Interviews

Will this new technology guide SMEs out of the cyber-security darkness?

7 min read

13 February 2019

Features Editor, Real Business

Hacker threats are getting more sophisticated. But that doesn't mean that cyber-security solutions have to be difficult to implement or tricky to use, says tech entrepreneur Jonathan Craymer.

When many of us laymen think about the cyber-security industry, we picture an ecosystem that is both fascinating yet inherently complicated to understand.

Whilst cyber-security professionals are out there, using their degrees in computer-science and mathematics to fight off increasingly sophisticated cyber attacks, the rest of us are left feeling more in the dark about the issue than ever before.

Just how would those of us outside of the industry, with our limited understanding of hacker threats, protect our own valuable online information, and our businesses, in the process?

A culture of fear and ignorance has led to inaction

Added to this is the extra problem of some big consultancies, who, some smaller firms claim, have been taking a number of hacker-fearing businesses for a ride, and charging them big sums for rudimentary protection packages.

This has left a number of businesses none the wiser about how to actually prevent hacks from happening. Meaning that ignorance and fear about cyber-security, as well as over reliance on external actors for protection against threats, continues.

Shayype: A business that is cutting the issue down to size

Jonathan Craymer believes in the power of smarter passwords.

We meet with one cyber-security entrepreneur who says that smaller businesses, and SMEs in particular, shouldn’t fear hackers, nor their own basic knowledge of cyber-security. Say hello to Jonathan Craymer and his business, Shayype.

Real Business, (RB): What was it about the state of the cyber-security industry that inspired you to start Shayype?

Jonathan Craymer, (JC): We could see that SMEs had become hugely concerned about the risks of hackers breaking into their customers’ data, and the potential for literally going to the wall due to factors like massive GDPR-related fines, loss of confidence and trust. Another factor is a social one, namely the public disgrace of becoming yet another company which can’t keep its customers’ data safe.

RB: Give us three reasons why Shayype is the tool businesses need to use in 2019?

JC: 1) It’s easy to install: We’re offering a technology that, with a few lines of code, adds a security wrapper around existing online systems or applications, meaning there’s no need to ditch or re-write existing legacy systems.

2) It improves security: Once the wrapper is added, the application will never see the users’ credentials, meaning the user is isolated from the application and the application can’t be hacked using stolen or copied usernames and passwords.

3) It improves usability: Shayype creates the effect of carrying a key-fob, without the inconvenience of having something extra to carry;  the OTP is proof against shoulder-surfing and can’t be hacked, yet is more memorable than a fixed password.

RB: What about “biometrics”, such as fingerprints, facial recognition, voice prints etc. Weren’t those supposed to solve many of these security issues?

JC: Yes, but the problem is, fingerprints and the like can also be stolen and can’t be reset or changed. When did you last wipe a cup you used in a café? It’s covered in your prints. And what happens once a hacker has stolen something you’ve come to depend on, like your thumb? How will you feel knowing it’s in the hands of criminal gangs?

“This is exactly what happened to millions of US Government staff in 2015 where hackers stole up to 21.5m records from the Office of Personnel Management.”

This scandal included the theft of 5.6 million users’ fingerprints. As a result, many secret agents realised they were no longer secure even if working undercover with assumed names, as they could still be identified by their “dabs”.

RB: What is the solution you’ve come up with?

JC: Our ShayypeTM system literally gives you a code – or a “one-time password” (OTP) – on the screen in front of you, in a form only you can recognise. So, a customer doesn’t have to carry anything, yet they can log in anywhere in the world, but at the same time they have the comfort of knowing that the code they type in, even if captured and re-used immediately, is of no use to the hacker.

RB: The city of Peterborough, (where you’re based), has become something of a ‘tech hub’. Why do you think this is?

JC: Like many newly-expanded cities, Peterborough embraces technology and innovation and is also a great place to live and work, with excellent communications.

We also have an active development agency (Opportunity Peterborough) which had the foresight to award us a grant. This funding, in turn, came to OP via the Government’s Smart Cities Demonstrator Fund, which is another tremendous initiative.

RB: Do you think businesses across the sectors need to take a more proactive approach to their cyber-security issues?

JC: Definitely. Our basic proposition is that if you equip all your customers, staff, contractors etc with an OTP facility, you’ll at a stroke remove what is still one of the hacker’s favourite ways in. One question we like to ask is if you were travelling far away from home, everything got stolen and you had to ring a call centre for help, how would you authenticate yourself?

RB: Where else will Shayype fit in the technology of the future?

JC: The Internet of Things (IoT) badly needs something like this. Shayype we believe will be able to give connected devices one-time login codes, which will protect them from hacking – provided such devices have enough in-built intelligence. Also, blockchain. For instance, most cryptocurrency wallets we’ve seen are only protected by passwords. We can change that.