Romania: How to start-up an army of cyber guardians

With the growing importance of cybersecurity, more and more servicers are appearing to meet increasing market demand. One is CyBourn, a cybersecurity start-up launched in 2018 by a group of Romanian and US entrepreneurs. Its co-founder and Director of Security Operations Tiberiu Anghel talked to us about the local start-up environment and cybersecurity market.

Tell us a bit about CyBourn.
CyBourn is a born-global cybersecurity company with the mission to challenge today's processes in cyberspace and increase protection by providing forward-thinking, transparent services for threat detection, prevention and response. The company operates a 24/7 SOC from Bucharest and has offices in London, Naples and Washington DC.

CyBourn is not your first start-up in Romania. How easy is it for a start-up in our country? From your experience, what are the most common legal pitfalls?
To answer the first question, in Romania the big challenge is finding innovative business models or building products that have a clear differentiator and impact. I am not talking about award winners, but rather about the large mass of entrepreneurship enthusiasts who have the willingness to dedicate their time and energy to grow a company. Secondly, I believe we need to acquire more skills for internationalisation, marketing and sales. The product might not turn the world upside down, but if you market it right, it will still have a great deal of success. In terms of legal pitfalls, keeping your house in order is critical to ensuring a smooth development for your company later. Company set up and contracting are paramount for normal operations. As for accounting, payroll and other support functions, start-ups should invest in working with professionals and avoid trying to build this capacity in-house.

Your partners in CyBourn come from the USA, the highest ranked start-up ecosystem country in the world. What potential do you think they saw in Romania?
Definitely talent was one of the main drivers. Romania has a great pool of skilled IT specialists and even more so for cybersecurity professionals.

How aware are Romanian companies of cybersecurity threats? Do they focus on prevention or rather on reactive measures?
Large companies have dedicated departments that ensure compliance with group-level policies. That is why their readiness is usually good. Most of their resources focus on prevention, while reactive measures are just beginning to be explored and, in some cases, implemented. But this level of awareness hasn't come from organisational strategy; regulation was the main driver.
On the other hand, in small and medium enterprises ("SMEs") and in most local companies we see a huge gap on the prevention side. It can be both about technology, i.e. lack of technology or lack of tech management, or about user awareness. As phishing and spear-phishing are some of the most common attack vectors today, cybersecurity training is paramount. In terms of technology and services, there is a bundle of open-source software that can be tailored to fit SMEs at lower cost and then services can be delivered at a reasonable cost relative to the IT budget or overall budget. But executives must first have the willingness and openness to engage in this type of project. Usually the market is reactive, and companies only consider cybersecurity after they've had an incident.
Overall there is a lack of maturity in the market on all fronts: IT security, governance and awareness. This is one of the reasons CyBourn has a comprehensive set of services. We believe covering just a small segment would not bring clients on board, as they have multiple needs and SOC services, such as monitoring, alerting and incident response, working on a well-developed organisational framework.

What about your plans to expand abroad?
When we set up CyBourn, our strategy was to acquire clients from Western markets, as the Romanian market yields low results for sustained growth due to the lack of maturity I mentioned. We had the good fortune to attract important clients in Romania as well, and to validate our operations and business model, so now we are moving full steam ahead. We opened an office in London and started operations in the UK. We chose the UK because of its market maturity and high investments in cybersecurity, both in the public and private sector.
From London, we will have the capacity to service other European countries, but also Asian markets that are becoming increasingly interesting for us.

What does the future have in store? Where do you see the cybersecurity market in 2025?
It's going to be intense. We are not at the end of the "digital transformation" era yet, so there are still fresh targets to appear in the cyberspace for attackers. As readiness levels increase across the board, attackers will become more sophisticated, so we will witness bot-to-bot fights using machine learning engines. 5G technology will be a game changer and we will see IoT devices being used during attacks for ransomware of other use cases.
Right now the market is very granular, so we expect to see a consolidation phase after 2020 and another wave of innovative products once 5G networks are up and running.