Striking the right chord in cybersecurity

https://startupsmagazine.co.uk/striking-the-right-chord-in-cybersecurity

Publish Date: 2026-06-26 03:43:00

Author:

Using an unordered list, summarize the following article with between 4 and 8 key points.
A pivot from a career in a rock band to cybersecurity may not be a conventional career path, but it shows how Toby Wilmington, Co-Founder and CEO of Periphery, has always gone against the grain.
However, his unquenchable curiosity about understanding how things work, including building computers and getting to grips with software, has translated well into a career in cybersecurity, which requires an inquisitive mind and a knack for technology.
Wilmington explained that, while playing in a rock band, having children required him to look at potential careers that would help him support his family – noting that income in the music industry is not always “reliable”.
“I became a Microsoft certified engineer, I did a few networking courses,” said Wilmington. “I was self taught. But then I also did some of the certifications in networking and computing. I never went to university, I did this all on the job, but fundamentally [it was] the path to security.”
At that time, security was viewed as the responsibility of the IT team, which has since undergone a paradigm shift: companies recognise the importance of distributing these responsibilities and having security-literate employees. If an employee isn’t taught how to recognise a phishing email and unwittingly clicks on what they believe to be a communication from their boss, they potentially open up their company’s system to threat actors, and the fallout can be immense.
The threats have evolved too. “We had worms and Trojans and early malware and things like this,” said Wilmington, referring to when he started out. “You started to see a little bit of phishing, but it was more like adware. The start of common cyber threats, I’d say.”
Wilmington helped a team build out Google Translate and led the engineering team; went to BAE Systems to build security capabilities for enterprises where he met his co-founders, Kane Ryans, who is the CTO of Periphery, and Adam Massey, Chief Security Officer, after which they moved to NATO together.
SECURING RESOURCE-CONSTRAINED DEVICES
Periphery was born during Wilmington’s work with Ryans and Massey at BAE Systems and NATO where they discovered that resource-constrained devices did not have sufficient cybersecurity.
But as is always the case with cybersecurity, threat actors were becoming wise to the value of targeting resource-constrained devices in critical infrastructure. The rise of nation-state sponsored attackers and ‘hacktivists’ has meant that in times of global conflict, the number of attacks increase significantly, and critical infrastructure is a sweet spot where devices are lacking in security and cause a huge amount of disruption when attacked.
Although the mindset towards security in IoT and embedded devices is changing, its roots in what Wilmington described as an “electronic engineer mindset” meant that problems were typically dealt with from the perspective of how the hardware could be improved. But the majority of attack surfaces are software.
Coding for Periphery began in 2023, but the startup officially kicked off in 2024. In May of that year, Periphery held a pre-seed round which raised $1.6 million.
The launch of the startup was attributed to the fact that the timing wasn’t quite right in 2023, with regards to market momentum. However, the emergence of regulations like the Cyber Resilience Act (CRA) and NIS2 Directive indicated that the EU was taking security seriously by putting into place legal frameworks requiring companies to ensure their devices were secure.
I asked Wilmington if he thought the regulations had led to greater awareness, which in turn, had made it easier to communicate what they do.
“The market is in a maturing stage right now,” said Wilmington, demurring the suggestion that awareness is widespread. “Maybe it’s not right to do a direct comparison to enterprise security, but if I use that, we’re probably where we were in enterprise security five to seven years ago.
“People are realising this, and now it’s about how we secure these [devices] before they go out there.”
What Periphery has done is create an easy-to-embed software agent which can go inside of operating systems and firmware. It’s intentionally kilobytes in its size, designed to be resource light because of the types of devices it is embedded in.
“We essentially harden the device before it’s put into production,” he said, noting that not only is the device hardened before it’s put out – referring to the process of reducing how vulnerable a system is by shrinking its attack surface – but it aligns with existing regulations.
“We’re working on doing that autonomously, so actually self healing before it goes out.”
Development of their platform and software agent was challenging because of the world from which Wilmington and his co-founders hail, where there is an extremely low tolerance for clunky, hard to use software.
It was challenging from a technical perspective, but also because Wilmington had to occupy a role different to what he was used to; going from fast-paced problem solving for customers to product building which was more time consuming.
SECURITY AS A DIFFERENTIATOR
The scale of the issue Periphery, and other cybersecurity companies, are facing can be illustrated when looking at the honeypot Periphery have put out (industry jargon for a ‘decoy’ system to observe and analyse attackers’ behaviour to get more intel): it’s being attacked from around 50,000 to 100,000 times a day.
See Also

“Actually, this week, we’ve seen over 300,000 attacks every day so far,” stated Wilmington. “We let these attackers get into these devices, and we observe how they get into them. What are they doing in the system? What are they trying to exploit? How are they moving around things that you wouldn’t detect at the network level?”
What’s interesting is that Periphery’s detection models are built with rich data and can detect suspicious and malicious behaviour, which are embedded into its software agent. This means it has the capabilities to essentially act as “a security analyst sitting inside of the device”. It also means that detection and prevention can be done even without connectivity to the Internet.
It’s an intriguing application of AI, which has been regarded by some in the cybersecurity industry as a tool which has the potential to be exploited by threat actors. But for experts like Wilmington, it is viewed as an opportunity to maximise its capabilities, alleviate the workload facing human analysts, and increase the cost-effectiveness of their software.
“[Organisations] see security as a differentiator. They don’t want to be the product that is hit,” said Wilmington. “They don’t want to be the organisation that has been the reason for an outage.”
You only need to think of CrowdStrike – whose name may not have been known to many people outside of its customers, before its infamous outage in July 2024 where around 8.5 million computers were affected – to appreciate what is at stake.
With this in mind, the first time a potential customer on a call recognised the value of Periphery’s technology was a key highlight.
“I remember the call was recorded, and I asked if we could send it around to the team, just to say … listen to this,” shared Wilmington. “I was smiling from ear to ear.”
Wilmington’s wider lessons from building Periphery have been to surround himself with good people, have co-founders as a soundboard, and to embrace rejection and resilience.
“The people who have been the most successful that I’ve seen [are] insanely resilient,” he concluded.
This article originally appeared in the November/December 2025 issue of Startups Magazine. Click here to subscribe