This article originallly published here:
https://www.gov.uk/government/news/first-rate-cyber-defence-at-the-flick-of-a-switch
First Rate Cyber Defence at the Flick of a Switch.
Goldilock’s innovative kill switch helps pull the plug on cyber attacks
Picture the scenario: It’s the dead of night and a remote site is under cyber-attack by an unknown assailant. The attack has the potential to spread from network to network, revealing critical information and disrupting operations - overcoming even the most advanced cybersecurity software.In a situation like this, the best course of action may be to physically pull the plug on the network to localise damage and stop the attack from spreading. However, this requires someone on site to take action and physically disconnect hardware, which isn’t always possible.Many organisations fear this scenario and the possibility of cyber-attacks, especially in the modern world, where systems are accessible online 24/7, regardless of whether they are needed or not. Unfortunately, this extended online availability also increases the risk of cyber-attacks as it creates more entry points for attackers to exploit.In areas such as Defence or critical national infrastructure, the consequences of cyber-attacks can ultimately cost lives, which highlights the need for reliable, hardware-based cyber defence.Introducing Goldilock: closing ports to thwart security breachesWith the help of DASA funding, Wolverhampton-based SME, Goldilock, has developed a hardware cyber-defence system that allows operators to physically connect or disconnect any network or device from a system – all from a remote location – and without relying on the internet or software protocols.The device is designed to operate as if there is someone present on location to unplug or connect a cable.The solution is called Drawbridge, which looks similar to a multi-port Ethernet network switch, although it is quite different. Drawbridge’s unique feature is that each fibre optic port in the circuit board is equipped with actuators, known as electromechanical relays, which can physically connect or disconnect network ports on-demand, via secure SMS with OTP or an out of bound secure browser interface (separate from the primary network).
Goldilock’s technology has a clear advantage over traditional software-based cybersecurity measures as it is hardware-based and self-contained – which means it does not rely on any external services to operate. It is virtually invulnerable to cyber-attacks as it lacks a MAC or IP address – unlike cyber defence software.
Goldilock, having previously created a comparable solution for commercial use in large data centres, engaged with DASA to address the need for a Layer 1 (physical) cyber defence solution that can be used in any environment, including defence.
In 2021, Goldilock submitted a compact version of their cyber defence system to the DASA Open Call, showing defence stakeholders that a hardware-based solution can provide effective first line cyber protection. Following their successful bid for DASA funding, Goldilock went on to develop an improved, more robust optical device in 2023, featuring fibre optic ports rather than copper ports, which delivered even better performance.
Goldilock is new unique tool reducing the cyber-attack surface for defence and critical national infrastructure protecting modern or legacy systems. Two funding rounds from the MoD enabled Goldilock to develop unique solutions for network cyber defence, allowing operators to remotely physically connect or disconnect any network or device. The Goldilock tech is particularly suited to bridging the OT/IT cyber gap and keeping systems on warm standby securely or operating as a network kill switch
DASA’s Innovation Outline process makes it possible for smaller and resource-strapped companies to get a fair hearing regarding their ideas, without chasing for weeks and months to see an outcome.
Having worked on applications for other UK-based and EU grant options, you are typically required to provide a level of granularity regarding reporting that many start-ups do not have the resources to provide.
The information required for some of these applications consumes a significant amount of time and scarce resources, all the while, uncertainty remains about the likelihood of receiving a grant.
On the other hand, the Regional Innovation Partner approach by DASA, which is exceptionally accessible, allows any start-up to “Fail Fast” if that is the inevitable outcome.
Goldilock has made remarkable progress with the support of DASA, taking the project from concept to market-ready product. Goldilock’s participation in the 2023 Investment Showcase, along with other DASA-funded innovators, is a testament to this progress. During the event, Goldilock benefited from DASA’s Access to Mentoring and Finance (A2MF) team, which conducted workshops to improve presentation content and pitch decks. This allowed the SME to refine their pitch to potential investors.
Goldilock’s recent funding from DASA has generated attention from commercial organisations, various branches of the MOD, US DoD, Cabinet Office, NATO, and Ukrainian Cyber Command, where the innovative technology is being utilised. Furthermore, Goldilock was recently selected for the Energy Resilience focus area within the 2023 NATO DIANA Pilot Challenge programme, which invited innovators to suggest dual-use technology solutions that could support microgrids in challenging situations like natural disasters or conflicts. This milestone is a significant achievement for the company.