{"id":237511,"date":"2026-06-26T03:43:00","date_gmt":"2026-06-26T07:43:00","guid":{"rendered":"https:\/\/testing.news-you-need.com\/index.php\/2026\/06\/26\/striking-the-right-chord-in-cybersecurity\/"},"modified":"2026-06-26T04:00:42","modified_gmt":"2026-06-26T08:00:42","slug":"striking-the-right-chord-in-cybersecurity","status":"publish","type":"post","link":"https:\/\/testing.news-you-need.com\/index.php\/2026\/06\/26\/striking-the-right-chord-in-cybersecurity\/","title":{"rendered":"Striking the right chord in cybersecurity"},"content":{"rendered":"<p><a href=\"https:\/\/startupsmagazine.co.uk\/striking-the-right-chord-in-cybersecurity\">Striking the right chord in cybersecurity<\/a><\/p>\n<p><a href=\"https:\/\/startupsmagazine.co.uk\/striking-the-right-chord-in-cybersecurity\">https:\/\/startupsmagazine.co.uk\/striking-the-right-chord-in-cybersecurity<\/a><\/p>\n<p>Publish Date: <a href=\"publish_date]\">2026-06-26 03:43:00<\/a><\/p>\n<p>Source Domain: <a href=\"startupsmagazine.co.uk\">startupsmagazine.co.uk<\/a><\/p>\n<p>Author: <a href=\"\"><\/a><\/p>\n<p> Using an unordered list, summarize the following article with between 4 and 8 key points.<br \/>\nA pivot from a career in a rock band to cybersecurity may not be a conventional career path, but it shows how Toby Wilmington, Co-Founder and CEO of Periphery, has always gone against the grain.<br \/>\nHowever, his unquenchable curiosity about understanding how things work, including building computers and getting to grips with software, has translated well into a career in cybersecurity, which requires an inquisitive mind and a knack for technology.<br \/>\nWilmington explained that, while playing in a rock band, having children required him to look at potential careers that would help him support his family \u2013 noting that income in the music industry is not always \u201creliable\u201d.<br \/>\n\u201cI became a Microsoft certified engineer, I did a few networking courses,\u201d said Wilmington. \u201cI was self taught. But then I also did some of the certifications in networking and computing. I never went to university, I did this all on the job, but fundamentally [it was] the path to security.\u201d<br \/>\nAt that time, security was viewed as the responsibility of the IT team, which has since undergone a paradigm shift: companies recognise the importance of distributing these responsibilities and having security-literate employees. If an employee isn\u2019t taught how to recognise a phishing email and unwittingly clicks on what they believe to be a communication from their boss, they potentially open up their company\u2019s system to threat actors, and the fallout can be immense.<br \/>\nThe threats have evolved too. \u201cWe had worms and Trojans and early malware and things like this,\u201d said Wilmington, referring to when he started out. \u201cYou started to see a little bit of phishing, but it was more like adware. The start of common cyber threats, I\u2019d say.\u201d<br \/>\nWilmington helped a team build out Google Translate and led the engineering team; went to BAE Systems to build security capabilities for enterprises where he met his co-founders, Kane Ryans, who is the CTO of Periphery, and Adam Massey, Chief Security Officer, after which they moved to NATO together.<br \/>\nSECURING RESOURCE-CONSTRAINED DEVICES<br \/>\nPeriphery was born during Wilmington\u2019s work with Ryans and Massey at BAE Systems and NATO where they discovered that resource-constrained devices did not have sufficient cybersecurity.<br \/>\nBut as is always the case with cybersecurity, threat actors were becoming wise to the value of targeting resource-constrained devices in critical infrastructure. The rise of nation-state sponsored attackers and \u2018hacktivists\u2019 has meant that in times of global conflict, the number of attacks increase significantly, and critical infrastructure is a sweet spot where devices are lacking in security and cause a huge amount of disruption when attacked.<br \/>\nAlthough the mindset towards security in IoT and embedded devices is changing, its roots in what Wilmington described as an \u201celectronic engineer mindset\u201d meant that problems were typically dealt with from the perspective of how the hardware could be improved. But the majority of attack surfaces are software.<br \/>\nCoding for Periphery began in 2023, but the startup officially kicked off in 2024. In May of that year, Periphery held a pre-seed round which raised $1.6 million.<br \/>\nThe launch of the startup was attributed to the fact that the timing wasn\u2019t quite right in 2023, with regards to market momentum. However, the emergence of regulations like the Cyber Resilience Act (CRA) and NIS2 Directive indicated that the EU was taking security seriously by putting into place legal frameworks requiring companies to ensure their devices were secure.<br \/>\nI asked Wilmington if he thought the regulations had led to greater awareness, which in turn, had made it easier to communicate what they do.<br \/>\n\u201cThe market is in a maturing stage right now,\u201d said Wilmington, demurring the suggestion that awareness is widespread. \u201cMaybe it\u2019s not right to do a direct comparison to enterprise security, but if I use that, we\u2019re probably where we were in enterprise security five to seven years ago.<br \/>\n\u201cPeople are realising this, and now it\u2019s about how we secure these [devices] before they go out there.\u201d<br \/>\nWhat Periphery has done is create an easy-to-embed software agent which can go inside of operating systems and firmware. It\u2019s intentionally kilobytes in its size, designed to be resource light because of the types of devices it is embedded in.<br \/>\n\u201cWe essentially harden the device before it\u2019s put into production,\u201d he said, noting that not only is the device hardened before it\u2019s put out \u2013 referring to the process of reducing how vulnerable a system is by shrinking its attack surface \u2013 but it aligns with existing regulations.<br \/>\n\u201cWe\u2019re working on doing that autonomously, so actually self healing before it goes out.\u201d<br \/>\nDevelopment of their platform and software agent was challenging because of the world from which Wilmington and his co-founders hail, where there is an extremely low tolerance for clunky, hard to use software.<br \/>\nIt was challenging from a technical perspective, but also because Wilmington had to occupy a role different to what he was used to; going from fast-paced problem solving for customers to product building which was more time consuming.<br \/>\nSECURITY AS A DIFFERENTIATOR<br \/>\nThe scale of the issue Periphery, and other cybersecurity companies, are facing can be illustrated when looking at the honeypot Periphery have put out (industry jargon for a \u2018decoy\u2019 system to observe and analyse attackers\u2019 behaviour to get more intel): it\u2019s being attacked from around 50,000 to 100,000 times a day.<br \/>\n  See Also<\/p>\n<p>\u201cActually, this week, we\u2019ve seen over 300,000 attacks every day so far,\u201d stated Wilmington. \u201cWe let these attackers get into these devices, and we observe how they get into them. What are they doing in the system? What are they trying to exploit? How are they moving around things that you wouldn\u2019t detect at the network level?\u201d<br \/>\nWhat\u2019s interesting is that Periphery\u2019s detection models are built with rich data and can detect suspicious and malicious behaviour, which are embedded into its software agent. This means it has the capabilities to essentially act as \u201ca security analyst sitting inside of the device\u201d. It also means that detection and prevention can be done even without connectivity to the Internet.<br \/>\nIt\u2019s an intriguing application of AI, which has been regarded by some in the cybersecurity industry as a tool which has the potential to be exploited by threat actors. But for experts like Wilmington, it is viewed as an opportunity to maximise its capabilities, alleviate the workload facing human analysts, and increase the cost-effectiveness of their software.<br \/>\n\u201c[Organisations] see security as a differentiator. They don\u2019t want to be the product that is hit,\u201d said Wilmington. \u201cThey don\u2019t want to be the organisation that has been the reason for an outage.\u201d<br \/>\nYou only need to think of CrowdStrike \u2013 whose name may not have been known to many people outside of its customers, before its infamous outage in July 2024 where around 8.5 million computers were affected \u2013 to appreciate what is at stake.<br \/>\nWith this in mind, the first time a potential customer on a call recognised the value of Periphery\u2019s technology was a key highlight.<br \/>\n\u201cI remember the call was recorded, and I asked if we could send it around to the team, just to say \u2026 listen to this,\u201d shared Wilmington. \u201cI was smiling from ear to ear.\u201d<br \/>\nWilmington\u2019s wider lessons from building Periphery have been to surround himself with good people, have co-founders as a soundboard, and to embrace rejection and resilience.<br \/>\n\u201cThe people who have been the most successful that I\u2019ve seen [are] insanely resilient,\u201d he concluded.<br \/>\nThis article originally appeared in the November\/December 2025 issue of Startups Magazine.\u00a0Click here to subscribe<\/p>\n<p><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Striking the right chord in cybersecurity https:\/\/startupsmagazine.co.uk\/striking-the-right-chord-in-cybersecurity Publish Date: 2026-06-26 03:43:00 Source Domain: startupsmagazine.co.uk Author:&#8230;<\/p>\n","protected":false},"author":1,"featured_media":237513,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/startupsmagazine.co.uk\/wp-content\/uploads\/2026\/06\/cybersecurity.jpg","fifu_image_alt":"","footnotes":""},"categories":[15],"tags":[26,24,31,32,25],"class_list":["post-237511","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-ai","tag-cybersecurity","tag-exploit","tag-malware","tag-phishing"],"_links":{"self":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/237511"}],"collection":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=237511"}],"version-history":[{"count":1,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/237511\/revisions"}],"predecessor-version":[{"id":237516,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/237511\/revisions\/237516"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/237513"}],"wp:attachment":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=237511"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=237511"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=237511"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}