Innovators: Cyber Fraud Education With Red Flags

Features Posted 10/05/21
Behavioural science is helping a company develop effective software to fight the ever-growing threat of cyber attacks on business.

Founders of ThinkCyber, Tim Ward and Mike Butler, realised early on that the “threat” method of educating employees about the ever-increasing dangers of cyber fraud was not always the most effective, so they brought in an expert in psychology.

Tim explains: “Professor Pam Briggs at Northumbria University is a founder member of the UK’s Research Institute in the Science of CyberSecruity (RISCS). With her help and others, we devised ‘nudge’ software, which alerts computer users that they may be about to perform an action which could compromise security.”

The company has devised “Redflags” software, provided on subscription, which can be used to gently remind employees about a range of behaviours, for example the dangers of phishing when using email, use of the “blind” setting when sending emails to multiple addressees, or warning about checking what attachments they are sending to whom.

Tim demonstrates how the system works, sharing the Zoom screen and attempting to attach a document to an email. Immediately a red flag comes up, asking if this is what he intends to do. The “gentle nudge” in action. “We’d normally use this as part of a campaign to explain the issue, then encourage secure actions across two to three months, before turning to a new risky behaviour,” he explains.

Tim and Mike met when they were working for BAE Systems, then they went their separate ways and got back together when an idea began to form about where to go next. In the best entrepreneurial tradition, the final details of their joint venture were mapped out “over a drink after work”.

The two men started pitching for business and funding and one of their first customers was the Judge Business School in Cambridge where Tim completed a postgraduate course in entrepreneurship. This added to his Leeds University degree in computer science and his MBA from the Open University.

As the years have passed, Tim and Mike have invited other experts to join their team as advisers. Ex-CISO Robert Coles has more than 30 years’ experience in cybersecurity, Dr Jamie Graves is a security software entrepreneur and Mike Meredith has spent 25 years in business management.

90 per cent of all cyber breaches start with human error

Together they are developing ThinkCyber’s programs to stay ahead of the dark world of digital fraud, including being prepared to fight ransomware attacks.

Interestingly, Tim points out that it is not these high-profile incidents that cause most concern, but that “90 per cent of all cyber breaches start with human error”. With their “Redflags” software he believes “we can really target specific behaviours”.

Tim reveals the company is in trials with several “very large companies”, sharing also that Tesco Bank is a current customer. Other big deals should be ready by next year, if all goes according to plan, he says.

For the moment, he is spending the final weeks of lockdown with his wife and three children – sons aged 19 and 13 and a 17-year-old daughter. He also ruefully admits he has not continued his active efforts of 2020, when he ran every day – clocking up more than 1,000 miles and raising £2,700 for charity.

“I’ve become completely sofa-bound, I’m ashamed to say,” he says with a grin, although he admits he has been cleaning up a pond in the grounds of their converted barn in Cambridgeshire, ready for wild swimming by the family and his wife’s B&B guests, once the tourism sector opens again.

For more information on available properties:
01483 597 693 www.surrey-research-park.com

Tweets from @SEBmagazine