Uniform thinking
Veterans joining forces to be the secret weapon in cyber war
David Atkinson, the chief executive of one of Britain’s most promising cybersecurity start-ups, has his back to the wall when we meet in a trendy west London café. It’s a habit that is “hammered into you” when being taught surveillance tactics in the military, he says.
“All I wanted to be since I was a little boy was just to be a soldier,” he adds. “There’s nothing I loved more than just lying in a hole, watching a target for days on end.”
Atkinson, founder of London-based Senseon, has now swapped his military uniform for casual jeans and a shirt.
And instead of fighting on the battlefield, he has moved his tactics into the digital arena, fighting criminals in cyber space – something he learnt to do in the Army.
“I was hit with shrapnel in Iraq and I was shot during a hostage rescue,” he says. “It was at that point when I thought ‘Maybe there’s a better way to do this.’”
Atkinson began experimenting with digital tools that could give the military an upper hand in special forces missions.
“People would come into the office in the morning and my face would be on my keyboard. I’d been up all night,” Atkinson recalls.
“The thing that was forcing this deeply technical information into my head was ‘there’s someone handcuffed to a radiator somewhere and we’ve got to find him’.”
Atkinson left the military after he
was promoted to an officer and encouraged to broaden his skills beyond technology. He began working at cybersecurity firm Darktrace for more than two years before setting up Senseon in 2017.
His business uses automated techniques to spot hackers as they attempt to break into networks, essentially using machines to emulate how humans try to protect a network.
Atkinson’s story may sound extraordinary, but he is just one of many former military servicemen and women moving from the armed forces into the world of private cybersecurity firms.
Cybersecurity is becoming increasingly vital for businesses as they are becoming more concerned that cyber attacks could knock their networks offline, or could lead to hackers stealing valuable files.
Gartner estimates that the global market for cybersecurity will grow by 8.7pc to $124bn (£98bn) this year.
Joe, a former soldier who served in the Royal Marines for 10 years, decided to leave the military in 2012, and worked in close protection and maritime security fending off pirates for more than a year.
He eventually decided to begin studying for a cybersecurity degree at a British university. It was a full-time course, but Joe couldn’t afford to sit in a classroom every day.
He had a family and a house to pay for, so he carried on working in private security overseas.
“I used to get off a ship or finish as a security detail and go into a hotel or villa. I would then watch that week’s worth of content and do the coursework,” he recalls.
He arranged for lectures to be recorded and sent to him, and set up Skype video calls with lecturers so that he could keep up with the course. “That was the way it had to be done for me – it was just the only plausible way.”
Joe returned to the UK and completed his degree, and now works for a cybersecurity firm in London.
Businesses have learned that veterans and artificial intelligence can help them gain the upper hand against hackers – but it’s a tough job.
The pressure of fighting night and day to keep hackers out of networks can become too much for cybersecurity professionals, and many people in the industry are now starting to talk more openly about the issue of burnout.
It’s one problem that Joe says veterans are able to avoid. “Military folk are used to working in hard situations and going above and beyond and putting that little bit of extra effort in,” he says. Automated software like Senseon is also increasingly attractive to firms seeking to avoid overwhelming their security teams.
There are also key aspects of military training which can come in handy when working in cybersecurity, far from the battlefield.
One concept well-known to veterans is commander’s intent: the vital objective in a mission that overrides any secondary goals.
“You always say ‘Our mission is to save the lives of the hostages’ and you say it twice to really re-emphasise it,” Atkinson says.
The same method can come in handy when protecting computer networks. If a security team knows that their key objective is to keep a crucial server online, then they can call on their military training to focus on the tasks specific to that goal.
This training has led to a wave of veterans joining or starting cybersecurity firms in the UK.
Robert Bassett Cross, a former army officer and special operations expert, has founded Adarga, an artificial intelligence firm that helps intelligence agencies crunch vast amounts of data.
And James Hadley, a former security researcher at spy agency GCHQ who joined aged 18, now runs Immersive Labs, a training firm for cybersecurity which uses practical online tasks to teach people skills, rather than traditional classroom courses.
Digital Shadows, a British cybersecurity firm, says it currently employs 14 people with a military background.
Many veterans rely on their military networks to help them find jobs after they transition to civilian life.
Others use their networks to reconnect with senior military figures.
Robert Hannigan, the former director of GCHQ, is now an adviser to Immersive Labs, for example.
These networks can help veterans overcome unfamiliarity with the business world.
Creating a company and finding employees and an office was “a completely new and very daunting but also exciting experience”, Hadley says. His firm announced in January that it had raised $8m (£6.3m) in funding from Goldman Sachs and other investors.
But not every veteran leaves the
‘There’s nothing I loved more than just lying in a hole, watching a target for days on end’
‘Military folk are used to working in hard situations and putting that little bit of extra effort into everything’
armed forces with a network they can use to jump from military to civilian life.
Many, like Joe, have been left to retrain on their own.
It’s a problem that Techvets, a London-headquartered non-profit organisation, is trying to solve. It holds regular events across the UK and has released an app which helps veterans learn cybersecurity skills and network to find jobs.
Ben Brabyn, the head of the Level39 co-working space in Canary Wharf and a former officer in the Royal Marines, gave the organisation use of his offices for their launch.
“We were expecting about 50 or 60 people,” says Mark Milton, one of the organisation’s founders. “Now we know it’s been a good event when we break fire regulations.”
Like Joe, veterans often cannot commit to full-time training courses. Hadley’s company Immersive Labs has donated online training courses to Techvets, which help veterans learn cybersecurity skills in preparation for finding a new job.
Joe is also actively involved in Techvets, and helps to advise other veterans. He says his involvement helps to give him a sense of purpose similar to what he experienced in the Royal Marines.
“There has to be another purpose, otherwise civilian life would be quite flat for someone who has had that excitement.”
It’s unlikely that the wave of people moving from the military to cybersecurity will stop any time soon, say many people in the industry.
It’s a trend welcomed by firms looking to hire cybersecurity professionals, as well as the government, which often ends up giving private cybersecurity businesses contracts to keep crucial systems secure.
But it’s not welcomed by the hackers themselves who are facing stronger defences than ever before.