CyberOwl is now a DNV Group company. Why now? What next?
Timing is everything.
This was my first startup.
Building a leading maritime cybersecurity business has been interesting. I made so many mistakes, learnt so many things. But easily the top one is: learning how to prioritise what is truly important, and when. It's not just about making the right decision. Timing them right is critical.
Reflecting back, there were a few decisions we made at critical points during CyberOwl 's evolution that particularly stood out for me. I hope sharing some of what I learnt so far is helpful food for thought for others looking to build maritime tech companies.
Straddling the chasm
Shifting strategies from a horizontal to vertical-focused proposition was probably our scariest decision.
Our goal was to make it easier to manage cyber risks of remote, operational assets. We eventually found that, unlike tackling general enterprise IT problems, we needed to focus product and marketing strategy at a specific sector. Understand the specific technical, operational and commercial constraints of the sector. Enshrine those as guiding principles for prioritising product decisions. Align security use cases with sector-specific risks. Tune proposition messaging for sectoral vernacular.
For various reasons, the maritime sector made sense for us as a beachhead market. In making that choice, we had to invent an innovation model that navigated diametrically opposing forces.
The choice we made required us to “straddle the chasm” - co-build with shipping operators that were nimble enough to make quick decisions, help us iterate our product through shorter feedback loops, but were not necessarily cyber mature. That demanded experimenting with a bunch of unconventional go-to-market and product management models. It involved carefully parsing out true security jobs-to-be-done, in a domain where our early adopters were generally still learning their own challenges.
From aligning with a category to creating one
Established enterprise SOC products and traditional controls don’t work well for remote, operational assets. We were seeing 90%+ adoption rates of firewalls and EDR / antivirus products. Yet the typical fleet of 30 vessels was still experiencing 80 incidents a year and the cost of cyber attacks to shipping grew 200% in 2023.
Asset operators were beginning to sense that a different approach was required. But to convert on this, we needed to build a category for (cyber security operations) secops for remote, operational assets.
Moulding a 𝚙̶𝚛̶𝚘̶𝚍̶𝚞̶𝚌̶𝚝̶ 𝚜̶𝚊̶𝚕̶𝚎̶𝚜̶ service-led growth approach
Every SaaS company is chasing product-led growth. It’s a great model. But PLG did not work for us in our problem space.
After trying this for a bit, and failing, we pursued service-led growth instead.
Without revealing too much of the thinking, this involved combining product, services and insights to deliver enduring value to customers. We wrapped Medulla in a managed SOC service. Delivered the SOC service via Medulla. And then used both Medulla and the managed SOC to continuously extract insights to add value to the sector. This required unorthodox product management approaches, highly integrated customer success processes and an active market engagement mindset.
The result of making these decisions at the right times is we grew significantly over the last few years, becoming one of the major vessel security operations providers globally. Working with some of the greatest shipowners and operators in the world.
But it’s now time to iterate again...
What got us here, won’t get us there.
The maritime sector is going through a lot of disruption. Suddenly. Needs are evolving. And we necessarily have to evolve with it to best serve our customers.
Combining forces with DNV , now, makes a lot of sense.
Recommended by LinkedIn
It helps us do more, but faster.
DNV has 12,000+ ships and mobile offshore units in class, 20% of market share in gross tonnes. This increases our reach of shipping companies and practitioners to build on and accelerate our awareness and education engine. It also helps us draw knowledge and insights from a wider pool, for the benefit of the whole network.
DNV has a network of maritime experts in 100+ countries. This unlocks a deeper understanding of customer pain points, across all the shipping and offshore segments, more quickly. It means getting CyberOwl’s Medulla and Security Operations Centre in front of more users, to shorten the feedback loops and ensure our product roadmap is continuously challenged to be set on the right path.
All of this advances our service-led growth approach and should expedite outcomes from it.
The agreed setup keeps CyberOwl a separate organisation. This allows us to draw from established infrastructure, whilst maintaining the agility, focus and decision-making speed of a small operation. It means we can direct almost all of our resources at initiatives that deliver the highest impact to our customers. And not get distracted by anything else.
This fundamentally improves our ability to serve our customers.
We can now make decisions on long term investments that benefit the sector. Decisions we did not have the luxury of making as a startup, beholden to funding cycles. To reveal two examples, DNV and CyberOwl together can now:
It maximises opportunities for our people
CyberOwl will be part of the DNV Cyber capability. This creates one of the world’s largest pools of specialists in security of maritime and offshore systems and fleet operations - 70 people dedicated to securing maritime and offshore assets. It also brings together 500+ experts specialising in critical infrastructure resilience from DNV, Applied Risk - Critical Infrastructure Made Secure and Nixu Corporation .
Not only does this benefit our customers, this maximises learning and growth opportunities for our people. It diversifies sources of learning and technical problems we will encounter. It speeds up our people’s ability to learn by enabling them to draw from a larger pool of knowledge. And all this with an organisation that seems to share a remarkably strong overlap with our own values at CyberOwl.
This makes CyberOwl an excellent place to work and grow with.
All in all, a pretty exciting future.
Thank you to the CyberOwl team, old and new. You're among the most talented people I've ever worked with. And that's saying something! I look forward to the next chapter with you.
It is impossible to call out all the people that have helped us along the way. But there are a few standouts. Some spent significant time helping us define, create and refine. Others may have just said or did one thing. But that sparked more momentum than maybe even they realise.
Siraj Ahmed Shaikh , Pete Jaco , Matthew Bowcock , Paul Noon , David Baker , Abdullah Al-Shaksy , Omiros D. Sarikas , Tom Ilube CBE , Paul Lewis , Alistair Forbes , Jamie Dunnett , Ollie Whitehouse , Robert Hannigan , Ian Levy , James C. , _Steven Trippier , Bryan Littlefair , Andy Williams , Daniel Russell , Stephen Wray , Andrew Roughan , Saj Huq , Dhritiman Hui , Gil Ofer , Matthew Maheras , Kostas G. , Dimitris Makris , Patrik Lucio Bollini , Costas Th. Grammenos CBE, DSc. , TS Teo , Nakul Malhotra , Ronald Spithout , Roine Ahlquist , Max Wong Guan Peh, PMP, CRISC , Ron Fong , Paul Lucherini , Tim Passingham , Paul Dean , Tom Walters , Henry Clack , Anne Marie Bennett.
Thank you all for all the lessons.
I've probably missed some other key people and will have to keep editing this section!
There's so much more to do to advance cyber security of remote, operational things. I look forward to working with Liv Astri Hovem , Knut Ørbeck-Nilssen , Teemu Salmi , Trond Hodne , Svante Einarsson , Thierry Coq , Jalal Bouhdada , Auke Huistra and the wider DNV family to build this.
If you’re reading this and feel a sudden urge to improve the cybersecurity of your maritime and offshore systems, find out how we can help you. Or come and help us.
There's so much we can achieve together.
Back to work.
Partner and Global Head of Shipping at HFW
2moWell done Daniel Ng and all at CyberOwl. It has been inspiring to observe your development via the The Captain's Table and through your collaboration with HFW. Onwards and upwards!
Finance Director
2moThanks for the mention Daniel Ng. Working with both you and Dan Eccles continues to be a pleasure. Congratulations to everyone involved at CyberOwl and wishing you all lots of success in your new ventures with DNV.
Chief Information Officer
2moCongrats Daniel Ng - grateful for the CyberOwl team's collaboration and mutual learning. Looking forward to seeing you all reach new heights!
What a brilliant story, Daniel Ng and a huge testament to the vision, hard work and tenacity that you have shown throughout. Congratulations to you and the whole CyberOwl team!
Corporate Finance | Tech Sector | M&A | Exit | Fundraising | Partner at Headpoint Advisors
2moMany congrats on this Daniel