© Dreamstime

For cyber security companies, this week provided a boost. Following an exposé from WikiLeaks, it was revealed that the US Central Intelligence Agency and Britain’s MI5 had built an arsenal of tools to exploit holes in ordinary citizens’ devices including iPhones, Android smartphones and Samsung smart TVs.

If these holes exist, governments are not the only ones targeting them — hackers will be equally wise. And if companies such as Apple and Google have chinks in their devices, other companies may decide to take a closer look at their own defences.

Next year, Britain will be subject to an EU-wide directive that will fine companies 4 per cent of their turnover if their data are hacked, stepping up the pressure to tighten cyber security. Reflecting this trend, many UK cyber security groups, such as the recently listed ECSC and Blancco, have benefited from rapid growth in the past year. But for others, such as the NCC Group, recent months have been more challenging.


Bradford-based ECSC helps customers to shore up their cyber defences. It counts 10 per cent of the FTSE 100 as customers, including Barclays, as well as government agencies such as UK intelligence service GCHQ.

With the acceleration of cyber threats worldwide, including recent hacks on TalkTalk and Yahoo, ECSC chose to list on London’s Aim in December 2016. The company raised £5m at 167p per share and had a market capitalisation of £15m upon admission. Since then, its shares have steadily risen above its float price.

ECSC, founded 16 years ago, provides responses to unexpected cyber incidents, such as hacks and leaks, reviews the cyber security of client organisations and provides “technical penetration testing” — or simulated attacks — to see how far hackers would get in a system.

The group recorded 15 years of consistent profit growth before listing. It will be announcing its results for the 15 months to December 31 2016 later this month and is forecast to have made £4.4m of revenue. The company expects to treble revenues to £15.5m by 2019.

Its share price has risen to 258p, 54 per cent higher than the float price of 167p, putting its market cap at £24.5m.


Blancco is not a traditional cyber defence company, but provides an unusual security service: secure data erasure. This means the company sells software that can destroy all electronic data on devices including hard drives and mobile phones without physically destroying the device itself. Its product ensures that deleted data cannot be recovered even by experienced hackers.

While data erasure is still a nascent industry, its importance is growing rapidly in light of large-scale data theft at corporations such as Vodafone, TalkTalk and Ashley Madison. The market is estimated to be worth roughly $2bn a year.

Blancco’s customers include global security agencies such as Nato, the US Department of Defense and companies such as eBay.

The company’s revenues of £22.4m were up 49 per cent year on year for 2016 and it expects similar growth this year. It narrowed its operating loss from £1.6 to £400,000.

Growth should be driven by regulatory changes, including EU rules that come into force in Europe next year and will fine companies that do not protect and dispose of sensitive data properly.

Blancco’s shares closed the week at 290p per share — almost a third higher than a year ago.

NCC Group

Manchester-based NCC Group has weathered a rough few months, despite its dominant position in the UK cyber assurance market, which tests cyber defences. Its market capitalisation reached £1bn in March 2016 and it entered the FTSE 250. Since then it has lost almost three quarters of its value.

Last week, the group’s chief executive Rob Cotton stepped down with immediate effect a week after a profit warning that caused the company’s share price to fall by almost a third. He will be replaced temporarily by Brian Tenner, chief financial officer, who only arrived on February 1.

NCC’s assurance arm counts most of the FTSE 100, many Fortune 500 companies and the British government among its customers.

The company warned that earnings before interest, tax, depreciation and amortisation would be 20 per cent lower than the bottom of its previous forecast range of £45.5m-£47.5m after a disappointing third-quarter performance. It expected a reduction in sales and profitability in the UK, mainland Europe and North America.

Oliver Knott, an analyst at N+1 Singer, which downgraded its recommendation on the company from buy to hold in February, said: “The company has grown very fast through a mixture of organic and acquisitive growth, and maybe the back offices are not joined up enough.”

NCC shares ended the week at 110.5p, close to its all-time low after its profit warning in February.

Get alerts on Cyber Security when a new story is published

Copyright The Financial Times Limited 2019. All rights reserved.
Reuse this content (opens in new window)

Follow the topics in this article