Plexal has supported the government as the UK has built a diverse and fast-growing cyber ecosystem. Now, the challenge is turning innovation into contracts, capability and national advantage. Here’s how we started and where we go now.
The arrival of the first computer virus in the seventies was designed to be experimental rather than harmful, yet the so-called ‘Creeper’ unlocked a world of technological possibilities.
Today, those possibilities have evolved into a complex, fast-moving threat landscape that demands constant innovation and rapid deployment across governments and industry through to SMEs and schools.
The 2026 Cyber Security Sectoral Analysis from the Department for Science, Innovation and Technology (DSIT) brought this into focus. The UK’s cyber security sector now employs almost 70,000 employees across more than 2,600 businesses, which are keeping the nation’s economy, infrastructure and people safe.
– “…helping DSIT move from strategy to real sustainable market action and growth”
But there’s no room for complacency. In June, the National Cyber Security Centre and Five Eyes cyber security agencies were forced to issue a joint call for organisations to act as AI rapidly transforms cyber risk.
“While Al will help us improve cyber defence over time, it also accelerates the speed, scale and sophistication of cyber threats,” their statement said. “Adversaries are already using AI to move faster and more effectively. Defenders must do the same.”
This accelerating threat landscape makes one thing clear: innovation alone isn’t enough – cyber solutions must be rapidly developed, deployed and adopted across the economy.
That’s why sustained cyber sector investment and clearer routes to market are critical.
Through Cyber Runway, we’ve shaped the next generation of cyber companies. Our aim is to ensure the UK has the capabilities to respond to emerging threats as they develop.
A quick scan of solutions from our recent Cyber Runway alumni demonstrates how far the landscape has changed from a time when antivirus software was once the be-all and end-all of the security scene.
On one hand, CloudPeek is delivering support for government, defence and critical infrastructure. Its agentic AI platform monitors an organisation’s systems to identify risks and recommends the most effective actions.
On the other, Goldilock’s FireBreak is a hardware tool that acts like a high-security network kill switch – cutting connections when activated so nothing can get in or out.
This is the tip of the innovation iceberg.
Almost exactly five years have passed since we welcomed Cyber Runway into the world, backed by the Department for Digital, Culture, Media and Sport (DCMS), prior to its eventual transformation into DSIT.
– 46% of all 107 member companies were female-led
Explaining our position, Monika Radclyffe, Senior Director of Programmes at Plexal, said: “Plexal combines policy, place and programme delivery, helping DSIT move from strategy to sustainable market action.
“We don’t just advise on cyber growth – we design and deliver national programmes that work in practice. This starts with identifying what CISOs, departments and regulated sectors need, then guiding SMEs to improve their solutions and access clear routes to procurement.”
The origin story
When entering new territory in 2021, the goal for Cyber Runway was clear. Plexal began accelerating growth of UK cyber entrepreneurs, startups and SMEs over six months, providing the means to scale solutions to key security challenges.
Aligned to the government’s £2.6bn National Cyber Strategy to protect and promote the UK online, our Cyber Runway objective was strengthening the country’s cyber security ecosystem, making it sustainable, innovative and internationally competitive.
– “This is a golden age for the UK cyber startup ecosystem”
Inclusivity was central to Cyber Runway’s design, spanning companies at Launch, Grow and Scale stages. We set clear targets to improve representation across gender, ethnicity and region – and exceeded them.
46% of all participating companies were female-led, 52% of founders were from black, Asian and minority ethnic backgrounds and 50% of participants were based outside South East England.
Beyond participation, we worked with founders to build more inclusive teams – addressing challenges such as unconscious bias and retention of under-represented groups. A more diverse ecosystem isn’t just more representative, it’s more innovative, resilient and better equipped to meet the UK’s evolving cyber security needs.
“This is a golden age for the UK cyber startup ecosystem,” said Plexal CEO Saj Huq when Cyber Runway launched. “Cyber startups are attracting record levels of investment and both the government and global tech giants are coming to British cyber companies to adopt emerging cyber technologies.
“The scale of Cyber Runway is testament to the enormous potential within the cyber startup community and will help stimulate the supply of innovative cyber solutions that will be needed by the economy and society.”
Laying a strong foundation for leadership
When our second year of Cyber Runway began in 2022, we introduced a new founder-focused programme stream – Ignite.
We provided leaders with six months of bespoke support comprising mentorship, deep-dive days, workshops, leadership coaching, retreats and introductions to industry and investors – reinforcing the skills required to lead the newfound growth of their businesses.
This was designed to offer a new approach to drive business, creating safe, purposeful forums where peers could articulate themselves during their efforts to access government and industry customers.
– “A safe space in a confidential environment”
Ignite was aligned to the wider Cyber Runway objective of strengthening the security ecosystem. We consistently built strong, lasting connections among cohorts of founders.
“The reality is the founder journey is lonely,” admitted Cristian Gherhes, CEO at Lexverify, an AI-powered assistant helping prevent cyber, compliance and legal risks on electronic communications in real time.

No stranger to Plexal programmes, Cristian was a member of NCSC For Startups and Cyber Runway Scale prior to joining Ignite. “With Cyber Runway Ignite, Plexal created a safe space in a confidential environment where everyone is facing similar issues in different ways, which revealed magic can happen.”
In early 2026, digital identity company Trust Stamp – alumnus of NCSC For Startups and CyberBoost Catalyse – acquired Lexverify “to create a world where secure, trusted identity is a universal human right.”
Trade mission tactics: Capitalising on connections
During years three and four of Cyber Runway, we led international trade missions to San Francisco and Helsinki – creating direct pathways for UK cyber SMEs to access investment and commercial partnerships.
At RSA Conference this translated directly into impact, with two delegates combining their solutions.
“We know our international trade missions are incredibly powerful, having seen two members of our Cyber Runway alumni community, APIContext and eXate, strike a strategic partnership on the back of us taking them to RSA,” said Diane Gilbert, Senior Innovation Lead for Programmes at Plexal.
This partnership is a clear example of the value created when we bring the right companies together in the right environments.
– “I’ve applied Cyber Runway’s connections, exposure, insights and advice to successfully raise £5m”
Having been through all streams – Launch, Grow, Scale and Ignite – Melissa Chambers, CEO at quantum-safe encryption company Sitehop, has shared the benefits of joining Cyber Runway.
In 2024, she said: “I’ve applied Cyber Runway’s connections, exposure, insights and advice to successfully raise £5m for Sitehop, which we’re using to fuel commercial growth, fulfil customer orders, develop the product roadmap and build our team locally as well as in markets including Brazil, North America and India.”
Following this in early 2025, Melissa declared: “Cyber Runway has been instrumental in opening opportunities for our company.” She highlighted our trade mission to startup conference Slush as her favourite programme moment, attending alongside other founders and Plexal staff, noting she “made a ton of contacts with potential investors.”
Towards the end of the year, we were delighted to see Sheffield-based Sitehop had secured another £7.5m to “build world-leading sovereign encryption capability right here in the UK, accelerating international expansion while keeping the UK at the forefront of cyber security innovation.”
Bridging UK cyber innovation and urgent CNI security needs
The biggest barrier facing cyber SMEs isn’t innovation – it’s access to customers.
Last year, we brought Cyber Runway back bigger than ever for the fifth edition. Just as we evolved with Ignite, changes to the cyber security landscape at large meant we expanded the programme to reflect this.
The NCSC Annual Review 2025 found ‘highly significant’ attacks had grown 50% – a stark moment for SMEs through to large critical national infrastructure (CNI) organisations to collectively take note.
Cyber Runway was being delivered during a pivotal period for the UK cyber ecosystem, marked by shifting government priorities, Cyber Security and Resilience Bill developments and an increasing focus on software and AI security standards.
In turn, we integrated DSIT’s updated policy and market priorities, including CNI, frontier AI impacts and the net zero and regional innovation agenda.
– “… finding a route to market – especially involving large firms – isn’t straightforward”
Cyber Runway CNI was launched in response to connect cyber SMEs and organisations in sectors such as energy, water, telecoms, transportation and data centres to identify urgent security needs. Cyber Runway NW Net Zero accompanied it to strengthen security of technologies linked to the green economy with a focus on the North West.
“At Plexal, we understand there’s an abundance of UK cyber businesses developing powerful solutions to combat online threats but finding a route to market – especially involving large firms – isn’t straightforward,” added Diane Gilbert at Plexal.
“We’re working together with cyber SMEs and critical operations to build sovereign cyber capability.”
– “We’ve closed hundreds of thousands of pounds in revenue and that’s because we’ve… really understood the problems [for] CNI customers”
Sharing his experience as one of the cyber SMEs able to deliver critical support, CloudPeek CEO Oliver Bridal, a Cyber Runway CNI alumnus, said: “At CloudPeek we’ve always known we wanted to target CNI customers but they’re very difficult to access. We knew by joining [Cyber Runway], we’d get direct insight and understand [the CNI stakeholder] problem set to speak to them directly.
“We’ve [since] closed hundreds of thousands of pounds in revenue and that’s because we’ve been able to communicate much better and really understood the problems that CNI customers in regulated industries are trying to solve.”
The next step of the journey – staying ahead of always-advancing digital threats
We’re incredibly proud of Cyber Runway. We’ve built a diverse community of 349 cohort members from cyber security companies across the UK. 34% have been female-led, 44% led by black, Asian and minority ethnic founders and 48% are based outside London.
Collectively, this group of innovators has raised over £200m of investment to level up their solutions and grow their businesses.
Cyber Runway Grow graduate Lloyd Davies, CEO and founder at Infrawatch, which provides real-time internet infrastructure intelligence, is among the companies to watch. The business revealed a £2.2m pre-seed investment in May – funding that’ll be used to expand engineering and research teams, accelerate platform development and enter the US. Lloyd explained the goal was “…to turn one of the most underutilised aspects of cyber security into a practical defence layer that empowers defenders to act earlier and stop threats before they reach their customers, users or systems.”
Grow peer, Harriet Farlow, CEO at Mileva Security Labs, helps prepare organisations for risks of adopting AI. Discussing her participation in Cyber Runway Grow, she said: “At the start of the programme I had a new product idea and as of last week we released that product and have paying customers. This programme has seen the entire journey.”
The ecosystem is in place. The outcomes are proven. The opportunity is here.
So, what comes next for founders like Harriet and Lloyd – and the sector as a whole?
The UK has the talent, innovation and ambition.
What it needs now is sustained investment and a stronger commitment from government and industry to buy from and scale cyber SMEs.
Encouragingly, early-stage cyber sector VC Osney Capital is among the investors recognising the market needs robust backing and “benefits enormously from specialist capital on the ground”. It secured a £60m seed fund in June 2026 which makes it “one of the largest debut seed funds in UK history”.
More than ever, connections must convert into real commercial pathways.
The next phase of UK cyber growth requires a shift from support to sustained demand.
Although Cyber Runway has concluded, its ambition continues through Plexal – driving cross-sector collaboration, innovation and real-world deployment to strengthen both the economy and national security.
In an increasingly volatile geopolitical landscape, that mission has never been more urgent.
What role will you play? Get in touch: [email protected]