loading content...

Media Contacts
For media related enquiries
Click Here

Latest News

12 April 2019

Phil Higgins appointed Group CEO

Today the Group announced that Phil Higgins has been appointed Group CEO of Shearwater.

Read the full RNS release

9 April 2019

Acquisition of certain assets of Secarma

We are delighted to announce that we have entered into an agreement to acquire certain business and assets of Secarma Limited, a leading provider of cyber security testing services and solutions, with the business to be rebranded Pentest on acquisition.

David Williams, Chairman of Shearwater, said:

“Over the past year we have witnessed a substantial and growing demand for cyber security testing services and red teaming in particular. We’ve looked at a number of opportunities in this sector and we’re delighted to have secured a deal to purchase this business.

“The incoming team’s industry expertise and considerable experience as well as market position will be very complementary to our services businesses and provides another key capability for the Group as a whole.”

Read the full RNS release

5 April 2019

Making Tax Digital: How to avoid the cyber crime threat

Making Tax Digital (MTD) is expected to deliver a more efficient tax collection system for HMRC, but concerns have been raised around the cyber security vulnerabilities that will emerge.

Many companies are upgrading their existing – or adopting new – accounting packages in order to deliver VAT returns in the required format requirement. Advertisement

However, the Treasury Select Committee has warned that many businesses are unprepared for digital tax processes and as a result will be vulnerable to exploitation by cyber criminals. Here’s how accountants can help themselves and their clients avoid the potential risks.

As dictated by MTD legislation, all VAT submissions must be submitted electronically to HMRC from April 2019. For many small to medium businesses management of VAT has historically been handled on spreadsheets and then submitted via the HMRC web portal manually.

However, from April the HMRC portal is being withdrawn and submissions will need to be undertaken using MTD compatible software, and electronic records maintained. Some organisations will not currently be using an accounting package, while others may have a solution that is not MTD compatible, which will need to be upgraded, or replaced.

In either case an organisation must consider the following with regards to a system’s usage and operation:

  • Is it protected from cyber-attacks?
  • Is access to data restricted to only the staff that need access?
  • Are you processing clients’ personal information in accordance with the UK Data Protection Act 2018 and GDPR? Where you use third parties to host or operate your solution, have you fulfilled your responsibility to verify that the supplier is protecting the data appropriately and meets it data protection obligations?
  • Are you and your suppliers’ staff trained to deal with cyber security threats, can they protect data appropriately and are they aware of their data protection/GDPR obligations?
Read the full story

5 April 2019

Can HR build a human firewall around the business?

Mo Stevens, CEO of Shearwater Group and Xcina, which provides ‘Digital Resilience’ solutions and services including cyber awareness training to SMEs, explores the chasm between awareness and action when it comes to cyber security training. And, considering recent GDPR legislation, why it’s even more important for companies to build a human firewall.

In the first few weeks of joining an organisation, HR teams are often tasked with laying the foundations for what should be a slick, friendly and thorough onboarding processes for new recruits.

But while they are under pressure to promote company culture and set expectations high, they also need to manage briefings and training with various departments. Their role is to ensure that each person that joins, regardless of their level, understands everything – from the company’s vision to its health and safety policies.

Read the full story

4 April 2019

SecurEnvoy Reveals Enhanced Product Roadmap

SecurEnvoy, a global software leader in multi-factor authentication technology, is proud to announce the addition of a new data security product suite, SecurHIVE. SecurHIVE is a complementary new suite of security assurance and prevention solutions offered by SecurEnvoy for organisations to protect sensitive data, ensure administration, compliance and governance. The SecurHIVE suite will broaden the SecurEnvoy offerings into endpoint security, a top priority of Chief Information Security Officers (CISO) today. As data is increasingly moved into the cloud, organisations must ensure confidential information, trade secrets and customer information are encrypted and secured. Starting April 1, the SecurHIVE Beta program will open to a limited number of premier partners.

Read the full story

4 April 2019


Brookcourt Solutions and McAfee have worked in partnership for over 8 years where they have delivered SIEM expansions and the latest technologies into the largest telecommunications provider in the UK, which include subscription renewals and facilitated McAfee training with one of the UK’s leading digital education and skills providers.

“We are delighted to have Brookcourt Solutions as a strategic partner, where we regular share intelligence on opportunities that our clients are pursuing, this has significantly helped the planning and delivery in meeting customer demands”.

Ed Baker, Regional Director, McAfee

4 April 2019

Brookcourt Solutions and IBM Tackle Threat and Counter Fraud

Following a series of Threat Hunting Boot Camp events, Brookcourt Solutions held another event with their strategic partner IBM in London last month. The purpose of this event was to educate attendees on the insights and knowledge on how to tackle Threat and Counter Fraud. The event was attended by Fraud Investigation Directors, CISO’s and Cyber Security representatives of several leading global organisations.

Our Keynote Speaker, Julie Clegg, a world class investigator from the UK hit show ‘Hunted’ and ‘Celebrity Hunted’ shared her experiences in Open Source Intelligence and Threat Assessment. Julie also spoke on the cost of cybercrime, with annual revenues of $1.5 Trillion (since April 2018) and by 2021 it would be $6 Trillion, if nothing is done about it. Julie reiterated that cybercrime is now a global pandemic.

Mike Kehoe, World Wide Private Sector Leader for IBM Security gave a full demonstration of i2 and how it is used within a real-life cybercrime scenario within a large UK financial organisation. S-Branch also spoke on Integrating Ballistic Intelligence alongside Arquebus Solutions with the use of IBM i2 Solutions.

National security and law enforcement has relied on IBM i2 solutions for nearly 30 years, helping analysts turn overwhelming and disparate data into actionable insight and intelligence, in near real time. The solution can help ensure an understanding of threat landscape and identify vulnerabilities so as to disrupt and uncover threats. It can help quickly find hidden connections and critical patterns buried in internal, external and open-source data.

All speakers including our IBM experts explained the need to address cybercrime now before many more Trillions are spent.

For further information about cyber security and assistance on this, please contact Brookcourt Solutions: [email protected]

4 April 2019

Companies Leveraging SecurAccess for ISO Certification & Citrix Authentication

SecurEnvoy recently published comments from two customers, Christmann & Pfeifer Construction GmbH and TWS Netz GmbH on their experience using SecurAccess for multi-factor authentication and how it transforms their business. TWS Netz is utilising SecurAccess to meet the requirements of ISO Certification and Christmann & Pfeifer needed a simple solution that was easy to deploy and integrated with Citrix. Find the full comments here:

Protecting Construction with Multi-Factor Authentication

Protecting Utilities with Multi-Factor Authentication

4 April 2019

SecurEnvoy launches Secured Future podcast

In January 2019, Shearwater Group portfolio company SecurEnvoy launched their new Secured Future podcast series; a weekly conversation with industry leaders with commentary on all aspects of security today.
Stay tuned with our latest podcast updates using the links below.

3 April 2019

Cirencester Friendly Procures GeoLang’s Data Discovery Solution to meet GDPR and PCI DSS Compliance

A case study from GeoLang:

Formed in 1890, Cirencester Friendly is a leading provider of income assurance solutions. From small beginnings over 100 years ago, and based on an original concept designed by George Holloway, today Cirencester Friendly has in excess of 37,000 members.

“Cirencester Friendly saw the introduction of the General Data Protection Regulation as an opportunity to look at the digital resilience of our internal processes. We identified that we had limited visibility of PCI and PII within the enterprise. GeoLang, as experts in data discovery, monitoring and DLP via their Ascema platform were the obvious choice as a partner to meet our internal needs. We now have the ability to audit and monitor our data across all of our digital estate including servers and endpoints with subject access and right to be forgotten requests easily facilitated via the Ascema platform. The added bonus of using the platform to inform and train our staff on appropriate data usage was a significant differentiator.”

Andrew Horsley, Company Secretary - Head of Compliance Cirencester Friendly

Read the full case study

2 April 2019

Health and Her certified for Cyber Essentials by Xcina IS

Xcina IS Cyber Auditor Steph Beech is a busy woman. She recently guided our latest client, Health & Her, through the government-backed Cyber Essentials scheme. Cyber Essentials - part of the UK’s National Cyber Security Programme - is designed to encourage businesses to achieve a baseline level of security.

Health & Her, run by Kate Bache, passed with flying colours, meeting the scheme’s requirements in the 5 key areas of security control. The company, which provides women with advice and products on the menopause, launched its website on 1 March, safe in the knowledge that compliance means it is protected from the most common internet-based attacks.

The full cost of Cyber Essentials certification was, in this case, met by a reimbursement grant from IP Wales, an award-winning business support initiative led by Associate Professor Andrew Beale at Swansea University.

Kate was delighted to have passed the assessment. “To meet the Cyber Essentials criteria was incredibly important to us given the nature of our business and the value we put on our consumers’ privacy. We’re delighted to know that we have passed and now have the confidence to scale our business.”

Steph couldn’t agree more. “The impact of a data breach on your organisation could be crippling. Whether the threat comes from a rival company, cyber criminals or your own employees, you can bet your data has an illicit value to someone. Cyber Essentials demonstrates that you have built security considerations into your processes and provides peace of mind and confidence for your clients and potential clients.”

For further information on the Cyber Essentials scheme and certification process, please call our Cyber team on 02921 888111 or click here, and to visit the newly launched Health and Her website, click here.

28 March 2019

Alfresco procures GeoLang’s Ascema Data Discovery to assist with GDPR and PCI Compliance

A case study from GeoLang:

GeoLang provided technology partners Alfresco with a GDPR and PCI Compliance solution that enables them to discover and protect PCI and PII across their digital estate – including cloud sync folders, endpoints, servers, email and Alfresco repositories.

“Alfresco saw the introduction of the General Data Protection Regulation(GDPR) as an opportunity to look at the digital resilience of our own internal processes. We identified that we had limited visibility of PCI and PII within our own repositories. GeoLang, as experts in data discovery, monitoring and DLP via their Ascema platform, were the obvious choice as a partner to meet our own internal needs. We now have the ability to audit and monitor our data across not only Alfresco repositories but all of our digital estate including servers and endpoints with subject access and right to be forgotten requests easily facilitated via the Ascema platform.” Ian Catlin, IT Director Alfresco

Read the full case study

27 March 2019

Xcina Consulting launches new Regulatory Calendar

Shearwater Group plc portfolio company Xcina Consulting Limited is delighted to announce the launch of a new Regulatory Calendar. This tool enables users to monitor and track EU and UK regulatory developments as they are announced, and to search regulatory change by industry sector and compliance dates.

Mark Child, Executive Managing Director of Xcina Consulting, says “this is a valuable tool, enabling users to track and assess regulatory change across Banking, Insurance and the Asset Management sectors. Our new calendar will provide a key overview of regulations, along with additional advice through relevant whitepapers and articles.

Supporting our clients in managing regulatory change is of paramount importance to us and our Regulatory Calendar will help ease the pains of navigating and capturing these changes by having one primary information source to encapsulate the key impacts”.

You can take a look around Xcina Consulting’s new Regulatory Calendar on their website. For further information, please contact 020 3985 8467 or email [email protected]

Visit the calendar

18 March 2019

Xcina Consulting achieves Platinum Membership to the BSI Associate Consultant Programme

We are proud to announce that Xcina Consulting has become a ‘Platinum Member’ to the BSI (British Standards Institution) Associate Consultant Programme. Our membership strengthens our existing relationship with BSI and demonstrates our expertise in helping clients attain BSI certification.

Michael Stevens, CEO of Shearwater Group, also commented: - “Shearwater Group is delighted to hear that Xcina Consulting has become a Platinum Member to the BSI Associate Consulting Programme. This news supports the Group’s overarching strategy to provide resilience solutions to our customers. Xcina Consulting only utilises highly skilled consultants, with a minimum of 10 years’ relevant experience, allowing it to support its clients and partners with the implementation of standard frameworks and take them on a journey of continuous improvement”.

Read the full story

27 February 2019

Shearwater Group join forces with IP Wales

Shearwater Group recently joined forces with IP Wales, an award-winning business support initiative based at Swansea University, to host an event at the Welsh Government Office in London.

The event, focused on Cyber Resilience and the online risks faced by busy Patent Attorney firms & IP Solicitors, was attended by representatives of several leading firms. They heard Jason Dunlop from Xcina (part of the Shearwater Group) and Associate Professor Andrew Beale OBE of IP Wales present findings from joint research into cyber breaches.

Two new free Intellectual Property guides were also launched at the event for www.ipcybersecurity.com, with Professor Beale and Felix Manig of Control Risks presenting their IP Wales Guide to Cyber Defence, and David Lewis of Capital Law Solicitors providing a presentation on the IP Wales Guide for the protection of trade secrets using Employment Law. Following the presentations one of the attendees, Maria O’Sullivan from Keltie LLP commented, “While some trade secrets may be patentable, businesses can rely on their Patent Attorneys to advise them on the best option to protect their valuable intellectual property… Firms needs to invest time and money in a good cyber security policy, to protect against external threats and to promote internal best practice for handling trade secrets. It is of paramount importance that SMEs, from the outset, ensure resilience to the growing cyber threats and risks in the commercial world today.”

Using software monitoring the dark web, the Shearwater/IP Wales research revealed that of 58 leading UK IP law firms, only 1 was found to have suffered no cyber breach. The remaining 57 were recorded as having suffered 81,767 cyber breaches over a ten year period, resulting in the leaking of 80,293 data items with 28,232 passwords compromised.

Faced with these alarming statistics, an event providing an overview of, and advice on, the cyber risks facing the IP community may have been well overdue.

For further information about the cyber security recommendations made to participants, please contact us on 02921 888111/[email protected]

26 February 2019

Secured Future Podcast

The Secured Future podcast is an essential examination of the future of security, data, identity and the human condition. We will invite thought leaders from vendors, partners, consultancies and businesses, etc. to share their thoughts on the issues of the week and to provide actionable recommendations for today's changing world.

In episode 1 we invited Simon King to join the podcast to discuss some of the most important topics in security today. Our conversation covered topics such as the GDPR, identity and privacy and the role of data security in today's enterprise.

This episode is sponsored by SecurEnvoy.

Topic List:

0:24: Introduction
3:10: The most important thing in security today (the control of data)
9:28: The role of identity
19:10: Regulatory requirements & the GDPR
23:40: Facebook & data privacy
36:40: Email & Phishing will never go away
41:00: Are you, You? The common thread of identity
44:20: Advice for the CISO buyer

Listen Now
26 February 2019

MFG – Motor Fuel Group

Brookcourt provided our partner Bullwalls technology as a last line of defence for MFG for quarantining Phishing attacks.

Motor Fuel Group (MFG) is the largest independent forecourt operator in the UK. It has more than 900 stations operating under the BP, Shell, Esso, Texaco, JET and Murco fuel brands and all have an attractive, competitive and expanding forecourt shop and ‘food to go’ offer under the Londis, Budgens, Spar, Hursts, Costa, Greggs and Subway brands.

“Ransomware is an ever growing threat to a company’s IT security and here at MFG we take all actions required to maintain a secure system. The Ransomcare package from BullWall/Brookcourt gives us a simple, cost effective and highly effective solution to limit our exposure to ransomware attacks.”
Paresh Patel, IT Director, Motor Fuel Group

11 February 2019

The UK's cyber threat environment is intensifying according to the findings of a new survey.

The results of the poll, conducted by Carbon Black, reveal that 88% of UK firms have been breached in the past 12 months. Malware is the most prolific attack type in the UK, with more than a quarter (27%) of organisations naming it the most commonly encountered. Ransomware holds second position (15%).

The results of the poll, conducted by Carbon Black, reveal that 88% of UK firms have been breached in the past 12 months. Malware is the most prolific attack type in the UK, with more than a quarter (27%) of organisations naming it the most commonly encountered. Ransomware holds second position (15%).

However, the report warns that human error also plays a significant role, with phishing attacks at the root of one in five successful breaches. Weaknesses in processes and outdated security technology are also factors in a quarter of breaches.

Over the past 12 months:

  • 87% of organisations have seen an increase in attack volumes;
  • 100% of government and local authority organisations have been breached, 40% more than five times;
  • 98% of financial services companies have reported breaches.

Read the full story

8th February 2019

Accountants have been told to tighten cyber security in time for the government’s Making Tax Digital (MTD) initiative, which launches on April 1 2019.

Businesses who are not prepared for the digital tax process will be vulnerable to cyber criminals and hackers looking for an easy target, warns the Treasury Select Committee.

9 in 10 security breaches are the result of human error, meaning accountants are being advised to educate and train their staff, as well as their clients, on the importance of online security and data protection.

Read More

4th February 2019

Xcina adds training Academy to its digital resilience services

Xcina, a Shearwater Group plc portfolio company, has today launched Xcina Academy on its new proprietary e-commerce platform. ¬Despite rising awareness of the need for good cyber governance, it is estimated that nine out of ten data breaches in the UK are caused by human error. Therefore, Xcina is urging company leaders to focus on educating their managers and staff on data breach risk, and the requirements involved in maintaining resilient data and information practices and procedures.

The first iteration of Xcina Academy includes both online and classroom courses for Cyber Awareness and GDPR Refresher, as well as training packages for specific upcoming legislation such as Making Tax Digital.

Xcina Academy also provides a Learning Management System which has a real-time dashboard of competence. This supports governance assurance and compliance for GDPR and other regulatory frameworks.

In addition, throughout 2019 there are plans to expand significantly into regulatory and business risk management services such as virtual DPO, as well as an online apprenticeship scheme.

Xcina Academy also addresses the recent Senior Manager and Certification Regime, which introduces a duty of responsibility on all senior management to take reasonable steps to prevent and detect regulatory breaches from occurring in their respective areas of responsibility.

Michael (Mo) Stevens, Group Chief Executive Officer at Shearwater, said:

“Xcina Academy is another significant development for us as we continue to drive our national digital resilience agenda. As much of the latest cyber breach research shows, it’s employees within organisations that present the biggest vulnerability.

“It’s vital that those individuals understand they could be targeted. And that business owners and their managers understand their responsibility to have adequate training programmes in place for their people.

“If companies aren’t compliant with legislation, regulation and industry standards, then their organisation, their data – and their client’s data – could quickly become compromised.”

For more information visit Xcina Academy at https://www.xcina.co.uk/academy - or contact Kevin Porter, Xcina Director of Business Development, on 07785 921072.

About Xcina

Xcina provides digital, operational and regulatory services in support of end-to-end resilience and risk management for SMEs. Xcina helps companies prepare for increasing legislative and regulatory demands on how data is held and processed. This is done via tailored digital strategies and a range of services, including consultancy, training, ongoing monitoring, analysis, detection, and response to cyber threats. Xcina supports resilience and business continuity using its proprietary capability maturity model, which focuses on the three core pillars of people, process and technology.

Xcina is a Shearwater Group plc portfolio company.

Learn More about Xcina

18th January 2019

Xcina partners with Moorhouse to develop cyber risk technology solutions for insurance market

This partnership will see the roll-out of a series of applications and services aimed at risk assessment, threat detection, incident response, critical resource application and a virtual cyber incident response team, to address the shortfall in the number of UK SMEs purchasing adequate cyber insurance policies.

The first app will launch in February 2019 and will be made available to Moorhouse’s 46,000+ clients. The risk assessment app will allow SMEs to assess a cyber threat and the risk it poses, generating reports to recommend next steps towards managing the risk and providing preventative measures as part of a wider digital resilience strategy. The app will enable SMEs to maintain appropriate insurance levels and access remedial cyber services to address critical weaknesses.

Read the full RNS release.

7th January 2019

Advisory Panel Appointment

Shearwater has today announced that Marcus Willett CB OBE has joined the Group as a Member of Shearwater’s Advisory Panel to work alongside Lord Reid of Cardowan, the Advisory Panel’s Chairman.

Read the RNS release.

11th December 2018

Interim Results announced

Shearwater has today announced its results for the six month period ended 30 September 2018.

Read the RNS release.

11th December 2018

Board Appointment

Shearwater has today appointed Phil Higgins, CEO and co-founder of Brookcourt Solutions, to the Board of the Group as an Executive Director.

Read the full RNS release.

17th October 2018

Acquisition of Brookcourt Solutions Limited

We are delighted to announce that we have completed the acquisition of Brookcourt Solutions Limited, the multi-award winning, leading independent UK based cyber security solutions company.

Read the RNS release.

17th August 2018

Proposed acquisition of Brookcourt Solutions

We are delighted to announce that we have entered into a conditional agreement to acquire the entire issued share capital of Brookcourt Solutions Limited, a leading independent UK based cyber security solutions company.

David Williams, Chairman of Shearwater, said:

"This transformational acquisition provides us with a substantial platform from which we can grow organically and by further acquisitions.

"As well as being strategically and operationally a major development for us, this transaction will also bring a step change in our scale and breadth of offering, and notably it will make us cashflow positive following completion."

Read the full RNS release.

25th July 2018

Shearwater Group White Paper: Digital Resilience – Understanding the Challenges of Resilience in Digital Environments

Shearwater Group plc, releases White Paper in association with the Institute for Strategy, Resilience & Security (ISRS) at University College London (UCL). Register to download our White Paper on digital resilience, a dynamic state of continual evolution and learning within the digital environment. The White Paper helps readers understand the challenges we face, proposes an assessment framework of key questions for leaders to define, identify and address digital resilience issues within their organisations and outlines the principles of a strategic process to identify digital resilience issues both from a business and technology perspective and address them through the development of organisational capabilities.

Download the White Paper here

21st June 2018

Trading Update

Shearwater Group plc, the digital resilience group, is pleased to provide a trading update ahead of the release of its audited results for the financial year ended 31 March 2018.

Read the RNS announcement

12th June 2018

SecurEnvoy announces partnership with Citrix

We are pleased to announce that SecurEnvoy has been appointed by Citrix as one of its first Premier Citrix Ready Partners for the fast-growing Identity and Access Management sector.

Read more

31st May 2018

Xcina Consulting secures new contract wins and trades ahead of expectations

Shearwater Group plc, the digital resilience group, is pleased to announce that its portfolio company, Xcina Consulting, has won in excess of 30 new customers since the Group acquired the business in July 2017, which have already generated £1 million in revenues for the business in addition to existing client revenues.

Read the RNS announcement

23rd May 2018

SecurEnvoy secures a new US channel partner

SecurEnvoy has entered into an agreement with XenTegra, LLC to represent the business as a new valued-added reseller channel partner in the US, bringing its channel partners in the region to fifteen

Read More

26th April 2018

Acquisition of Crystal IT Services Limited

We are pleased to announce we have acquired the business and assets of Crystal IT Services Limited, a Cardiff based provider of cyber security and business information technology solutions.

Founded in 2004 by its current Managing Director, Chris Benson, Crystal IT has a portfolio of customers including a number of small and medium enterprises and not-for-profit organisations, to whom it provides information, network and application security solutions, cyber essentials advice, and outsourced IT services and training for companies seeking compliance with the upcoming GDPR legislation.

As part of the Acquisition, the Business has been rebranded Xcina Information Services (IS) and will form a component of the Group’s information security and assurance company, Xcina, augmenting its services capability. Chris will lead the rebranded business and Shearwater will look to invest in Xcina IS to support its organic growth and meet the increasing demand for resilient information services from Xcina’s expanding customer base.

Michael (Mo) Stevens, Group Chief Executive Officer of Shearwater, commented: “I’m delighted to welcome Chris and the team to the Shearwater Group. Since the launch of Xcina in July last year, the business has made fantastic progress in broadening and deepening its suite of capabilities. I look forward to seeing Crystal IT add to Xcina’s service offering as we continue to develop Xcina into a leading information security and assurance company.”

For more information, please visit www.xcina.co.uk/is.

Read the RNS Reach announcement

24th April 2018

Xcina appointed approved supplier for FTSE 100 company and awarded £0.2m contract

Xcina appointed approved supplier for FTSE 100 company and awarded £0.2m contract
Xcina has been appointed as an approved supplier of data and information assurance solutions to a global FTSE 100 company and has won an initial Payment Card Industry Data Security Standard ("PCI DSS") architecture review contract worth £0.2m.

Xcina’s work under this initial contract will help the customer to assess its PCI DSS card data payment environment with a view to ensuring that the customer meets its upcoming compliance audits in both the UK and US. This serves to highlight the applicability of Xcina’s information and cyber security solutions across corporate customers of all sizes.

Michael (Mo) Stevens, Group Chief Executive Officer of Shearwater, said: “This is an important milestone for Xcina and we are really pleased with the progress the company has made since we launched the business in July last year. Becoming an approved supplier to a global FTSE 100 company is testament to the quality of the Xcina team and the solutions the business is able to offer its continually expanding customer base.”

Read the RNS Reach announcement

19th April 2018

Maiden Contract Win for GeoLang

Shearwater Group plc, the digital resilience group, is pleased to announce that its recently acquired portfolio company, GeoLang, has been awarded its first enterprise licence contract under G Cloud.

Read More

5th April 2018

Cyber Innovation Competition - Winners' Stories: GeoLang

Debbie Garside, CEO of GeoLang, Shearwater Group’s most recent acquisition, talks to Mike Spain, Executive Director of Cyber Exchange about the substantial progress the business has made since being named as the UK’s Most Innovative Small Cyber Security Company

Read More

4th April 2018

Acquisition of GeoLang Holdings Limited

Shearwater Group plc, the digital resilience group, is pleased to announce that it has acquired the entire issued share capital of GeoLang Holdings Limited, an award-winning UK based provider of Data Loss Protection ("DLP") enterprise software

Read More

25th March 2018

Strengthening our Control Environment in Partnership with Xcina Consulting

Over the past few months, SecurEnvoy has been engaging with its sister company, Xcina Consulting, to strengthen its data protection and information security framework and controls.

Steve Watts, Global Sales Director at SecurEnvoy commented, “we recognise the need to be proactive around the way we identify and manage data protection and information security risks and to ensure that personal data remains confidential and secure at all times. These controls need to be engrained into our environment and form part of our culture on a continuous basis. Our intention is to establish and build relationships based on trust and transparency.”

Rob Treacey, Managing Director of Technology Risk Management at Xcina Consulting commented, “although our partnership is in its infancy, there is an intent to support SecurEnvoy, both in the short term and the longer term. We are currently supporting SecurEnvoy with their GDPR readiness efforts and we have just concluded on a GDPR Gap Analysis and Data Mapping Exercise. The next step is remediation.”

Xcina Consulting has already recognised the adoption of numerous data security best practices by SecurEnvoy.

Treacey added, “Steve and I have already discussed future state whereby Xcina Consulting will be supporting SecurEnvoy to acquire their ISO27001 certification and to provide their users with an Independent Controls Assurance Report (ISAE3402 / SSAE18).”


SecurEnvoy is a leading UK based provider of award-winning multifactor authentication (“MFA”) software solutions, which utilise a user’s mobile device as the ‘something you own’ component of MFA.

As pioneers in the development of Tokenless® authentication, SecurEnvoy has enabled over 1,000 organisations across the world to bolster their identity and access management security safeguards with innovative and easy to deploy authentication solutions, which maximise the value of a customers’ existing technology infrastructure and enable a user to authenticate at anytime and anywhere.

SecurEnvoy is a wholly owned subsidiary of Shearwater Group plc (AIM: SWG), the London Stock Exchange listed provider of digital resilience solutions.

For more information please visit www.SecurEnvoy.com, or www.theshearwatergroup.co.uk.


Xcina Consulting was established to fill a clear market need; the provision of high quality business and technology risk, assurance and advisory services that only comes from years of experience of being in our clients’ shoes.

We offer a dedicated team of experienced professionals with the commercial sense needed to provide practical advice to help our clients succeed.

Our wealth of experience allows us to serve as trusted advisors to large and small organisations.

Website and contact details: -
UK: +44 (0)20 3985 8467

16th March 2018

Trust-hub has become the preferred partner to Xcina Consulting

Trust-hub’s platform bolsters Xcina Consulting’s ability to help clients achieve a level of “dynamic” data mapping, rather than static, and helps companies understand data flows as part of establishing their end to end data footprint. For more information, please read the attached case study.

Xcina Consulting Trust-hub Case Study

20th December 2017

Xcina expands in to Wales

Digital resilience company, Xcina, has arrived in Wales.

As part of Shearwater Group plc, Xcina has opened its first office in the region in Tec Marina, Penarth. Xcina is looking to support Welsh businesses with building their digital resilience. The company helps organisations protect their critical information assets by preparing them for the increasing legislative and regulatory demands on how data is held and processed as well as the on-going monitoring, analysis, detection and response to cyber threats.

Jason Dunlop, Xcina’s Regional Business Development for Wales commented: “We are delighted to have established our presence in Wales as part of our expansion strategy. A key focus for Xcina is supporting businesses in preparation for new data protection regulations that come in to force in May 2018 and increasing protection against emerging cyber security threats.

“This is an exciting time for Xcina and we look forward to further announcements in the new year as we continue our investment and expansion in Wales.”

Xcina’s three service offerings comprise:
  • Consulting, which is focused on providing governance, compliance, cyber security and technology risk assurance and advisory services;
  • Services, including Managed Security Services Provision, data analytics, threat intelligence, and incident response; and
  • Solutions, which provides solutions to support organisational resilience through digital, transformational, operational and regulatory solutions and services.
Find out more at www.xcina.co.uk or email [email protected].

For all media enquiries, please contact Joanne Lewis at [email protected].

Xcina yn ehangu i Gymru

Mae'r cwmni gwydnwch digidol, Xcina, wedi cyrraedd Cymru.

Yn rhan o Grŵp Shearwater plc, mae Xcina wedi agor swyddfa gyntaf y rhanbarth yn y Tec Marina, Penarth. Mae Xcina am gefnogi busnesau yng Nghymru i adeiladu eu gwydnwch digidol. Bydd y cwmni'n helpu sefydliadau i amddiffyn eu hasedau gwybodaeth hollbwysig trwy baratoi nhw at y gofynion deddfwriaethol a rheoleiddiol cynyddol ynghylch sut mae data'n cael eu cadw a'u prosesu ynghyd â monitro, dadansoddi, synhwyro ac ymateb i fygythiadau seiber hefyd.

Nododd Jason Dunlop, Rheolwr Datblygu Busnes Rhanbarthol Xcina dros Gymru: “Rydym wrth ein boddau â sefydlu presenoldeb yng Nghymru fel rhan o'n strategaeth ehangu. Ffocws allweddol i Xcina yw cefnogi busnesau wrth baratoi at reoliadau diogelu data newydd a fydd yn dod i rym ym mis Mai 2018 a chynyddu amddiffyniad yn erbyn bygythiadau diogelwch seiber sy'n dod i'r amlwg.

“Dyma gyfnod cyffrous i Xcina ac rydym yn edrych ymlaen at gyhoeddiadau pellach yn y flwyddyn newydd wrth i ni barhau i fuddsoddi ac ehangu yng Nghymru.”

Dyma dri chynnig gwasanaeth Xcina:
  • Ymgynghori, sy'n canolbwyntio ar ddarparu gwasanaethau llywodraethu, cydymffurfio, diogelwch seiber a sicrwydd ar risgiau technoleg;
  • Gwasanaethau, gan gynnwys Darparu Gwasanaethau Diogelwch a Reolir, dadansoddi data, gwybodaeth am fygythiadau, ac ymateb i argyfwng; a
  • Datrysiadau sy'n darparu atebion i gefnogi gwydnwch sefydliadol trwy wasanaethau digidol, trawsnewid, gweithredol a rheoleiddio.
Gallwch gael mwy o wybodaeth trwy fynd i www.xcina.co.uk neu yrru e-bost i [email protected].

Ar gyfer ymholiadau'r cyfryngau, cysylltwch â Joanne Lewis yn [email protected].
18th December 2017

The growing threat of cyber attack in agriculture

“With digital data becoming a fundamental part of most agricultural businesses in order to boost profitability, it provides an ideal opportunity for criminals to cause disruption to the industry, according to Kevin Porter, director of business development and sales at Xcina.”

Read the full article on the Farmers Guardian website.

14th December 2017

SecurEnvoy helps trailblazing cryptocurrency and gaming business bring true security to its users through SecurAccess

Cryptocurrencies are growing at an exponential rate as they shift from being the reserve of the tech geek into a recognised form of currency for a range of consumer activities. As the technology and the markets it’s traded on mature, there’s an increasing need for dependable security solutions that give cryptocurrency users the same level of protection as they’d expect from any other financial transaction.

Until now, that hasn’t always been the case, resulting in some high-profile cryptocurrency frauds costing user’s substantial sums of crypto and ‘real’ cash. But that is about to change, thanks to SecurEnvoy’s ground-breaking relationship with Titus, a new force in the cryptocurrency sector. The partnership will provide Titus’s users levels of security that are inline with traditional banking regulations.

Using SecurAccess, users of Titus Coin and Payens, the currency exchange on which it will be traded, merchants, and gamers using Titus Coin in online games such as Aragon Rift and Spring, will be able to keep themselves and their investments safe with a convenient, but fully secure Single Sign-On.

Read the full story on the SecurEnvoy website.

SecurEnvoy is a wholly owned subsidiary of Shearwater Group plc.

31st October 2017

SecurEnvoy Release much-anticipated SecurAccess Version 9

SecurEnvoy, a Shearwater Group company, has released the latest and most advanced version of their successful SecurAccess user authentication solution. The latest iteration, which is expected to generate interest from existing clients looking to upgrade and new customers looking to bolster their data security, adds a number of features to make administrators’ and end-users’ lives easier and more secure.

Find out more about on the SecurEnvoy website.

13th October 2017

Xcina briefing on How to Prepare for GDPR through Digital Resilience

A team from Xcina, a Shearwater Group company, briefed the South Wales GDPR Cluster on How to Prepare for GDPR through Digital Resilience at The Life Sciences Hub in Cardiff, Wales on 4 October 2017.

The briefing was given by Kevin Porter, Wayne Grundy, Paul Kenealy and Allan Stevens, and was also supported by Jason Dunlop. The briefing was very well received and was followed by an hour-long Q&A.

The briefing outlined the need for companies to create a digitally secure culture in order to be ready to meet GDPR requirements.

Kevin Porter, Business Development Director, Xcina commented: “This was a good opportunity for Xcina to highlight the issues around GDPR and explain how we can help companies be GDPR ready as part of a wider digitally resilient and aware workforce.”

A follow up seminar and tutorial has been arranged for early in the new year.

11th October 2017

SecurEnvoy awarded first B2C contract

We are pleased to announce that our portfolio company, SecurEnvoy, has been awarded its first Business-to-Consumer ("B-2-C") contract under its new growth strategy.

Acquired by the Group in May 2017, SecurEnvoy is a leading provider of award-winning multifactor authentication ("MFA") software solutions, which utilise a user's mobile device as the 'something you own' component of MFA. The business has enabled over 1,000 organisations across the world to bolster their identity and access management security with innovative and easy to deploy authentication solutions, which maximise the value of a customer's existing technology infrastructure.

The award of SecurEnvoy's inaugural B-2-C contract demonstrates the universal application of the business' MFA software and emphasises how the criticality of authenticating a user is moving beyond the enterprise to mainstream consumer applications.

Whilst the terms of the contract are confidential, it is expected to generate income for the Company for a minimum period of the next three years.

Michael (Mo) Stevens, Group Chief Executive Officer of Shearwater Group plc, commented: "This is a great win for SecurEnvoy and an important growth milestone since the team joined Shearwater in May this year. The opportunities for integrating the business' authentication software within B-2-C platforms are considerable and we are delighted to have secured what we hope to be many new wins under this expanded strategy."

Find out more about SecurAccess on the SecurEnvoy website.

10th October 2017

Shearwater Group plc continues progress - AGM and Operational Update

On 29 September 2017 Shearwater Group held its AGM.

Following the meeting, David Williams, Chairman of Shearwater Group, commented:

"We are delighted with the progress we have made as a Group since the turn of the year. With the foundations we now have in place, we look forward to the second half of the year with a great deal of confidence.”

All resolutions put to the meeting were passed and an operational update was given for the six months to the end of September. The headlines were:

Shearwater Group’s transformation plan is substantively complete;
We have fully transitioned the first two acquisitions, comprising SecurEnvoy and Newable Consulting (rebranded Xcina Consulting), across to the Group; and
The Group is trading in line with management expectations and has a growing pipeline of further acquisition opportunities.

Mo Stevens, CEO of Shearwater Group, added:

“We are very pleased with the results so far. As a team, we have delivered all of the key milestones we set ourselves during the past year and I’m confident that we will continue to grow and strengthen our Group by bringing together innovative companies to develop digital resilience.”

4th October 2017

SecurAccess V9 to be released on 31 October 2017

We are pleased to announce that SecurEnvoy, a Shearwater Group plc subsidiary that provides identity and access management, will release the Version 9 update to their industry leading multifactor authentication solution, SecurAccess, on 31 October 2017.

In line with SecurEnvoy’s strategy of providing innovative, easy to deploy enterprise grade authentication solutions, Version 9 will offer significant administrator focused revisions, including a fully redeveloped reporting dashboard and improved server-side integrations. In addition, new functionality, including payment authentication, single tap near field communication authentication, and a new app interface are also incorporated, which will enhance the overall end user experience.

Michael (Mo) Stevens, Group Chief Executive Officer of Shearwater Group plc, commented: "We are excited about the developments Andy and Steve have made to SecurEnvoy’s core product and its potential as a key enabler to our regional expansion strategy. These upgrades will substantially improve the end user experience and maintain the industry leading security standards our customers expect at a time where well-publicised data breaches continue to highlight the criticality of robust user authentication across organisations of all sizes."

Find out more about SecurAccess on the SecurEnvoy website.

2nd October 2017

SecurEnvoy strengthens presence in Europe

SecurEnvoy, a Shearwater Group company, has formally established its first European subsidiary, SecurEnvoy GmbH, based in Munich, Germany.

As pioneers in the development of Tokenless® authentication, SecurEnvoy has enabled over 1,000 organisations across the world to bolster their identity and access management security safeguards with innovative and easy to deploy authentication solutions, which maximise the value of a customers’ existing technology infrastructure and enable a user to authenticate at anytime and anywhere.

SecurEnvoy GmbH will provide an ideal platform from which to expand the provision of these leading authentication products and solutions to the European market.

“Our engagement in the D-A-CH and BeNeLux region as well as our growing activities in Eastern Europe have shown the need for stronger regional representation of SecurEnvoy. We’re growing our footprint by expanding our partner and channel network and also recruiting additional team members to provide our products and services to meet the evolving needs of customers.” says Fabian Guter, newly appointed Managing Director of SecurEnvoy GmbH.

Steve Watts, Global Sales Director and Co-Founder of SecurEnvoy added: “We are delighted to establish our subsidiary in Germany as it’s a key part of our growth plan for the business. As our regional representative for the last two years, Fabian’s established relationships with customers has shown the considerable potential for growth in the region and he will lead the expansion to satisfy that potential.”

“We are delighted to be able to support Fabian and Steve with incremental investment from Shearwater Group. It’s great to see SecurEnvoy growing and strengthening its local presence not only in Central Europe but also in Scandinavia and the United States.” says Michael Stevens, CEO of Shearwater Group plc.

Visit the SecurEnvoy website.

28th September 2017

Paul Kenealy joins Xcina

We are pleased to announce that Paul Kenealy has joined us as Vice President, Managed Security Services to lead the expansion of the Services division of Xcina, the Company's recently launched information security and assurance solutions business.

Paul Kenealy joins us after leaving his position as Director of Threat Intelligence at Digital Shadows, the London and San Francisco-based cyber security firm, where he was responsible for expanding the company's cyber intelligence strategy and core product offering.

Paul has over 15 years' experience in cyber security, developing security operations, cyber risk management programs and leading investigation and response activities within some of the largest Government, finance, consulting and technology organisations in the world, including KPMG and Barclays.

He holds a Bachelor of Arts in Russian & Soviet Studies and a Master of Science in Information Security.

As Vice President, Managed Security Services, Paul will lead Xcina's Managed Security Service with primary responsibility for expanding the business' Security Operations Centre ("SOC") services, data analytics, threat intelligence and incident response capability.

Michael (Mo) Stevens, Group Chief Executive Officer of Shearwater Group plc, commented: "We are delighted to welcome Paul to Shearwater. His experience in cyber threat intelligence and leading security operations will allow us to shape the Xcina Services offering to meet the existing needs of customers, while adapting to the evolving challenges we face in the cyber world."

Paul Kenealy, added: "This is an exciting time for Xcina Services and we have the opportunity to establish the business as a leading provider of SOC services, data analytics, threat intelligence, and incident response. I'm pleased to be joining such a forward-thinking team with the support and backing of a Group that will enable us to invest in developing capabilities and services to deliver the best solutions for our customers."

Find out more about Xcina.

25th September 2017

SecurEnvoy continues its US expansion

SecurEnvoy, a leading UK based provider of award-winning multifactor authentication (“MFA”) software solutions has continued its international expansion through the opening of their US headquarters, based in Chicago, Illinois, reflecting a strong demand for the business’ MFA software solutions from its North American customer base.

Since the beginning of 2017, SecurEnvoy has increased its US workforce by over 20% with a focus on sales, marketing and technical engineering capability. In addition to the East and West coast offices, SecurEnvoy is now well poised to deliver against its regional growth strategy in North America.

Steve Watts, Global Sales Director and Co-Founder of SecurEnvoy commented: “As this market continues to evolve, we are seeing customers demanding easier authentication methods for their end-users. We are delighted that customers are choosing our products and that this is generating employment in the region.”

Doug Chase, Vice President Sales & Channel – Americas added: “SecurEnvoy is uniquely positioned to enable our channel partners to serve their customers by offering innovative and competitive cyber security technologies that protect their most important assets.”

“Our innovative tokenless multifactor authentication tool, coupled with ease of administration, allows for quick deployment and satisfied end-users. A win-win for our partners and customers. Our growth in the US confirms the need for the right security at the right time and that’s SecurEnvoy.”

Find out more about SecurEnvoy.

26th July 2017

The Shearwater Group launches Xcina Ltd

Joining Shearwater was like a breath of fresh air

Continuing with its strategy of buy, focus, grow, the Shearwater Group plc is pleased to announce the launch of Xcina Limited, a new Shearwater Group company.

Based in London, Xcina is focused on the provision of information security and assurance solutions and services aimed at helping companies prepare for the increasing legislative and regulatory demands on how data is held and processed, and the ongoing monitoring, analysis, detection and response to cyber threats and the protection of their critical information assets.

Xcina’s two service offerings comprise:

  • Xcina Consulting (formed through the acquisition of Newable Consulting), which is focused on providing governance, compliance, cyber security and technology risk assurance and advisory services.
  • Xcina Services, a provider of Security Operations Centre ("SOC") services, data analytics, threat intelligence, and incident response.

Xcina will also benefit from being able to leverage the collective expertise of the Group and access resources in support of its growth strategy.

Find out more about Xcina Ltd on the website: www.xcina.co.uk
20th July 2017

Steve Watts, co-founder of SecurEnvoy with Mo Stevens, Group CEO, Shearwater Group

Joining Shearwater was like a breath of fresh air

Steve Watts, Co-Founder of SecurEnvoy, now Sales and Marketing Director for the business as it joins the Shearwater Group tells us why he and Andy Kemshall founded the business and why this was the right time to become part of something bigger, for the team and customers:

Founding SecurEnvoy, “We thought there must be a better way…”

Andy and I were in IT security. We’d got to the point where we realised hardware token technology wasn’t going far enough, quickly enough. We thought there must be a better way. Rather than carrying around plastic tokens there had to be an alternative.

Andy had tried and tested the very first SMS to be sent with six numbers in real time replicating the concept of what you see on the token – but without a token.

We could see the future of tokenless and thought it was time to create a pioneering new British technology company that would be first to market.

Joining forces we started to develop two kinds of technology.

Tokenless – around the idea of proving your identity online using any device you carry around with you. When we were building this early in the 2000s, the internet and mobile phones were growing in popularity and we had the vision to see where we could take it.

And SecurMail – the concept of transferring information but not necessarily for remote access. This was so you could exchange information without any prior relationship between two parties and authenticate them to make sure the information was exchanged securely.

Our tokenless multi-factor authentication product, SecurAccess was accepted by the market. But at that time we were challenged to find a more robust and reliable method for delivery than SMS. One of the biggest challenges for companies is being in remote areas and not getting a signal. We listened and have now patented a product that does pre-loading. This means you’ve always got the code waiting on your device so you’re not stuck somewhere waiting to authenticate.

All the options we provide for authentication are ‘enterprise grade’, as it’s referred to in the US, or ‘business grade’ in Europe. It is 100% effective, because everyone authenticating needs to do so without delay; quickly and easily, every time.

We have customers across all sectors. We work with for companies of all sizes and provide a pricing structure for companies and organisations to find affordable. Some of our larger customers include: John Lewis and Waitrose, EE, Northumbrian Water, Travis Perkins, Save the Children and TATA. No sector is ignored nor is any type of organisation; from charities to publicly listed companies - we create solutions for all.

Our inventiveness sets us apart in the market. We really listen to customers. We develop a technology and put it out in Beta, then we listen so we can tailor it to what the business and industry needs. We address a marketplace that perhaps our competitors sometimes miss. We’ll patent the best of that technology that is fit for purpose and is absolutely secure.

Joining Shearwater Group, “the dynamic worked from day one…”

When we saw the opportunity with Shearwater it was like a breath of fresh air. We see authentication as the bedrock of security. The Shearwater concept going forward means our MFA technology will be the bedrock of digital resilience solutions across the Group.

There is honesty about the deal and everything that was offered up front is what was delivered at the end. That I think is a rarity in the marketplace. Two organisations with a common goal of stronger together, with a very similar ethos and honesty. The dynamic worked from day one.

Shearwater’s objective is to identify good, robust, innovative UK businesses with potential for growth. In SecurEnvoy they saw all those components: great team, innovative, and well positioned in the market. Another element Shearwater found attractive was our distribution channel model – everything was fit for purpose.

Now, we have the technology and the infrastructure to build a greater global business and the right environment to go and do it. We have already started to invest in and develop our products, grow our business opportunities, open new offices and expand out team. It is definitely the right move for our business, for our customers and channel partners.  Great news all round!
30th June 2017

SecurEnvoy, A Shearwater Group plc Company
Showcasing capabilities at Europe’s leading information security exhibition.

In June, SecurEnvoy exhibited their tokenless, multifactor authentication capabilities for the first time as a Shearwater Group plc company.

Attending InfoSecurity Europe (InfoSec) at London’s Olympia Exhibition Centre, Steve Watts, Co-Founder and Sales & Marketing Director of SecurEnvoy said:

“It’s great to be returning to InfoSec again, in now our ninth year at the show. With the added focus and investment by Shearwater there has been significant additional interest from customers and the InfoSec community. As a leading vendor in this space, our partnership with Shearwater enables us to continue to invest in our market-leading multifactor offering, which provides our customers with enhanced protection at a time where their critical information assets remain under constant threat.”

InfoSec is Europe’s number one information security event featuring the most relevant information security solutions and products and has over 13,500 visitors.

Find out more about SecurEnvoy on their website or sign up for their blog.
30th May 2017

New Basingstoke office for Shearwater Group plc

In May, we opened a new office in Basingstoke, Hampshire. By establishing an office in the same location as SecurEnvoy we can directly support our wider offering, the SecurEnvoy team, channel partners and customers.

This office, in addition to the new SecurEnvoy offices recently opened in Germany and the US, will help provide an ideal platform from which we can focus on delivering our base and growth objectives.

Find out more about the new SecurEnvoy offices in Germany and USA.
10 May 2017

Shearwater Group plc welcomes SecurEnvoy

Shearwater Group plc (the “Group” or the “Company”) welcomes SecurEnvoy, its partners and customers to the Group following the approval of the acquisition at the General Meeting of the Company’s shareholders held on the 8 May 2017.

SecurEnvoy is a leading UK based provider of multifactor authentication software solutions used by over 1,000 customers across five continents. It is an example of a great British business with a fantastic history of innovation under Andy Kemshall and Steve Watts’ stewardship.

Mo Stevens said: “Our objective is to identify good, robust, innovative UK businesses where we can see the potential for growth. When we looked at SecurEnvoy we saw all those components: great team, innovative, and well positioned in the market, and we are thrilled to be able to support the business on the next stage in its journey.”

Andy and Steve will continue to lead SecurEnvoy as a portfolio company within the Group and SecurEnvoy will be a key platform in supporting the Group’s strategy of providing digital resilience solutions.

More about SecurEnvoy can be found on their website at: www.securenvoy.com