The UK investors actually funding cybersecurity in 2026 fall into four groups. One dedicated home-grown seed fund, Osney Capital. A cluster of US and global specialists that have planted offices in Cheltenham and London: Ten Eleven Ventures, Forgepoint, Evolution Equity and Paladin. Generalist VCs with real cyber books, led by Dawn Capital, Index Ventures and Balderton. And a growth-equity and private-equity layer consolidating managed security, run by Bregal Milestone, Livingbridge and Hg, with state money from NSSIF and British Patient Capital sitting underneath all of it. The whole UK sector pulled just £184M across 47 deals in the latest DSIT data, down 11 percent on the year before, against £14.7B of sector revenue and 2,603 active firms.
A cybersecurity investor here means anyone putting equity into UK security companies, from a founder's first pre-seed cheque through the growth rounds and the private-equity buyouts that consolidate the managed-security market. I read this from an operator's seat, because I run growth for MSPs and cyber firms and spend my time watching where the money lands rather than where the press releases say it does. This is the UK cut of the global picture I laid out in the most active cybersecurity VCs worldwide, and it publishes alongside companion maps of the active cyber investors in Europe and the Middle East. Here is who funds UK cyber, sourced and dated, tier by tier.
Tier 1: the cyber-specialist funds active in the UK
Specialists raise cyber-only capital and take the earliest bets. The UK has exactly one native dedicated cyber seed fund, and the rest of the specialist layer is US or global firms that decided the UK was worth a physical office. When one of these writes your seed cheque, you are buying a network of CISOs and design partners that a generalist rarely matches.
Osney Capital
The UK's first dedicated cybersecurity seed fund, based in Cheltenham and London. Its debut vehicle closed oversubscribed at a £60M hard cap against a £50M target, with the British Business Bank as cornerstone LP through a £36M commitment, NSSIF accreditation, and Imperial College's endowment among the LPs. It writes £250k to £2.5M into pre-seed and seed, run by founders Adam Cragg, Josh Walter and Paul Wilkes. Early portfolio: MindGard (AI security testing, a Lancaster spinout), Sitehop (hardware-enforced network security, Sheffield), RevEng.AI (binary analysis, London) and ESProfiler (Manchester).
Ten Eleven Ventures
A global cyber-only specialist that chose Cheltenham for its first office outside the US, led by general partner Dave Palmer, a Darktrace co-founder. The firm runs more than $1B in assets across 50-plus cyber investments and seven unicorns. On the UK side it led Device Authority's £5.6M Series A in February 2024. Putting a Darktrace founder in Cheltenham is a deliberate bet on UK deal flow the London generalists tend to miss.
Paladin Capital Group
A cyber and deep-tech investor founded in 2001 with a London office among its bases. Its Cyber Fund II closed at $372M in June 2022, and a sixth flagship targeting $300M reached first close in mid-2025 with seven deals already done. Its 2025 UK deal was Mimica in September, and the year delivered six exits including CalypsoAI to F5 for $180M and Corellium to Cellebrite for $200M. Paladin leans toward national-security-grade technology moving into commercial markets.
Forgepoint Capital
A US cyber and AI specialist with more than $1B in assets and 40-plus portfolio companies, now running a European operation out of London. Its Forgepoint Capital International hub covers Europe, Latin America and Israel, anchored by a strategic alliance with Banco Santander that gives it a corporate channel most VCs lack. Its European track record includes AlienVault, which sold to AT&T, and BehavioSec, acquired by LexisNexis. Forgepoint plays comfortably from seed through growth inside the same company.
Evolution Equity Partners
A cyber-only growth investor with offices in New York, Palo Alto, London and Zurich, and more than $2B under management. Its third fund closed at $1.1B in April 2024, writing $20M to $150M tickets. The UK state is directly behind it: British Patient Capital committed £40.6M to Fund III and co-invested £3M in CyberSmart's £12.75M Series B. Evolution is where UK growth-stage cyber companies go when the cheque outgrows the seed specialists.
Tier 2: generalist VCs with real cyber books
The generalists' edge is fund size and the ability to lead a Series A and keep following on. The ones worth naming are the ones with dated cyber deals on the board, not the firms that list security as a theme and never write the cheque. Every firm below has a UK cyber deal you can point to.
Dawn Capital
A London B2B software specialist with more than $2B under management, deploying an active Dawn V at $620M plus an $80M Opportunities III. It made eight new investments in 2025, and its cyber signature deal was leading Inforcer's $35M Series B in July 2025, the round the fact-check section below pins down precisely. Its historic cyber exit is Mimecast, the UK email-security company that grew into a public listing and a multibillion-dollar take-private. Dawn is the clearest example of a UK generalist treating cyber as a repeat category rather than a one-off.
Index Ventures
London-headquartered and global, Index raised $2.3B in new funds in 2024 and has backed 55 UK companies across 82 rounds in recent years. Its defining cyber position is Wiz, the cloud-security firm Google bought for $32B in a deal that closed in March 2026, which sits on an Index cap table that returned billions. The firm writes from seed through growth, and its scale means it can lead a UK Series A and stay in through the late rounds without running low on capital.
Balderton Capital
London's largest home-grown venture firm, with $1.3B raised across a $615M early-stage fund and a $685M growth fund. Balderton seeded Darktrace in 2012 and backed Tessian before its Proofpoint exit, so its cyber pedigree is real, not theoretical. Its most recent cyber move was leading Escape's $18M Series A in March 2026, an AI cybersecurity company. With 22 investments in 2025, it remains one of the most active UK generalists writing into security.
Molten Ventures
A London firm listed on the London Stock Exchange under GROW, which makes it the only publicly traded vehicle on this list and the one whose cyber positions you can track through public filings. It runs roughly £1.9B in assets and its cyber book includes OutThink, a human-risk platform, and Binalyze, a digital-forensics and incident-response company. The listed structure matters for founders who want a patient, permanent-capital backer rather than a fund racing a ten-year clock.
Octopus Ventures
One of London's largest multistage funds, with £1.8B in assets across 21 funds and cheques from £100k to £15M. It made 20 new investments in 2025 and led a £4M cyber round in January 2026. Octopus is a useful early backer precisely because its range lets it seed a UK security company and keep supporting it as the rounds grow, without forcing a founder to change lead investor at every stage.
IQ Capital
A Cambridge deep-tech firm running a $400M core fund plus a $200M growth fund. Its cyber positions lean technical: CybSafe, which raised a $28M Series B, CyberSmart, a $15M Series B, and Secretarium, where it led the seed. IQ is the fund to know if your company is built on hard research out of a UK university rather than a go-to-market wrapper on a known problem.
MMC Ventures
A London early-stage firm with roughly $450M under management and a genuine cyber track record. It led Blackwall's €12M Series A in bot management in February 2024, and Blackwall went on to raise a €45M Series B in March 2025, a clean example of an MMC seed maturing into a growth round. Its wider security book includes Red Sift and Cloudsmith. MMC sits in the band between the seed specialists and the megafunds, writing conviction cheques into UK security companies early.
Tier 3: growth equity and PE consolidating managed security
This is where the UK story gets distinctive. British private equity is rolling up managed security, compliance and MSP-facing software into platforms, and it is the exit path most UK cyber-services companies actually take. If you want the deeper mechanics of who buys and why, I cover it in the private equity firms buying cybersecurity. Here are the UK consolidators moving now.
Bregal Milestone
A London growth-equity firm that has raised €2.3B since inception, with a third fund closed at a €915M hard cap in 2026. Its cyber platform play is CyberSentriq, launched in June 2025 by merging TitanHQ and Redstor into an MSP-focused email, web-security and data-protection group. It already claims 3,000-plus MSP partners and 150,000 SMBs, targeting $100M ARR by 2028. This is the same MSP-software thesis I trace in where the venture money into MSP software went.

Livingbridge and Charlesbank
A London mid-market firm that backed Quorum Cyber, a Microsoft-aligned managed-detection-and-response provider, alongside Charlesbank leading the growth investment. The capital funded Quorum's US expansion and its acquisition of Kivu Consulting. Livingbridge was also an earlier backer of TitanHQ, so it has been circling the MSP-security cluster for years. The pattern here is a UK MDR company using PE money to buy scale and cross the Atlantic.
Hg
London's largest software investor, and its cyber move is A-LIGN, the compliance platform covering SOC 2, ISO, FedRAMP and CMMC. Hg acquired a majority in July 2025 from Warburg Pincus, in a business that has compounded at more than 50 percent a year over 15 years and serves 5,700-plus clients. Compliance-as-software is one of the most durable corners of cyber, and Hg's scale means A-LIGN now has patient capital to consolidate the audit-and-certification market.
Vitruvian Partners
A London growth-buyout firm running roughly €20B, with its latest fund closing at a €7.3B hard cap in September 2024. It invested in Options Technology, a capital-markets infrastructure and security provider, in October 2024, and holds a legacy stake of around 30 percent in Bitdefender at a valuation north of $600M. Vitruvian is the fund that shows up when a UK or European security company is already at real scale and wants growth capital rather than a full buyout.
August Equity
A London lower-mid-market firm whose fifth fund closed at £300M, writing £15M to £40M into companies making £1M to £5M of EBITDA. Its cyber position is a strategic investment in Integrity360, an Irish and UK managed-detection-and-response provider. August is the tier below Bregal and Livingbridge, backing the smaller managed-security operators that later become roll-up targets themselves. ECI Partners sits adjacent to this group through its stake in ISMS.online, a compliance and GRC platform, though that is governance software rather than pure-play cyber.
Tier 4: state-linked capital underneath the market
The part generic UK cyber lists always miss is how much government money sits beneath the private funds. State capital does not just seed startups directly, it anchors the specialist funds that do, which is why a British Business Bank or NSSIF name keeps appearing in the tiers above.
NSSIF (National Security Strategic Investment Fund)
The UK government's deep-tech venture arm, run jointly by DSIT and the British Business Bank and founded in 2018. As of its last verified 2023 disclosure it had committed £220M to funds and matched £718M of private capital, and I flag those as 2023 figures because later totals circulate unverified. NSSIF both invests directly and accredits specialist funds such as Osney, so a founder can meet it two ways. Paloma McGuiness leads it as of 2026.
British Patient Capital
A British Business Bank subsidiary that backs the growth funds writing large cyber cheques. It committed £40.6M to Evolution's Fund III and $35M to its Fund II, and it went direct with a £3M co-investment in CyberSmart's Series B. BPC is the quiet reason several UK cyber companies have access to growth capital that would otherwise sit only in US funds.
NATO Innovation Fund
A €1B fund with 24 NATO Allies as limited partners, launched around 2024 to back deep-tech and dual-use companies. Most of the companies named in its first tranche of direct investments were UK-based, and it also deploys through funds. For a UK founder in security, defence-adjacent or dual-use technology, it is a genuine source of patient, mission-aligned capital.
The UK cyber investor scorecard
| Firm | Tier | Fund size / AUM | UK cyber evidence |
|---|---|---|---|
| Osney Capital | Specialist seed | £60M debut fund | MindGard, Sitehop, RevEng.AI, ESProfiler |
| Ten Eleven Ventures | Specialist | $1B+ AUM | Led Device Authority £5.6M Series A |
| Paladin Capital | Specialist | $372M Fund II | Mimica (2025) |
| Evolution Equity | Specialist growth | $1.1B Fund III | $1.1B Fund III; £40.6M BPC commitment; UK and EU cyber growth mandate |
| Dawn Capital | Generalist | $620M Dawn V | Led Inforcer $35M Series B; Mimecast exit |
| Index Ventures | Generalist | $2.3B new funds | Wiz ($32B Google deal) |
| Balderton Capital | Generalist | $1.3B raised | Seeded Darktrace; Tessian; led Escape |
| IQ Capital | Generalist deep-tech | $400M core | CybSafe, CyberSmart, Secretarium |
| MMC Ventures | Generalist | ~$450M AUM | Led Blackwall €12M Series A |
| Bregal Milestone | Growth PE | €915M Fund III | Launched CyberSentriq (MSP security) |
| Livingbridge / Charlesbank | Growth PE | Mid-market | Quorum Cyber MDR |
| Hg | Growth PE | Large-cap software | A-LIGN compliance platform |
| NSSIF | State | £220M to funds (2023) | Accredits Osney; direct deep-tech |
| British Patient Capital | State | BBB subsidiary | Evolution funds; CyberSmart co-invest |
The UK paradox: a shrinking number inside a booming market
Here is the tension that runs through every figure above. UK cyber deal value fell while the global market climbed. DSIT's own analysis puts UK cyber investment at £184M across 47 deals in the latest year, down 11 percent from the £206M across 59 deals the year before. That £206M-over-59-deals figure counts dedicated cyber firms only; a broader definition of £245M across 74 deals also circulates, which is exactly why you have to state the definition before quoting the number.
Now set that against the world. Global cybersecurity VC rose 26 percent to $18B on Crunchbase's count, and other trackers put it as high as $25.1B depending on what they classify as a cyber company. I reconciled those competing totals in the global cybersecurity VC breakdown, so I will not re-run the methodology here. The short version: the UK number is small partly because DSIT counts narrowly, and partly because the market genuinely concentrated, with London alone taking 56 percent of UK cyber investment, about £103.2M.
The read for a founder is not that UK capital dried up. It is that the money is concentrated, definition-sensitive, and increasingly routed through US-headquartered specialists with UK offices rather than purely domestic funds. The capital is here. It just does not show up in a single tidy national total.
The Inforcer rounds, stated precisely
One deal is worth getting exactly right, because the wrong version of it circulates constantly. Inforcer, a UK company building Microsoft security tooling for MSPs, raised two rounds. Its $19M Series A in October 2024 was led by Meritech Capital, the US growth firm. Its $35M Series B in July 2025 was led by Dawn Capital, with Meritech following on as the existing investor.
Get the attribution right and the story tells you something real: a US growth firm led the Series A, a London generalist leads the scale-up, and the whole thing is built to sell security through the MSP channel. That is the bridge from the pure-cyber investor map into the MSP software cluster, which I map in the MSP tool stack and the funding flows behind it in the MSP software funding map. Inforcer is where the two worlds meet.
The exits that set the UK bar
Two exits set the current benchmark for UK cyber outcomes. Darktrace, the Cambridge-founded autonomous-response company Balderton seeded in 2012, went private in a $5.3B Thoma Bravo acquisition that completed on 1 October 2024, the largest recent UK cyber exit by a wide margin. Tessian, the email-security company also backed by Balderton, sold to Proofpoint in a deal that closed in December 2023.
Both went to US acquirers, which is the honest pattern for UK cyber: the biggest outcomes are usually a US strategic or a US private-equity buyer, not a domestic one. That shapes how UK founders should think about who they take money from and who eventually buys them. The recent raise activity underneath those exits is steady rather than spectacular, with companies like CultureAI and Risk Ledger closing Series A rounds off the back of UK regional and specialist backers.
What it means if you are a UK founder raising
The practical read is that the tier you approach should match your stage, and the UK map has quirks a US founder would not expect. At pre-seed and seed, Osney is the only dedicated domestic cyber fund, so your realistic set is Osney plus the UK arms of Ten Eleven and Forgepoint, plus generalist seed cheques from MMC, IQ Capital or Octopus. At Series A and growth, the generalists and the US specialists with London offices lead, and Evolution and Paladin are the names that write the larger cyber cheques.
Two things worth building into your plan. First, state capital is reachable directly, not only through funds: NSSIF and British Patient Capital both co-invest, and NSSIF accredits the funds you would pitch anyway. Second, if you are building a managed-security or MSP-facing business rather than a product startup, your most likely exit is a UK private-equity consolidator, so track Bregal Milestone, Livingbridge, Hg and August Equity from early, because they are assembling the platforms you would eventually join. The wider market context for all of this sits in the cybersecurity market map.
FAQ
Meritech Capital led Inforcer's $19M Series A in October 2024. Dawn Capital led the $35M Series B in July 2025, with Meritech following on as an existing investor. The common misattribution is crediting a single lead across both rounds, which gets the story wrong: a US growth firm led the Series A and a London generalist led the scale-up.
Osney Capital, based in Cheltenham and London. It closed its debut fund oversubscribed at a £60M hard cap against a £50M target, with the British Business Bank as cornerstone LP through a £36M commitment and NSSIF accreditation. It writes £250k to £2.5M into pre-seed and seed UK cyber companies including MindGard, Sitehop, RevEng.AI and ESProfiler.
Two reasons. UK cyber deal value dropped to £184M across 47 deals from £206M across 59 the year before, partly a genuine concentration into fewer, larger London deals, and partly a narrow DSIT definition that counts dedicated cyber firms only. Global cyber VC rose to roughly $18B on Crunchbase's count because it uses a much broader category. The reconciliation of those competing global totals sits in the global cybersecurity VC breakdown.
Darktrace, the Cambridge-founded autonomous-response company, taken private by Thoma Bravo in a $5.3B deal that completed on 1 October 2024. It is the largest recent UK cyber exit by a wide margin. The next notable one was Tessian, the email-security company acquired by Proofpoint in a deal that closed in December 2023. Both companies were early Balderton investments.
Both. The National Security Strategic Investment Fund, run by DSIT and the British Business Bank, invests directly in deep-tech and security companies and also accredits and anchors specialist funds such as Osney. So a founder can approach it head-on or reach it through one of the funds it backs. As of its last verified 2023 figures it had committed £220M to funds and matched £718M of private capital.
Bregal Milestone is building CyberSentriq by merging TitanHQ and Redstor into an MSP-focused security group targeting $100M ARR by 2028. Livingbridge, alongside Charlesbank, backs the MDR provider Quorum Cyber. Hg owns the compliance platform A-LIGN, and August Equity holds the MDR provider Integrity360. These are the UK consolidators to track if you run a managed-security or MSP-facing business.