Boxphish, the Leeds-based cyber security training company, has announced growth plans following a strong year.
The fast-growth business provides ‘human risk’ management solutions that are proven to improve organisation-wide cyber awareness, aimed at reducing human error.
With the increase of cyber threats such as ransomware, it’s an area of the market that is growing. Through a combination of learning-based phishing simulations and short, regular training content Boxphish helps businesses train employees to quickly identify and report potential attacks.
After receiving a six-figure investment from Mercia Debt Finance in 2022, the business has enjoyed rapid growth, reporting a 139% increase in sales over the last year, and a compound annual growth rate of 333% from 2021 through 2023. It recently relocated its Yorkshire headquarters to Park Row, Leeds.
In response to the increasing demand for targeted employee training, the business is recruiting a further seven heads and launching its academy, to support its existing team and new starters become proficient in a topic that is becoming increasingly complex in an evolving threat landscape. Boxphish currently employs 18 people across software development, marketing, customer service, finance and sales.
The business is seeing organic growth across key markets including education, not for profit and its corporate base, now counting Preston Council, Trafford Council and B&M stores among its key customers.
Nick Deacon Elliot, Boxphish CEO, said: “We have ambitious growth plans and the funding allowed us to put fuel on that fire. Since then, we’ve significantly expanded our national and international customer base, we’ve relocated our headquarters, and we’ve doubled our headcount to 18; soon to be 25 following our current recruitment drive.”
“We’re helping organisations such as Trafford and Preston Councils better manage human risk and strengthen their cyber defences by empowering their people to spot cyber-attacks. With over 500,000 end-users now on the platform, Boxphish has set the standard for what an effective and people-first approach to cyber training looks like.
“The cyber market has changed significantly. Cyber-attacks are at an all-time high and show no sign of slowing. As we get more savvy to the types of attack, cyber criminals up their game and come back strong. We are being targeted everyday by increasingly sophisticated cyber-attacks and it’s catching us out. That’s why it’s so important that organisations educate their employees regularly with to-the-point, relevant training.
“90% of cyber-attacks are a direct result of human error and organisations are quickly realising that it is a must to educate their people on how to spot cyber-crime and scams. Organisations have a duty to educate their teams in both the workplace—and equally as important—in their home life. This is something we are really passionate about at Boxphish.”
The cyber security training market is set to grow to over $12 billion by 2027, and with attacks and breaches regularly making the headlines, you can understand why.
David Wright, Investment Manager at Mercia Asset Management PLC, said: “The growth within the cyber security training market presents a lot of opportunity. We’re proud to be backing Boxphish and it’s great to see that our support has resulted in such success.”
Following a third-party audit of end-user data, Boxphish was able to demonstrate that a trained end-user is 8x less likely to fall for an online scam or phishing email.
Nick said: “Now’s the time for organisations to double down. Effective cyber risk mitigation goes beyond technical controls. Organisations need to adopt more human-centric approaches to cyber security to effectively reduce risk.
“Our focus over the next 12-months is to ensure we continue to build on the foundations we have already laid. Major platform updates are due to be released in Q4 2023 along with the creation of new roles in our customer success and commercial departments.”