Awen goes to the USA


As part of the prestigious Tech Nation Cyber programme (1st cohort), Awen took the opportunity to visit the USA in the week commencing the 2nd of September 2019.

Our CTO, Jules Farrow, attended the trip, with various others from the Tech Nation Cyber cohort. The trip included:

It was a great week, where we built new business connections and further explored the possibilities afforded by expansion into the Americas.

If you’re local to South Wales too and would like to learn more about our experience with Tech Nation Cyber and our learnings on the US market, we’ll be recounting some tales at the South Wales Cyber Cluster September Meeting on Tuesday 17th, come and join us!


Awen Collective: What's in a name?


We are often asked why we chose the name “Awen Collective” as our formal business name. It is quite unlike other cyber security software companies out there. So why “Awen Collective”?


Awen Collective was founded and established in Wales. We wanted a Welsh word in the business name to reflect our founding. Awen is a Welsh (and Cornish and Breton) word, the most direct translation is “inspiration.” However, Awen is much more than that, it is a very old Celtic concept that can be translated as the flowing spirit which sustains life.

As Awen Collective was founded to improve the business and societal continuity (i.e. life) of advanced manufacturers and critical infrastructure providers in the event of disruption (e.g. cyber attacks), we felt that a word about life force in general reflects that quite well.

Other cyber security companies, especially software product companies in this space, have business names or product names which are authoritarian sounding, perhaps they could even be described as masculine. This is probably to try to enforce the nature of being reliable and disciplined, an assertive force hinting at protection.

Awen, on the other hand, is a much more softer sound, it has a completely different feel reflecting a different set of attributes. It sounds as if it is willing to acknowledge vulnerabilities as being inevitable and is understanding enough to foster self-improvement, providing guidance on how best to make improvements.

Our primary corporate colour is a light green colour. This is related to the word Awen, in that the green colour symbolically represents “go,” “continue” and “good.” Traditionally it also represents life on Earth, through the primary colour of plants.

The “collective” word is because we acknowledge that all workers in the company are problem solvers. Collectively we solve large cyber security problems, and we do this through the development and offering of software. This word embodies our values and our internal business style. Although as we go forward we will be using less in public materials and eventually only in formal documentation.

There we have it, we have our reasons for choosing the name Awen Collective. We like the name, and it continues to represent who we are.

Event: Factory of the Future - Big Data and Automation


Last Tuesday (10th September 2019) Awen attended the Factory of the Future (Big Data & Automation) event organised by ESTnet, supported by Barclays and hosted by the Newport Wafer Fab.

We heard from three keynote speakers:

  • Mike Lakoju from Cardiff University, who spoke about the Chatty Factories project which attempts to apply cutting-edge data science techniques for a variety of factory-floor applications.

  • Emily Bristow from BluePrism, who spoke about their software bot system RPA used to automate IT & business processes

  • Gareth Jones from the industrial automation division of Omron Electronics in the UK.

We also had a great tour around the wonderful Newport Wafer Fab.

We were invited by the organisers to come along to exhibit our software & services as part of a local showcase of solution providers within Factory of the Future / Industry 4.0 / Smart Factories. We spoke to delegates about our asset & vulnerability discovery for OT system Dot, our NIS Directive compliance system Profile, and the past-present-future of Awen Collective in general.

Awen develops software which provides practical solutions to cyber security problems in industrial environments, and we do so through local and a global lenses. We will continue the dialogue with all partners involved in this event, and invite others reading this to contact us today to get involved in that dialogue.


Life disrupted by cyber attacks

Cofounder & CEO of Awen Collective, Daniel Lewis, explains the motives behind Awen Collective.

One thing that I am often asked is “why did you set up the company?” and the answer really is multi-faceted:

First, Andrew and I found an opportunity in the market. Combined, we had been doing digital forensics on IT systems for years, but we had found that, more-and-more, we were being asked to perform investigations on embedded systems, IoT and on Operational Technologies (OT). Unlike IT forensic investigations, there needs to be an entirely different approach to digital forensics & incident response for industrial control systems, IoT networks and embedded systems. You can’t just repurpose IT software and IT digital forensics approaches. Awen Collective was really created in order to develop the tools and techniques to assist in the response to cyber attacks, and other incidents, on complex networks of digital devices. Andrew decided to take a different direction and provide services solutions, whereas I continued by building a team to primarily provide product solutions.

Secondly, it was the right time for me personally. I had worked in professional roles such as software engineering and data science. I had done interesting business-focused things like technology evangelism and tech events planning. I had been through academia with my PhD research at the intersection of artificial intelligence and cyber-physical security, and I had my researcher role in cyber-security and digital forensics. I was looking for something new, something where I could take the theory, match it with market need (or “market pull”) and actually develop market-ready software solutions using my own experiences in professional software engineering, business and academic cyber-security. This desire to provide production-quality solutions to market, was then accelerated by the UK Department for Digital, Culture, Media & Sport (DCMS) who gave me the initial inspirations and skills required to turn it into a growing business.

Thirdly, and definitely not finally, it was the acknowledgement that the software that we could (and are) building at Awen could really have an impact on society. Acknowledging that our software solutions, whether off-the-shelf or more bespoke, are all about improving the operational resilience of critical national infrastructures, advanced manufacturers and building automation & control system owners. This organisational resilience then improves supply chain resilience, and importantly improves societal/community resilience.

Taking the technical aspects out of the equation for a moment. As people - people in contemporary societies and communities - we rely on services. These services are critical to the day-to-day functioning of our societies and communities. Infrastructure such as drinking and waste water, electricity, oil & gas (both home/office supply, but also petrol & diesel), chemical production, transport (in the form of road, rail, air and marine), healthcare (regardless of public or private), financial services and so much more – also including food & drink manufacturing, agriculture, pharmaceuticals manufacturing. The list just goes on and on. These services are all in one big, and complex, interdependent network.

In the UK, you only have to look at the recent power-cuts through the electricity grid (on Friday 9th August 2019). Not only did homes and offices have no light or electricity. It caused transportation to come to a standstill, including on overground and underground trains in London. It also caused hospitals to set-up emergency back-up systems. All because two of the larger electricity generators (one gas powered, and one offshore wind powered) had faults at roughly the same time. One cannot imagine the full disruption that fault had to people lives and business, and then there is implicit and explicit economic damage too.

You see, in contemporary society, we rely heavily on these systems and services. Ensuring the organisations which own and manage these critical services and systems are doing their very best to understand their cyber risk, and are prepared for responding to cyber attacks or other digital incidents, is absolutely fundamental.

Awen was started to assist with the whole digital forensics and incident response lifecycle, and we feel that we are making a positive impact. Minimising the disruption to society, by improving operational resilience and business continuity, by producing software.

 Feel free to get in touch by email:

Cyber Security for Aviation

British Airways (BA) has appeared in the news recently because data of around 500,000 customers has been stolen from their website and mobile app, and this has led to the Information Commissioner’s Office (ICO) in the UK handing them a potential fine of £183.4million (GBP) under the General Data Protection Regulation (GDPR). This is a fine of approximately 1.5% of their worldwide annual turnover, with the maximum fine being 4% of annual turnover (or around £18million, whichever is greater).


At the same time as GDPR came into force across the EU, The NIS Directive also came into force (somewhat drowned out by the GDPR noise, unsurprisingly). The NIS Directive requires organisations within Critical National Infrastructure, including transportation networks such as aviation, to embed a particular level of cyber security and incident response planning throughout the entire organisation from engineering operations and IT, through to board level.

In the UK, the National Cyber Security Centre (NCSC) which is the public-facing cyber security division of GCHQ, released the Cyber Assessment Framework (CAF) to address the minimal requirements critical national infrastructure must adhere to in order to be compliant enough for the regulation. It was the CAF that was the initial framework of our Profile software. Audits against the CAF are then checked by the regulators for the different sectors.

For the aviation sector in the UK, the NIS Directive regulation still applies, and the Civil Aviation Authority (CAA) is the organisation charged with ensuring that aviation organisations within the UK are complying with that regulation. They, however, are currently not using the NCSC CAF but are using their own framework entitled “CAP 1574: 26 security controls for regulation.”

It is with pleasure that we announce full support of CAP 1574 in the Profile product by Awen Collective, meaning that we make the whole process of helping aviation organisations within the UK comply with the NIS Directive, enabling them also to track their scores over time and assist them with making improvements.

Within the aviation sector, the regulation and the framework should apply to all organisations that own or operate: aircraft, airlines, airports, airspace management and aviation security. The NIS Directive also states that suppliers to these organisations should also have the same or greater levels of cyber security.

Building Automation and Control within Aviation

Aviation sector organisations have to consider the cyber security of their facilities, including their buildings - both private and public-facing, including airports. These buildings are increasingly being fitted with digital networks and internet-connected devices. These devices are often sensors but in some cases they are controllers and actuators (something that makes a physical change). Examples include Heating, Ventilation, Air Conditioning (HVAC); elevators, escalators and travelators; physical access systems (such as key cards or biometric scanners); bag checking systems; fire alarms and so on.

These systems generally come under the category of Building Automation & Control (BAC), and it is with pleasure that we announce that our product Dot supports protocols for BAC, including BACnet. With our software, organisations within the aviation sector will be able to perform automated asset and vulnerability discovery, leading to a greater understanding of risk and the mitigation of that risk. Dot will not only help to improve safety and security within an aviation organisation, but will also help to save money as budget can be correctly allocated to any security concerns before an incident happens. Dot will also help aviation organisations to achieve various components of the CAP 1574 and the Cyber Assessment Framework, in particular those compliance points related to Asset Management, Risk Management, Secure Configuration, Network Segregation, Security by Design, Vulnerability Monitoring and Knowledge Sharing.

Profile and Dot are available now to the aviation industry, contact us today to book a demonstration and to discuss next steps, by emailing

This is the first in a series of a series of blog posts about the cyber security of Building Automation and Control (BAC) and Building Management Systems (BMS).

The Role of Security in Automation

Prompted by a LinkedIn article written by our good friend James Chappell at Digital Shadows, entitled “The Role of Automation in Security” we thought that it would be a great idea to explore the converse of the concept and write about “The Role of Security in Automation” as this is exactly what we at Awen Collective are addressing.

Automation has almost always been for simplifying repetitive or dangerous tasks (or captivating imagination). This has been the case since the ancient Greek legends of automatons through to the contemporary physical robotics and digital assistants.

Homes, office buildings, factories, airports, national infrastructure, even entire cities are now being connected with systems providing advanced analytics to be able to enhance the efficiency of business and society, and to improve human-safety. However, with the inter-connectivity of physical systems comes the ever increasing ability to attack them. These systems are, for the most part, not IT-based technology (at least not entirely), they are Operational Technologies made with specific control and/or sensory processes in mind. Quite often there is a blend of legacy and contemporary technologies, often with no or limited embedded cyber-security out-of-the-box.

While some organisations are attempting to address this with active monitoring and intrusion detection technologies, they have had limited success due to the requirement of costly network reconfiguration to support these emerging technologies, and a lack of support for the legacy technologies still in use.

Awen Collective takes a different approach. With our experience performing digital forensics on these systems we have developed software (and accompanying techniques) which do not require a significant configuration overhaul. In fact, our software is specifically tailored to work on whichever network topology is in place, even if it is legacy, even if it is serial, even if it is messy and distributed. We give critical infrastructure, advanced manufacturers, smart cities and a whole load of other potential stakeholders the ability to understand the vulnerabilities of their operational networks and their cyber-physical systems. This allows them to better understand their cyber-risk and improve their cyber-security efforts, reducing their cyber-risk in a cost-effective manner and improving their compliance to a plethora of cyber-security related regulations & standards.

If you’re an owner or administrator of operational technologies or cyber-physical systems, ranging from industrial control systems (ICS, such as SCADA or IIoT), networked robotics, building control systems (including physical security and HVAC systems); then we are certainly able to help you improve your cyber-security, reduce your cyber-risks, and improve your compliance. We’re even able to assist post-incident with the necessary investigation and the reporting of the attack to relevant authorities.

Just get in touch, we’re always up for an exploratory chat. Email to schedule in a call or a face-to-face:

We hope to hear from you soon.

Daniel - CEO & Cofounder, Awen Collective

Collaboration across EU helps cyber-security of society


Awen Collective has produced a Software-as-a-Service product called Profile which makes it much quicker and easier for Critical National Infrastructure, their partners and their regulators to perform audits to ensure regulatory compliance to the NIS Directive. We are also actively working on other projects for some of our continental partners.

The NIS Directive is a European Union directive that has, as of 2018, been implemented in law in all 28 member states of the EU (including the UK). This regulation provides a much needed prompt to European critical infrastructure providers to improve the cyber-security policies, processes and technologies within their whole organisation – from board member to engineer, from IT to Operational Technologies (OT).

However, it is not the only good thing that the European Union has done or is doing in regards to cyber-security in general and industrial cyber-security in specific. We don’t even need to mention GDPR. This blog post outlines some of the other great initiatives.

Europe-wide Cyber-Security Initiatives & Programmes

European Union Agency for Network and Information Security (ENISA) – is a great organisation (or agency) which contributes to the network & information systems security across Europe, with a particular focus on ensuring the security and safety of European society, commerce and government. It is a very holistic organisation, very much worth checking out if you have not heard of them. ENISA has done so well over the years, that the EU decided to enhance the powers of ENISA through the Cybersecurity Act of December 2018.

The Computer Emergency Response Teams for the EU institutions, agencies and bodies (CERT-EU). It provides threat intelligence and assistance in the prevention, detection, mitigation and response to cyber-attacks by providing a cyber-security information exchange. It works closely with other CERTs in the public & private sectors across Europe.

The European Cyber Crime Centre (EC3) is a division of the EU agency for law enforcement cooperation (EUROPOL). EC3 assists with the law enforcement response to cyber-crime across the EU, with particular focus on strategy, forensics and operations/intelligence. EC3 publishes the Internet Organised Crime Threat Assessment report, which highlights some interesting information.

The European Cybersecurity Industrial, Technology and Research Competence Centre (ECITRCC) is a policy-driven centre focused on the European digital market. It will contribute to the deployment of the latest cyber-security technology, provide financial & technical support to cyber-security start-ups & SMEs, it will support industrial R&D, push high-levels of cyber-security standards and facilitate cooperation between civil & defence spheres in regards to cyber-security. It is too early to say how effective the Centre will be, but it seems to be very promising.

There is also a significant number of funded R&D initiatives across Europe through the Horizon 2020 framework, which require collaboration from different organisations in at least a few member states and typically support a mixture of SMEs, universities, larger organisations and the public sector across Europe.

Plus much much more…

All of the above combine to help everyone living and working in Europe to have a safe and secure society.

What are Awen Collective doing?

Awen Collective have built software to provide solutions to an international problem. One product, Profile, addresses the NIS Directive directly and is naturally a European-focused product. Contact us today to organise a demonstration of Profile. Email:

Meet Awen Collective at InfoSec Europe - 4-6 June 2019


The Awen Collective team will be at Information Security Europe (InfoSec) in London, at the Olympia, from the 4th to the 6th June 2019. You will be able to find out more about us, and talk with us, at the Welsh Government stand at Stand Q75. Tickets for InfoSec 2019 are free prior to the first day of the event, so book in advance. The event buzzes every year, with a passion for cyber-security, it is truly a must-see in the UK..

Our CEO & CTO will be around for meetings on the afternoon and evening of the 4th June, and the rest of the team will be able to answer any general questions on the 5th and 6th June. To set up a meeting in advance, please email with the subject line InfoSec 2019 and we will confirm as soon as we can.