ECSC expects to treble revenue as top firms fight cyber threats
Cyber security firm ECSC is on track to more than treble revenues over the next two years as it continues to capitalise on the growing digital threat to blue-chip firms.
Chief executive Ian Mann told the Press Association that booming business will see staff numbers more than double to 200 by next year, with ECSC opening a new incident response centre in London to cope with growing demand.
"We weren't meeting demand last year, and there's a lot of demand out there. The proceeds from the initial public offering will be used to scale up and we're on track to meet our longer-term forecasts.
"We're opening an incident response centre in London that will enable us to get people on site quicker if there's an incident. At the moment, we have to shift equipment from Yorkshire," he said.
The Bradford-based firm is forecast to have pulled in £4.4 million in sales last year and is projected to see revenues swell to £15.5 million by 2019.
ECSC, which boasts clients such as Barclays, GCHQ and Holland & Barrett, listed on London's junior AIM market in December with a valuation of £15 million.
The group's services include instant response to hacking attacks, testing for threats and managing company security systems.
Several high-profile cyber incidents have hit the headlines over the past few years.
Telecoms giant TalkTalk was hit by what it described as a "significant and sustained" attack on its website in 2015.
Across the Atlantic, internet giant Yahoo suffered a data breach in September, impacting eight million UK user accounts and 500 million accounts globally.
But Mr Mann said that many firms, including TalkTalk, have only themselves to blame.
"If you look at TalkTalk, they were stupid, they dropped the ball, they weren't managing things at all and therefore you deserve to get hacked.
"Out-of-date software that they never updated, previous attacks that they'd done nothing about, they hadn't tested their software in any way. Most people get hacked because they're doing something stupid," he added.
But the cyber chief said that the popular image of highly intelligent cyber hackers operating with sophisticated computer systems is a "myth".
"We don't think hackers do anything sophisticated, it's a myth that they do anything special."
Next year Britain will be subject to an EU-wide directive - the General Data Protection Regulation - which Mr Mann says will intensify pressure on firms to up their cyber security game.
"The new regulation coming in will see firms fined up to 4% of their turnover if data is leaked as a result of a hack and they will legally have to report breaches within 72 hours, they can't keep things inside and cover things up. This is big change in our sector."
Business lobby group the Institute of Directors warned in December that a cyber attack will topple a major company in 2017 as the threat level is ramped up.
Mr Mann said: "I'm not sure about bringing down a firm. Usually the intention of a cyber attack is not to damage anything, it's to gain access and steal data.
"The ramifications of that could bring a firm down, but this could happen any time."