Osney Capital has closed its debut cybersecurity fund at a £60 million hard cap after investors piled in beyond its original target, marking one of the UK’s largest first-time seed funds focused exclusively on cyber startups.
The London-based firm tells Resilience Media it set out to raise £50 million but ended up closing the fund at its £60 million limit. The British Business Bank came in as a cornerstone investor through its Enterprise Capital Funds programme, and the fund also carries accreditation from the UK’s National Security Strategic Investment Fund (NSSIF), underscoring its focus on technologies with national security relevance.
Since its first close last year, Osney has invested in seven companies spanning software supply chain security, AI security, identity governance, and disinformation detection – including Refute – writing cheques of between £250,000 and £2.5 million as it builds a target portfolio of 30 early-stage UK cybersecurity companies.
For Osney’s founders, however, the story is less about fundraising than the pace at which cybersecurity itself is changing. Despite a subdued venture capital market, the VC firm says specialist cybersecurity investors have largely escaped the slowdown.
“We hear a lot about that from our peers in the generalist community,” said Paul Wilkes, partner at Osney Capital, speaking to Resilience Media. “We don’t see it necessarily day to day. We’re quite fortunate in that sense.”
He argues that increasingly complex technology environments, combined with attackers’ growing use of AI, are opening opportunities for specialist startups to move faster than established security vendors.
“The technology stack for enterprise customers, for government, etc. – that’s only getting more complex day by day, and with complexity comes opportunity for the bad guys,” Wilkes said. “The incumbent solutions just can’t move fast enough to solve those problems, so it creates all the ingredients that you need for entrepreneurs building startups to solve problems quickly.”
Artificial intelligence is reshaping where the firm wants to invest. Rather than simply looking for companies applying AI to cybersecurity, Osney is increasingly interested in businesses tackling entirely new risks created by AI adoption itself.
Wilkes pointed to what he described as “the vulnerability challenge” created by AI-assisted vulnerability discovery, alongside growing demand for technologies that secure AI agents, protect hardware and edge devices, and help people make better security decisions.
“The time to exploit from public disclosure of a vulnerability to when it’s been exploited – the average this year is six hours,” he said. “In 2021 that was roughly 10 months, and last year was 22 days.”
Wilkes believes investors have also become more selective about where they place their bets.
“There was this polarisation of appetite from LPs,” he said. “We saw them either looking for allocations to the very, very large global brand names… or hyper specialist emerging managers that had a very, very specific reason as to why they could do X best in the world.”
That specialist approach extends to national security, although Wilkes rejects the idea that defence organisations face fundamentally different cyber threats from everyone else.
“It’s a question of degree rather than difference,” he said. “Lots of the same themes, lots of the same problems. The degree of hygiene and risk that you’re willing to accept… is perhaps the difference, as opposed to different themes in the defence, critical national infrastructure and intelligence space.”
Walter also argued that Britain’s cyber ecosystem is entering a more mature phase, aided by successful companies that produce experienced founders and early employees willing to launch their own businesses.
For years, Israel and the United States have dominated cybersecurity entrepreneurship, but Wilkes believes the UK now enjoys an advantage of its own: a sizeable domestic customer base.
“In the UK we have a $17 billion annual cyber market,” he said. “That’s a big enough market, with recognisable global brands as buyers, to allow the UK to act as a launchpad the next generation of startups with global ambition”
Government backing has also played a significant role. The British Business Bank contributed £36 million of the £60 million fund, providing what Wilkes described as an important vote of confidence for other investors.
“It was an incredible signal,” he said. “They do a great job at making sure they’re investing in the right people… and that helped us, frankly, be an institutional-grade manager from day one.”
