Expert comment on the global ransomware cyber-attack

If you are looking for expert comment on the global ransomware cyber-attack Mark Skilton, of Warwick Business School, researches cyber security and is author of Building Digital Ecosystems with a new book, The Fourth Industrial Revolution, soon to be published. He is a Professor of Practice in the Information Systems & Management group.

Mark Skilton said: “This attack has shown there needs to be a ‘cyber police force’ at a global level to help manage these escalating threats with the right level of specialist skills, and not just vendors sorting it out for themselves.

“With Microsoft, as well as many other vendors and cyber response agencies, citing a 75% increase in user expectation to be cyber-attacked in the next 12 months, this attack has just gone to the ‘next level’.

“Ransomware is the third generation next development after Denial of Service (DOS) and data breach theft, to not only enter computers, but inflict psychological and financial loss at the same time.

“My research has found a need for a global legal system to govern the internet as its activity is unseen and spreads across geographic and commercial jurisdictions. While we all carry the liability, we have little protection to tackle what is now open full scale war with the criminals.

“Microsoft is right to call for a ‘Digital Geneva convention of rights’; the risk and impact of cyber weapons can do the same or more harm than physical weapons. It can indirectly kill patients, change traffic controls, alter car onboard steering systems, change election outcomes and more.

“With the rapid rise of the connected digital society with wearables, automated travel and your privacy and life in full digital view security a huge problem.

“Governing the digital world is much harder as the identity of people and things is obfuscated, partly due to the paradox of the need for privacy, but also from the nature of digital data that is re-coded, redactable and transmutable.

“The current threats mean that general users and companies can not protect themselves. Just doing perimeter security does not work as this ransomware has shown. Plus, it can get through networks as a “worm” technology.”



The Government is desperate to invest in your business- Yes, Seriously!!

Stephen Sacks, Founder,
Funding Nav,

Companies in our industry which invest in Research and Development (R+D) are evidently valued by government as demonstrated within the recent Industrial Strategy Green Paper. The government already provides tax credits to companies which spend on research and development to aid innovation within the UK. In the recent budget it was stated that government will put forward initiatives to increase the simplicity around claims and will also improve the awareness of the R&D tax credits scheme.

The important questions here are why would the government provide tax relief to businesses who are innovating and how can this aid you as business?

Benefits of Research and Development

We all know that innovation in industry can save manufacturing time and money and many of the products designed can help other businesses operate more effectively. A good example of this would be virtually any incorporated business that either owns or is developing any of its own products since these have probably been subject to research and development and therefore they are absolutely qualified to make legitimate claims under the tax legislation.

The government are obviously mindful of the potential disruption to the economy that Brexit will bring and they are keen to build the high value IP based assets that will create the value for the economy that will increase our financial performance as a country. Recent numbers bear this out as they indicate that for every pound the government gives companies in R&D tax reclaims it ultimately collects six pounds of taxation.

Currently the scheme is partially funded by Brussels which means that every pound not claimed by British researchers is a pound more that the UK pays to the EU to fund our European competitors. Strangely the government aren’t enormously keen on supporting research in other EU countries at the expense of our own industry. (Patently we never really got the whole European thing!)

These drivers will ensure that this scheme will most probably remain central to governments tax strategy both pre and post Brexit.

How can this help you as a business?

One thing is for certain, research and development can be extremely expensive and hard to budget for. Exploring new waters is a risk in itself and entrepreneurs may be hesitant to invest so much in R&D with the fear they may not get a profitable result. If you feel as though your business can be driven forward by research and development, then it may be worth contacting a R&D tax specialist to see if you are eligible for this.

We have many clients undertaking long term projects that will be of huge value to them and their stakeholders and to wider society ultimately but many of these hugely valuable companies struggle for profitability for a long time before ultimately blossoming. The amount of expenditure necessary to support their R&D means that often companies are not profit making but the tax credit scheme allows them to get the cash that they need to support the team to make continued significant technological advances.

Profit making SMEs who spend for example £200,000 for R&D which qualifies under the scheme could receive up to £52,000 as a tax refund or reduced tax liability. Loss making SMEs can receive up to a £66,700 credit or £36,000 in cash for each £200,000 spent.

The R&D credit can either be in the form of a tax deduction or possibly used as a cash tax credit regardless of whether your business is making a profit or not. Claims can be made for up to the last two accountancy periods. If a claim is not made by the financial year end, the initial year you may have been eligible for a refund from may finish and therefore that year may no longer qualify for a refund so time is very much of the essence.

There are two stages to a successful R&D tax reclaim –

  • Identify relevant spend- If you can answer yes to any of the following then you may well have a good case-
  1. Have you recently installed an automated/control system?
  2. Has your business created or modified software in order to improve process efficiency?
  3. Does your business design and complete experimental activity?
  4. Has your business advanced technology in your industry?
  5. Has your business advanced knowledge or capability in your industry?
  6. Has your business modified plant or machinery?
  7. Does your business operate a conveyer belt production system?
  8. Does your business utilise robots?
  9. Have you completed a process design within your business?
  10. Does your business process hazardous waste?
  11. Does your business complete investigative work and identify causes of manufacturing defects?
  12. Does your business plan, design, test or modify products, processes, devices systems and materials?
  13. Does your business manufacture products?
  14. Does your business undertake continuous improvement activities in relation to its products?
  15. Does your business have to overcome technical issues surrounding compatibility between components and materials?
  16. Does your business look to improve the wastage of expensive materials through advanced recycling techniques?
  17. Does your business utilise mobile applications within its day to day operations?
  18. Does your business utilise lean manufacturing techniques?
  19. Does your business redesign tools due to unexpected breakages?
  20. Has your business created its own inventory/stock system?
  21. Does your business transfer new technologies from parent organisations?
  22. Does your business manufacture products for other companies?
  23. Does your business plan, design and test pilot plant and machinery?
  24. Does your business develop new processes for the production of existing devices?
  25. Does your business plan, design new chip-set/electronic circuit layouts?
  26. Has your business had to overcome thermal/cooling management issues to improve reliability or efficiency?

This is not a comprehensive list but highly indicative of the kinds of activities that are relevant and successfully claimable.

  • Applying cost to relevant activities- The report that is submitted to HMRC will need to feature a strong narrative, rationale and be costed. The costs that are claimable include-
  1. Internal costs such as staff and consumables. Some of this is quite objective but some is quite subjective such as items like the time invested by the managing director for example since it is unlikely that exact time keeping records will exist.
  2. External costs such as contractors and external suppliers which can even be overseas provided the claiming entity is a British company.

Successful claims are not achieved by box ticking but by building a strong narrative case with accurate and reliable costings attached. Producing this report can take several weeks as information is gathered and collated.

These reports can be produced by the companies themselves, by their accountants or by a specialist R&D claims consultant. Given the high level of technical requirement that is necessary in order to make a successful claim and the time taken in order to deliver it companies would be well advised to use a claims specialist especially given that they generally work on a contingency percentage of success. This means that the consultant’s goal is entirely aligned with the claiming company and that they will remove the work from the company and no cost is incurred by the claimant until after they have banked a successful claim. Some specialists will also offer insurance that covers the claimant should HMRC ever investigate the claim and ask for it to be repaid. This is however virtually unheard of since reports are heavily scrutinised at the point of submission meaning that subsequent investigations are unusual.

Next Step

If you feel that your business qualifies to make a claim and it hasn’t done so in the last year and you are interested in getting a justifiable cash refund then you should take action without delay to prevent being timed out.







Nuix Appoints Rod Vawdrey as New CEO

Global technology company Nuix today announced that the Nuix Board of Directors has appointed Mr. Rod Vawdrey as Chief Executive Officer, effective 1 May.

“Rod has made a significant contribution to Nuix’s Australian and international operations over the past two years in his role as Chief Operating Officer and Head of Nuix’s Asia Pacific operations, and has established strong relationships with our employees, customers and partners,” said Nuix Chairman and co-founder Dr. Tony Castagna. “He has grown the company’s customer base, expanded our geographic presence, strengthened business processes to support operations, and introduced an enterprise level focus for global sales and delivery.

“Rod will lead Nuix through a year of transition, from its Australian foundation and heritage as an innovative software technology company with great people and unique capabilities, to a world leader in solutions for enterprise risk management, compliance and security.”

Mr. Vawdrey brings to Nuix more than 40 years’ international experience helping corporate and government organisations across the globe to embrace technology to improve their competitiveness and deliver valuable business outcomes. Prior to joining Nuix, Mr. Vawdrey was Corporate Senior Vice President and President of Fujitsu Limited Global Business Group, where he led Fujitsu’s international operations and was responsible for the company’s IT products and services. Before that he held various country, region and headquarter executive roles in Europe, the Americas, Asia Pacific and Japan for Fujitsu, NCR and AT&T GIS. Over his career, Mr. Vawdrey has developed and implemented sales, partner and professional services teams, led marketing and product operations, and managed customers in all major markets.

“Since joining Nuix, I continue to be impressed by the incredible power and unique capabilities of Nuix software and its ability to address some of the world’s most difficult data and security challenges,” said Mr. Vawdrey. “It is rewarding to know that we can really make a difference and I feel honoured and privileged to lead the Nuix team to realise our full potential. Nuix will continue to be an increasingly valuable business and technology partner for our customers while being an employer of choice across all of our operations.”

Mr. Vawdrey will be assisted by a very capable leadership team, recently strengthened by the recruitment of two regional CEOs—Ethan Treese and Jonathan Rees, who head the Americas and Europe, Middle East, and Africa regions respectively. As part of the transition of responsibilities, Mr. Vawdrey will relinquish his role as head of the APAC region and Nuix will shortly announce a new leader for the region. These regional roles enable Nuix to support customers and partners locally, while maintaining an international persona through the company’s global reach and international customer base.

“Our organisation represents an amazingly talented group of the world’s best engineers and subject matter experts,” said Mr. Vawdrey. “Together with our regional sales and support capability, I see a significant growth opportunity to add new customers to an already impressive footprint in some 65 countries. Nuix counts many of the world’s leading organisations as customers and I am confident in our ability to continue to become a major force in understanding data and providing the insights and intelligence that help protect and secure our world.

“It is very special to be a member of the Nuix team as we become one of the world’s leading software companies that showcases the best of Australian and overseas innovation and software engineering leadership.”



(ISC)2 and Learning Tree to Embed Cybersecurity Certifications within Global Public/Private Sector Training Programmes

(ISC)2, an international non-profit membership association, and Learning Tree International (OTCQX:LTRE) has announced a global agreement to enhance development of the professional cybersecurity practice around the world. (ISC)2 certifications will now be recognised within Learning Tree’s proprietary course library and provided within the commercial training frameworks it maintains for major organisations, including the NATO Communications and Information Agency (NCI Agency).


The collaboration broadens access to the best cybersecurity practices, knowledge, and principles documented over 28 years by (ISC)2’s global community of more than 120,000 practicing information security professionals.


This agreement follows Learning Tree’s February announcement of a commercial training contract to be delivered across 40 sites serving up to 33,000 NATO staff, which includes cybersecurity, among other technical and programme management disciplines. NCI Agency services are designed to support NATO consultation, command and control, intelligence, surveillance, and reconnaissance capabilities.


Through this agreement, Learning Tree will also include (ISC)² training and certifications within their programmes that align to the National Initiative for Cybersecurity Education (NICE) Cybersecurity Workforce Framework under the U.S. Department of Commerce and the National Institute for Standards and Technology (NIST).


Sean Craig, Managing Director, Learning Tree International EMEA, notes that cybersecurity is a growing priority: “As the ever-evolving threat of cybersecurity attacks continues to grow, our clients are intensifying their efforts to both develop and demonstrate that they have the skills to face it. For this reason, we are finding that formal certification and professional recognition for cybersecurity roles are becoming a key priority for many.”

“Learning Tree lends a significant boost to our commitment to supporting organisations around the world in their battle against cyberthreats. As a global membership body, (ISC)2 has a unique opportunity to maintain the breadth of practice knowledge and verify it by people working on the frontlines. Partnerships such as this one ensure we can reach the people that need it and add the credibility of professional recognition to the challenging work that they do., says Faisal Malik, Head of Business and Market Development EMEA, (ISC)2.

This year, forecasts for a global cybersecurity skills shortage grew by 20% to reach 1.8 million in 2022, according to the Center for Cyber Safety and Education’s 2017 Global Information Security Workforce Study, which has been benchmarking workforce development for (ISC)2 and the world since 2004. The study also reports that governments and companies are already feeling the impact of the shortage; with 66% of the more than 19,000 respondents stating they have too few cybersecurity professionals working for them today and 46% of the more than 1,000 UK participants in particular struggling to find the talent they were actively recruiting.

(ISC)2 certifications confirm comprehensive professional knowledge in the critical areas needed to develop and protect systems and data in current business and working environments. Our commitment to continuing education is helping professionals and their employers keep pace with ever-changing requirements.