Lydia Ragoonanan, director, LORCA


We recently welcomed 11 companies to our second cohort, which is focusing on two very specific challenges: securing supply chains and user-centric security. And the road we took to deciding on those challenges is a fascinating example of how industry can meaningfully engage with the tech community.

With the right conditions, major corporations and tech influencers that might ordinarily be in competition with each other are uniting around challenges that affect them all. And in the end, it’s their users – the general public – who stand to benefit most.

Our approach is to gather diverse voices from across the industry and create an environment that allows them to freely open up about their cybersecurity priorities and where there might be an opportunity gap. This ensures that the startups and scaleups we choose to support have solutions that are most relevant and pressing to companies in the real world, both in the UK and abroad.

We do this through multiple touchpoints and forums. Our Needs Accelerators gather representatives from specific industries or around a subject to understand more about what’s top of their cyber agenda. We apply the Chatham House Rule to these events, which creates a non-competitive environment in which the companies feel able to speak freely about their pain points. That’s not something you see every day, and it’s a hugely valuable source of insights. Our latest Needs Accelerator was held in December 2018 and saw the likes of Transport for London, London NHS Trusts, London Borough Councils and many more discuss the cyber challenges associated with a smarter and more connected London, while our next event will focus on the insurance industry.

Meanwhile, our Industry Advisory Board (IAB) is made up of the great and good from the tech world, including Theo Blackwell, London’s chief digital officer, Abhik Roychoudhury, professor of Computer Science at the National University of Singapore, Paul Branley, director of strategy, innovation and testing at Lloyds Banking Group, Siân John, Microsoft UK’s chief security advisor, and many more. The IAB makes sure we’re tuned in the latest macro and micro technology and business trends affecting the UK’s cybersecurity sector.

Then there’s our Innovation Forum, which plays a crucial role in steering the direction of our cohort programmes, prioritising which challenges we focus on and sitting in on interviews during the recruitment phase.


Selecting the challenges: how we got to user-centric security and securing supply chains


To inform the selection criteria of our latest cohort programme, we went through three key steps.

Step 1: horizon scanning

Teams from Plexal, Deloitte and CSIT poured over reports and industry research to gather data on the cybersecurity landscape. But that wasn’t nearly enough, so we interviewed and surveyed professionals across a wide range of sectors before creating an informed longlist of cybersecurity challenges.

Step 2: understanding the challenges  

With the longlist of themes in our hands, we convened our Innovation Forum to share examples and elaborate on the pain points. This gave us a fuller understanding of the nature and scope of each challenge.

Interestingly, user-centric security wasn’t on the list at all to start out with. But as the group had more in-depth discussions about the nature of internal threats, it became clear that upskilling, educating and empowering the people on the frontline was a high priority.

Step 3: selection

Next, we got participants to vote (in multiple rounds) for the issues they considered to be most critical, which led us to supply chain security and user-centric security. Then, with our challenges decided on, it was a case of putting out an open call, reviewing the applications and conducting interviews to select our cohort.


The message to industry: our innovators need you


This cross-pollination between industry and the innovation community is crucial: LORCA can’t determine the country’s cyber innovation agenda sitting alone in the dark. We’re relying on industry to keep showing up to our forums and keep engaging with the process.

My message to industry is this: the insights you share are having a direct impact on the solutions businesses in the UK will have in their toolbox in the future. If you’re already involved with LORCA, thank you and please carry on. And if you’re not, there are lots of ways you can work with us – our ears are pricked and our arms open.