Although publically funded for two years, the charge is essential to make the LDSC freestanding in the longer term. As well as finding potential customers for this service, Nuttall's job has been about developing a business model that will allow it to operate.
"We're not trying to oversell it," stresses Nuttall who goes on to point out that "at the moment we don't do remediation work ourselves." The LDSC is about assessment and prevention.
It's early days for the LDSC, which officially started operations in May 2015, but to date one of the biggest markets has been among SMEs referred to it by then police after falling prey to a cyberattack.
"We speak to them basically about how to avoid being re-victimised."
Tomorrow, the UK
It's very early days for the LDSC and Nuttall, indeed for the whole idea of helping SMEs with cybersecurity, a sector too often ignored or brushed aside by commercial organisations that can't see a way to sell security or make money from it. Taking on something as big as SME security, even within London, is daunting. Nuttall's first priority is to make the organisations self-supporting, which seems a bit tough. In a perfect world, he might have been given a year or two longer to set it up and a much larger marketing budget to advertise itself.
But the LDSC and its progenitor the Scottish Business Resilience Centre will hopefully only be the start of a much bigger national initiative spreading all corners of the land. In that sense it is blazing a trail for something that should spread well beyond London in time.
"Once we have developed our model a bit more we want to support the setup of centres in the regions. Going for the regional model we feel is more appropriate because the profile of small businesses is so different across the country."
It is going to be a long haul and in time something much bigger and bolder will certainly be needed to even begin to cope with the assaults being aimed at the capital's and the UK's SMEs. For now, the London Digital Security Centre is a start.
SMEs battle cybercrime - Meet the fear
DDoS extortion - once reserved for the large datacentres and service providers, smaller companies that transact online are now an incredibly popular target. Typically, a named individual at the SME will be hit with a demonstration attack after which a threat is received by email threatening to disrupt connectivity web servers unless a ransom is paid within 24 or 48 hours. Cost: £800-£5,000.
Ransomware extortion - Ransomware is a form of malware infection in which a company's files are encrypted across one or more machines, plus any connected backup drives and services. Getting files back means paying up. Cost: £500-£1,000.
Sign up for CIO Asia eNewsletters.