DIT Press Release: UK agrees historic digital trade deal with Singapore

 
 

There has been a historic digital trade deal established between the UK and Singapore on the 9th December 2021. A press release about the Digital Economy Agreement has been given by the UK Government Department for International Trade (DIT). The press release summary reads:

  • International Trade Secretary secures agreement in principle on a digital trade deal with Singapore

  • The Digital Economy Agreement - the world’s most comprehensive digital trade agreement - will capitalise on our strengths as the world’s second largest services exporter and leading digital hub

  • More opportunities for UK firms to target advanced, tech savvy and rapidly expanding markets in Asia

A full press release is available in PDF here, or on the Department for International Trade site here.

 
Department for International Trade (logo)
 


Awen Collective is featured twice in the Press Release, alongside other great British companies:

“A third of our exports to Singapore are already digitally delivered, including in finance, advertising and engineering, and this deal will create new opportunities to expand digital trade. Services companies will be the big winners, from financial and telecoms giants like Standard Chartered or BT Group to software companies like Wales-based Awen Collective.”

and

“The deal establishes a new partnership with Singapore to build ever-stronger cybersecurity defences against attacks by private operators or hostile states, which are a growing threat to individuals and businesses. Companies like Coventry’s CyberOwl and Caerphilly-based Awen Collective have set up in Singapore and are poised to be at the forefront of protecting critical national infrastructure and businesses against cyber risks, fraud, money laundering, terrorism funding and organised crime”

CEO & Cofounder of Awen Collective, Daniel Lewis said:

“The cyber security of our critical national infrastructures such as energy, water, transportation, smart cities and other industrial sectors is a key concern for the UK Government, Singapore Government and many other governments around the world. This agreement takes us a step closer to building more secure and more resilient societies, and Awen Collective is very proud to be part of the solution. We will be taking full advantage of the benefits that the agreement brings, and look forward to working collaboratively with our Singaporean friends going forward.”


Awen Collective is an Industrial Cyber Security Software company whose mission is to make society safer by reducing cyber risks within the sectors on which we rely daily. Awen has two products: Profile, an industrial cyber security compliance system, and Dot, an Operational Technology asset and vulnerability discovery system. Awen Collective was founded in Wales in 2017, and is a registered company in England & Wales with a wholly-owned subsidiary in the Netherlands. An ecosystem of Awen partners assist in international operations, including in Singapore and across Asia Pacific. For further details please visit: https://www.awencollective.com/

Welsh industrial cyber security company opens Dutch subsidiary

Photo by ruddy.media

Industrial cyber security software company, Awen Collective Ltd, has opened a wholly-owned Dutch subsidiary giving the ability to help critical national infrastructure, smart city and manufacturing organisations across the Netherlands become more cyber resilient.

Awen Collective CEO & Founder, Daniel Lewis says: “the creation of the subsidiary is a strategic decision which enables Awen to more easily reach new markets with the help of our investors and partners based in the country. We have registered the subsidiary in one of the international security hubs — The Hague — and are excited to use this as a launchpad for our international growth.”

The Netherlands, and The Hague in particular, were chosen for several reasons:

  • Ease of doing business in The Netherlands

  • The strong industrial sector

  • The innovative spirit, and in particular strong desire to progress in Industry 4.0, Smart Cities and AgriTech

  • The rapidly growing security community in The Hague

  • The English language is widely spoken

  • Geographic closeness to the UK

  • One of the international hubs to the rest of the world

  • Relationship with the rest of the European Union, particularly the other countries in the BeNeLux and Schengen areas

  • Support from investors.

Awen's CTO and fellow cofounder, Jules Farrow, says: “we're delighted to be putting down international roots at Awen Collective to enable us to work freely and easily with our friends in Europe. The opportunities this opens up for us for both research and development, and continued business expansion are significant. The Netherlands makes the perfect EU-base for Awen.”

Photo by Alexander

The Netherlands is the perfect next step for Awen, as Awen’s Head of Partnership, James Sandrone, suggests: “The Dutch business culture and the Awen culture are so similar: open and honest, where relationships and trust are key!“

CEO Daniel continues “This is just the beginning of exciting international growth for Awen Collective.”



Awen Collective

Awen Collective has the mission to reduce the cyber risk and increase the resiliency of the industrial sectors which societies rely on daily. Critical national infrastructure sectors such as energy, water, transportation and Smart Cities, as well as other industrial sectors such as manufacturing and warehousing are under increasing threat from cyber attack. Awen Collectives innovative cyber security software was built specifically with industrial engineering processes in mind, and is tailored specifically to the unique requirements of Operational Technologies (OT) and Industrial Internet of Things (IIoT). Awen Collective was founded in 2017, has it’s headquarters in Caerphilly in Wales (UK) and a subsidiary office in The Hague in the Netherlands.



A note of thanks

Team Awen would like to send out a special thanks TIIN Capital, InnovationQuarter, the Security Delta and the British Embassy in The Hague for their assistance in exploring the market in the Netherlands. Thanks also to Goossens Notary for their help in registering the B.V. subsidiary.

Introducing Ethan Cotterell

We continue to grow here at Awen Collective. People are behind great business, and this is why we often post profiles of our team members. Every member of the team puts in effort that makes Awen great, and so they should (and do) get recognition for this.

Today we introduce Ethan Cotterell, who has joined the tech division at Awen. Read on to discover more about Ethan.

Welcome to the team Ethan!

Hi, my name is Ethan Cotterell. I am joining Awen as a graduate software developer after completing a computer science BSc and MSc at Lancaster University.

 
 

I enjoy experimenting with open source software and hosting different applications, with the goal of being in control of all my data. As a part this, I manage a small home lab where I test these services out and create scripts to automate everything I can. I'm looking forward to being able to apply these skills at Awen to help build something great!

When I'm not playing around with technology, I am an avid badminton player and also go on the occasional run to help keep me fit. Good quality coffee is a must, so my trusty Aeropress comes with me wherever I go.

Awen Collective & Arcanum Cyber Security Relaunch Cyber Wales Operational Technology Cluster

Awen Collective and Arcanum Cyber Security have joined forces to relaunch the Cyber Wales Operational Technology Cluster - cluster managers Jules (CTO at Awen Collective) and Marie (Sales & Marketing Manager at Arcanum) will be welcoming anyone with an interest in OT Cyber Security to join them on the 30th November at 2-4pm.

The aim of this Cluster is to provide a platform to share intelligence and explore ideas on the specific cyber security challenges being faced by organisations working in Operational Technology (OT), Critical National Infrastructure (CNI) and Industrial Control Systems (ICS).

For our first meeting, our two speakers, Kat Abercrombie (Senior Pen-Tester at Arcanum Cyber) and Jules Farrow (CTO at Awen Collective) will introduce topics on the difference between IT and OT and why each needs its own security focus, and why asset and vulnerability discovery is vital to producing an effective OT cyber security programme. We'd also love to hear from you - a brief introduction on who you are, your interest in OT cyber, and what future topics we can focus on within our OT cluster meetings.

If you work in, or have an interest in, cyber security in the industrial sectors then we'd love for you to join us.

This event will be hosted by the wonderfully accommodating University of South Wales National Cyber Security Academy at their Newport City Campus and simultaneously virtually via Zoom. If you can't join us in person, we'd still love for you to join via Zoom where you'll be just as much part of the action (although you will need to provide your own Welsh Cakes!).

Arcanum is a NCSC Certified Cyber Security Consultancy, supporting clients across multiple sectors, ranging from CNI, Manufacturing and Defence to SMEs. Marie Caruso, Sales & Marketing Manager at Arcanum is a manager of the OT Cluster at Cyber Wales.

Awen Collective makes society safer by reducing the impact of cyber attacks on the services we all rely upon on a daily basis through innovative software solutions tailored for OT organisations across CNI, Manufacturing, Defence and Smart Cities. Jules Farrow, CTO at Awen Collective is a manager of the OT Cluster at Cyber Wales.

,

Resiliency: Cyber & Net Zero

,

This post has been written by Awen Collective CEO & Founder, Daniel Lewis.

I've been thinking a lot about the concept of resiliency, and in particular cyber resiliency and ecological resiliency (by achieving net zero). Can we draw parallels? Can we learn from each other?

What is “cyber resiliency”?

Cyber resiliency, I would say, is ensuring that systems are prepared for a potential cyber attack. This includes thinking about:

  • What do you do if something goes wrong?

  • Do you have mitigations and contingencies to ensure continuous operations?

  • Do you have processes and resources in place to not only react but also be able to best learn from what might have gone wrong?

What is "ecological resiliency"?

There is a lot of talk at the time of writing about humanity's and the Earth's resiliency in regard to the impact of climate change. The goal is to achieve Net Zero (the balance of carbon produced and removed from the atmosphere), which in turn should reduce existential risk caused by human-driven climate change. So the resiliency aspect includes the societal changes required to work towards Net Zero.

Are there similarities? Could we learn from each other?

In order for any resiliency to be most effective it requires efforts from multiple directions:

  • People - ultimately, we are all in this together. Every single one of us needs to know that we (as individuals and as a society/community) are susceptible to cyber attacks, and to the impact of climate change. We therefore need to be doing our bit where we can: e.g. having good password hygiene, using two-factor/multi-factor, keeping our systems up to date, using antivirus, looking out for nefarious activity in the physical or cyber world, etc. E.g. recycling, reducing waste, choosing a renewable energy supply, reducing air travel, considering electric vehicles and public transport.

  • Technological advancements - doing realistic and effective R&D - getting both the quick wins (e.g. updating and upgrading protection - antivirus or intrusion detection system. e.g. increasing energy efficiency through hybrid energy sources), and the longer term plans (e.g. carbon scrubbing, developing new alternative energy sources).

  • Government response - the "carrot and stick approach" - but I would say that the "carrot" is going to be much more effective from a widespread perspective than the "stick" (and many situations) because we need governmental support to do realistic research, improve the current state of affairs, and work towards the best possible outcome with good and clear guidance. Subsidies and grants work best if not only do they give instant relief, but are then coupled with short and long term hands-on support and guidance. This goes to both cyber security/resilience and Net Zero efforts.

  • Opportunities through standardisation - despite the complaints people have about complying to standards, and other complaints about compliance not being the end goal, it can be an opportunity having standardisation. For example, if a tendering & procurement process for an organisation includes the requirement for (or even just favours) suppliers to have a particular standard, then that prompts the supplier market to do better. Standards need to evolve over time, and be feasible to not only large enterprises but smaller ones too. Examples in cyber security include ISO 27001 and IEC 62443, and examples in the eco-friendly business world are many and varied - ISO have 14001, but there are sector and application specific standards such as LEED and Energy Star.

No doubt that there are other options too. These are just some thoughts about the parallels and what we might be able to do about the resilience of it all. If you have any thoughts on the subject, it would be great to hear from you.

On Friday 5th November 2021, in my capacity as the CEO and a founder of Awen Collective, I pitched Awen Collective (alongside other British and Brazilian businesses) at COP-26 as part of a Connected Places Catapult virtual event where I highlighted that cyber security is important to be included in smart city, industry 4.0 and Net Zero initiatives. Please do go download the Business Portfolio brochure of companies, including Awen Collective, from the CPC UK - Latin America Net Zero Solutions website. We are also now members of the Connected Places Catapult.

Secure Supply Chains

This blog post is written by Awen Collective Founder & CEO, Daniel Lewis.

Let’s talk about “Secure Supply Chains,” or “Supply Chain Security.” Every single organisation, whether that is private or public sector, is very much reliant on the services and products that are supplied and maintained by third parties. It therefore makes sense that there is a direct relationship between the operational resiliency of a business, and the resiliency of the supply chain.

boris-dunand-Wa9ibpKst3I-unsplash.jpg

This is particularly clear at the moment. We, as members of society, go to various shops (or get deliveries) for our daily and weekly food needs. However, right now, here in the UK at least, we see patches of empty shelves in supermarkets and random things not available on our favoured online supermarket. This is due to the supply of those products to the shop. Various factors could be causing this in the UK – most likely it is related to the COVID pandemic, or it could be as lingering after-effects of Brexit, or it could be a combination of both. The supply chain for food products to the consumer shops is long, and most likely more like a complex network than a simple series. You think about packaged bread – you’ve got the packaging, and you’ve got the bread itself. In the supply chain, the bread will include all the ingredients: yeast, water and even the flour. These individual ingredients will all have their own chain. All of those elements may be produced, supplied and distributed by different organisations. If one of those points gets disrupted, then the rest of the chain could also get disrupted.

Supply chain security is about doing what we can to decrease the risk of disruption to the supply of products and services along a chain (or in a network). This not only includes the obvious manufactured produce that we think about in shops, but also includes things like energy, water, transportation, our local councils and governments, our defence and police services, and our health care. It also includes the economy built upon finance and digital technologies.

It's very true that the world has been through quite significant transformation over the last 30, 50 and 100 years. Digital transformation is increasingly a part of that. Digital technologies now make the supply of goods and services a lot quicker, cheaper and more varied. However, it also opens up the supply chain to new vulnerabilities - cyber vulnerabilities. Cyber security within supply chains is now crucial. So much so that many governments, including the UK, have undergone open calls for views on supply chain cyber security (e.g. Call for views on cyber security in supply chains and managed service providers, published 17 May 2021).

So the question stands, what can an organisation do to ensure the cyber resiliency of the supply chain? Here are some thoughts on how we can collectively do our bit to increase the resiliency of the network, in some kind of order:

Cyber Essentials

Here in the UK we have something called CyberEssentials, this is a very good and not particularly expensive checklist of simple cyber security things for an organisation to have in place. It is worth spending a little more to be independently audited, and you will be awarded with a CyberEssentials+ certificate. This will give some assurance that you have achieved at least a baseline of cyber security, and should give some assurance to the people or organisations to which you provide.

Standards for partners

Next, promote and perhaps even require that your suppliers have at least CyberEssentials+. This could be incorporated into procurement processes as part of other required criteria.

International standard ISO 27001

Next, we would recommend that organisations look at an international standard called ISO 27001. An organisation which is audited against this standard has, in place, an “Information Security Management System.” It is, once again, a baseline and we should never confuse compliance-driven cyber security with real ongoing cyber security management and maintenance! Please note that ISO 27001 is not simple to put together, and it is a real achievement to establish it and keep it going. Once achieved, I would then promote ISO 27001 to my suppliers, and perhaps favour those who have it.

Cyber Assessment Framework (CAF)

Next, for those in the UK industrial sectors and perhaps also worldwide, to look at the Cyber Assessment Framework (CAF) which was created by the UK National Cyber Security Centre (NCSC). This is a framework of good practice that every critical national infrastructure organisation (and their suppliers!) should be checking themselves against, and improving upon. It was made specifically in response to the implementation of the UK & EU wide NIS Directive.

Operational Technologies and IEC 62443

Next, for those in the industrial sectors, worldwide, I would thoroughly recommend turning your attention to your Operational Technologies (OT). This includes Industrial Automation & Control Systems (ICS/IACS), SCADA and Industrial IoT (IIoT) systems. An up-and-coming cyber security standard for this is called IEC 62443. Once again, it’s a fairly big standard with different options for different types of organisation. Once achieved, I would then promote IEC 62443 to my suppliers, and favour those who have it.

network-hardware-inspection-NSPRULZ.jpg

Each standard and framework should nudge an organisation in the right direction. The trick will then be to maintain it, so regular independent auditing will be required. There is no hiding the fact that this will take time, and money, and effort but the Return on Investment is much more than just decreasing the risk and increasing the resilience. Gaining these certifications gives an organisation competitive advantage, as those with these certifications or frameworks in place will be chosen above others as they will be seen as the less risky option. Organisations with these certifications, in theory, should also require less general maintenance as they recommend using particular network structures and monitoring processes.

Where does Awen fit in?

We make it easier across the whole industrial cyber security process, and can be employed as the first step. With Profile you ensure that you’re working to best cyber security practice as outlined in the Cyber Assessment Framework (CAF). With Dot you will discover all of the devices on your industrial Operational Technology (OT) systems, and you will get actionable intelligence on how to improve your cyber resiliency and decrease your cyber risks. Both products, Profile and Dot, will help in the journey towards getting accreditation in CyberEssentials+, the CAF, ISO 27001 and IEC 62443. Both products will also help to reduce the risk.

It's up to every single one of us to ensure resiliency. Contact us if you need some guidance!

Introducing Abinash N Ramesh

As a result of our continued success here at Awen Collective, three new team members joined us in June 2021: Abinash, Nimal and Tom.

Read on to discover more about Abinash. Profiles for Tom and Nimal have already been published.

Welcome to the team Abinash!

 
Image from iOS (1).jpg
 

Hi there, my name is Abinash. I am currently a placement student here at Awen and will be returning to complete my BSc in Computer Science at Cardiff University next year.

I enjoy developing software and tinkering with open source projects (but I'm not ready to make contributions just yet). As this is my first full-time job in tech, I'm excited to learn about what it's like to be a full-time software developer - so far it's pretty great.

When I have a moment to myself, and weather permitting, I enjoy taking a stroll around my neighbourhood. If the weather isn't great, I usually stream Dota 2 or Rainbow Six on Twitch or binge Netflix if I'm extra lazy. I am looking forward to the next 12 months, working at Awen on some exciting projects with wonderful people!

Introducing Nimal Manivannan

As a result of our continued success here at Awen Collective, three new team members joined us in June 2021: Abinash, Nimal and Tom.

Read on to discover more about Nimal. A profile for Tom has already been published, and one for Abinash will follow in the coming days, so check back soon!

Welcome to the team Nimal!

 
nimal.jpg
 

I’m Nimal and I am new to the cybersecurity world having studied Economics & Finance previously and worked in various finance roles in the private and public sector.

I decided to change careers after working in technology in the audio-visual industry so I pursued the MSc Computing at Cardiff University and have now joined Awen Collective on the university placement student scheme.I’m looking forward to applying both my previous financial experience and learning new technical skills in the industrial cybersecurity world.

In my spare time I like to keep fit by setting myself various endurance challenges every year in the gym, on the rowing machine or in the current environment – running. I am also trying to get through as many audiobooks as possible whilst I complete my latest challenge – 1000 miles of running in a year!