British Patient Capital Commits $35m to Evolution Equity Partners to Invest in Growth Stage Cybersecurity Companies

· Commitment will provide capital to companies utilising big-data, machine learning, and AI to tackle increasing cybersecurity challenges
· Existing portfolio companies include UK based Quantexa, Panaseer, CounterCraft and Arqit

British Patient Capital has announced a $35m commitment to The Evolution Technology Fund II. The Fund is expected to achieve a targeted $250m final close in the coming months and is already investing in growing cybersecurity and enterprise software companies.

The surge in communications and the wholesale shift to operate businesses online have at the same time increased the risk of cyberattacks by an order of magnitude. They have also introduced a wide range of new risks. Organizations’ perimeter security is at risk of being breached. They need always-on surveillance and real-time risk analysis for breaches at both physical and digital entry points.

Evolution Equity Partners has been investing in cybersecurity companies over the past 20 years, building global leaders over several economic cycles, including to IPO. Their strategy targets companies that are making use of big-data, machine learning, artificial intelligence, and SaaS.

Fund II portfolio companies include Quantexa, a London based big data intelligence and risk analysis firm where Evolution led a £51m Series C funding, and Arqit, a London based cybersecurity company protecting against quantum cyber threats.

Judith Hartley, CEO, British Patient Capital said: “The growth in cyber is being driven by several factors including the move to virtual working and an increasing demand for secure and private systems for online transacting and communications. Evolution Equity Partners, with a team including former CEOs and CTOs of leading cybersecurity companies, are well placed to identify and back the scale-up businesses set to capitalise on this opportunity.

We have already worked closely with the Evolution team on one of our first co-investments – Quantexa – and I look forward to seeing how their portfolio develops as we work to achieve our vision for more home-grown fully funded companies to fulfil their potential to be players on the global stage.”

Richard Seewald, Founder & Managing Partner, Evolution Equity Partners said: “In the current environment, cybersecurity is a high priority for every organization. Increased risk to corporate ecosystems, rising geopolitical risk, and a realignment of budgetary spend towards advanced security issues are all expected to increase demand – this presents significant opportunity for next generation cybersecurity companies.

The UK is the largest, most concentrated and accessible cybersecurity market in Europe with over 1000 cybersecurity companies. It’s early growth and growth stage cybersecurity businesses are well positioned to benefit from the increased demand for cybersecurity, offering a solid pipeline for talent and investment.”

An Explosion of Cyber Risks in the Covid-19 Pandemic

Security and risk management leaders now must safeguard their companies on a massive scale, and quickly. They must ensure that their enterprises’ online services and digital platforms are resilient against cyberattacks.

The IT function is under tremendous pressure, too. In some firms, IT professionals must extend remote working capacity to employees who hadn’t worked from home in the past. In some cases, this includes their service partners. Many IT departments are in the middle of deploying new types of collaboration software. While that can be crucial to keeping employees synchronized (especially those working in agile teams), such software increases the risk of hacking sensitive data that now resides in less secure remote workplaces.

But it’s difficult for IT functions to say no to this. Company leaders, managers and their staffs need access to internal services and applications so they can conduct operations remotely. Since many companies haven’t made these applications and data available previously over the Internet or virtual private networks (VPN), security leaders are reluctant to allow access without stringent access mechanisms.

Understandably, very few organizations were prepared for their workforces to be working remotely in mass. They now realize that secure remote-access capacity and protected access to enterprise systems have become a major constraint.

Enforcing enterprise security policies and controls on the remote workforce is a difficult task. Most controls have limited scalability and require considerable time to deploy. We know of some businesses that have had to allow employees to use their personal digital devices to access enterprise applications without any mechanism for enforcing security controls. For most organizations, business continuation plans (BCP) and incident response plans (IRP) are inadequate or even non-existent for dealing with pandemics. Security leaders never anticipated or tested a BCP operation on such a scale.

Fraudsters are well aware that many companies and their employees have opened the door wide to hacking. Cybercriminals are using the heightened digital footprint and traffic to find vulnerabilities, or to siphon off money. They are launching Covid-19-themed attacks in the form of phishing emails with malicious attachments that drop malware to disrupt systems or steal data and credentials. Attackers are creating temporary websites or taking over vulnerable ones to host malicious code. They lure people to these sites and then drop malicious code on their digital devices. Fake websites have also been soliciting donations for daily wage earners through email links. Some Covid-19 patient count-status apps and links are laden with viruses and identity theft malware. Remote working tools such as videoconferencing systems have been hacked for vulnerabilities; recent examples on Zoom are alarming.