technology design & product management


funding pattern analytics


market knowledge maximization


security architecture OPTIMISATION


competitive analysis

A few things we’re great at

The Cyber Hut is singularly focused on the global cyber and information security market. Whether you are procuring a maritime secure communications platform, analysing the drone cyber security market for future investment or seeking the latest startup design patterns, The Cyber Hut will have an opinion. 

Some of the technology areas we cover include: 

cyber physical

Critical National Infrastructure.  Automotive.  Industrial IoT.  Industrial Control Systems. Transport.


Identity & Access Management. Authentication Authorization. MFA. PAM. Passwordless. Biometrics

network & Comms

SASE. Zero Trust. CARTA. Edge Authorization.  Web Application Firewall. Gateways. Sidecars. Proxies.


Key Management Systems. Encryption as a Service. Privacy Enablement.  Application Level Encryption.

RISK & threat

Cyber Threat Intelligence. Kill Chain. ISO27001/2. NIST CSF. OWASP. CIS Controls. Diamond Model. STRIDE


APIs. Microservices. Security as Code. Runtime Application Self Protection. DevSecOps

data security

Data Loss Prevention. Cloud Access Security Broker. Database Encryption. Data Mining & Sharing.


Smart cards. EMV. SIM. Internet of Things. Trusted Platform Module. Secure Elements. ID cards.

The Role of Security Economics

Security design, implementation and controls are applicable to many sectors and verticals in both the private and public sector. The Cyber Hut develops research for a range of sectors and use cases, focused on the confidentiality, integrity and availability of information assets. 

We analyse using a range of economic models and concepts to understand why security fails, why certain startups receive funding, why organisations don’t invest in critical controls.

Some examples of our more focused research areas include:

Who is funding emerging security startups, when and why?

If passwords are so bad, why are organisations not switching to passwordless?

is resilience and recovery more important than protection?

how to analyse end to end security for drones and autonomous transport?

how to apply security to critical infrastructure and non-information assets?

what is the market for information and cyber warfare defence and counter measures?