How universities and businesses can work together to foster innovation

Get in touch

Follow us on:

Practical advice on taking cyber security research through to commercialisation from academics with extensive experience.

Read time: 4 minutes

  • Understand your skillset and seek the additional support you’ll require

  • Know your customer and understand their needs

  • Don’t underestimate the cost, time, and practicalities of commercialisation

Transforming research into a commercial operation is no easy task, says Corinne May-Chahal, Professor of Applied Social Science at Lancaster University, and Neeraj Suri, Distinguished Professor and Chair in Cyber Security also at Lancaster. Here the two academics discuss the practicalities of commercialising university research, and share some practical tips for success.

How are universities fostering innovation in cyber security?

Corinne: The evolution of research to commercial startup is rarely straightforward. First it starts with research, and research can mean many things. We bring lots of different methods to bear and combine lots of different disciplines: social sciences, computer science, and so on. You start with one question and might end up somewhere else entirely. It's very serendipitous. It’s also sometimes very hard to predict, not a linear process. For example, a project I was involved in many years ago was looking at trying to detect age and gender deception. We did it. But then it looked as if the tech may have other applications. Suddenly, the era of Big Data hit and we saw that indeed there were lots of other possibilities. A spinout company emerged from that.

What are the opportunities of spinning out university research into a business?

Corinne: I think it's more helpful — given what I've just said — to think about spinning in rather than spinning out. For businesses it’s about accessing skills and cutting-edge knowledge. The important point about facilities like the Digital Innovation and Security Hub (DISH) is they can facilitate this matching. You've got stressed academics in universities who are working 10 to the dozen, stressed people in business doing what they do, and we’ve got to put them together and find the sweet spot where both groups to create great new ideas.

And the challenges?

Neeraj: Imagination is never the limitation. It's the practicality of turning university research into a business that's the challenge. I think there are two things worth mentioning here. The first is that the skillset of a researcher and a business leader are two different things. Great research does not make a great product. A great demo is not a great product. And a great researcher does not make a great business leader. The second is very simple. It's the question of time commitment. Researchers must balance research with teaching. Adding a business on top is a near-impossible challenge. 

Do you have any practical advice?

Neeraj: The first thing is to understand whether you're filling a need for an existing problem or creating a new need. A lot of people conflate the two. The second point — which is just as important as the first — is you really need to know your customer. The customer does not care about the research, the customer cares about value. So, if you cannot communicate the value proposition to a customer, you're gone. The third rule is that a lot of people do a terrible job at assessing the costs, time, effort, and capabilities needed for commercialisation. Remember, a demo is not a market product. So, understanding the reality of running a business is extremely important. The fourth point is to remember that things like intellectual property, market analysis — all the stuff researchers find less interesting — they are the killers that can make or break a venture.

How are universities fostering innovation in cyber security? 

Corinne: What we want to do is provide opportunities for innovation. Innovation is not a straightforward thing. You don't know what you don't know. It's wonderful to innovate — but that usually comes from putting different thinking together, different disciplines together, different methods together, different questions together, and matching them – and then you come up with something entirely new. That certainly applies to cyber security.

Barclays (including its employees, Directors and agents) accepts no responsibility and shall have no liability in contract, tort or otherwise to any person in connection with this content or the use of or reliance on any information or data set out in this content unless it expressly agrees otherwise in writing. It does not constitute an offer to sell or buy any security, investment, financial product or service and does not constitute investment, professional, legal or tax advice, or a recommendation with respect to any securities or financial instruments.

The information, statements and opinions contained in this content are of a general nature only and do not take into account your individual circumstances including any laws, policies, procedures or practices you, or your employer or businesses may have or be subject to. Although the statements of fact on this page have been obtained from and are based upon sources that Barclays believes to be reliable, Barclays does not guarantee their accuracy or completeness.

Share this page

Go back to the top of the page