14min read
A catch-up with…Raluca Săceanu
“Cybersecurity – A growing, underestimated, business risk for all organisations.”
Raluca Săceanu, CEO, Smarttech247
Royal Mail, The Guardian, Arnold Clark, Reddit, Pepsi Bottling Ventures, healthcare giant CHS, Atlassian, PayPal and T-Mobile: these companies are just a few of the many to report cyber attacks, hacks and data breaches in the first two months of this year. It’s no surprise then, that cybersecurity is a growing industry. Global cybersecurity organisation, Smarttech247, is rising on the swell of that wave. CEO, Raluca Săceanu explains how Smarttech247 bucked the trend of plummeting tech stocks in 2022 to be one of only a handful of companies to pull-off a successful IPO last year, and how she intends to establish the company as a global market leader.
Smarttech247 provides managed detection and response capabilities to some of the world’s largest organisations: “We help companies to not only proactively prevent and respond to attacks, but also to secure their digital transformation journey,” explains Raluca. The company has 130 employees based in offices located in Ireland, United Kingdom, Romania, Poland and the USA; multiple integration partners such as, IBM, Microsoft, Tanium, Crowdstrike, Trend Micro, and Proofpoint; and a large number of global customers from a range of industries.
“One of our biggest customers is a Fortune 100 organisation with over 200 000 employees,” says Raluca. “We also have one of the biggest car retailers in the USA – a USD$ 30bn company.” But while large global organisations are the company’s main target customers, it’s not exclusive: “The mid-market is severely under-resourced and under-serviced, so we are actively targeting that market as well,” she adds.
Over the last two years, the company has grown considerably. “We started the IPO process about 18 months ago, and we completed it in December of last year. Throughout the IPO journey, we managed to continue to grow and win more customers. For example, last year alone, we grew by 75 percent in terms of head-count, and we’ve had an average of 30 percent year-on-year revenue growth and profitability growth, as well,” explains Raluca.
At the beginning of February 2023, just two months after its successful AIM flotation, Smarttech247 reported a bumper quarter of contract wins, including multiple multi-year contracts with organisations in the US and Ireland. These include a three-year agreement with a large US tech company headquartered in Massachusetts and a two-year agreement with a prestigious university in Ireland, worth US$400,000 and US$450,000, respectively. As a result, Smarttech247’s shares jumped five percent.
“We’ve just released our first trading update where we announced a number of contract wins, and our share price has maintained really well,” says Raluca. “The reason we decided to go for the IPO was to accelerate our growth journey, and this is going to be our focus for the next 12 months,” she explains. “We have a large focus on investing in our innovation roadmap: we are hiring in our R&D department, and we’re looking to develop more products. We’re also investing heavily in sales and marketing as we’re looking to grow our presence not only in the UK but also in North America and APAC. We have exciting partnerships on the way,” she reveals.
“There were a very limited number of organisations in London who managed to float last year, so it gave us an advantage.”
Achieving a successful flotation in 2022 was no mean feat. The IPO landscape was challenging, particularly for technology companies. The number of firms listing in London last year fell by 67 percent, according to research reported on CNBC, and the funds raised by companies listing in London plunged by more than 90 percent.
“We noticed that the markets were down and the macro-economic factors were grim. However, we saw it as an opportunity: there were a very limited number of organisations in London who managed to float last year, so it gave us an advantage,” Raluca explains. “It was a good decision to make. The IPO process is not an easy one, it’s a challenge, but the success that we obtained at the end of the IPO process made it all worth it,” she says. Smarttech247 succeeded in achieving its target market capitalisation of £36.8 million on admission.
According to Raluca a number of factors enabled the company to buck the negative market trends.
“If you look at what’s happening in the industry, the threat landscape is continually growing and the geo-political tensions are contributing to that growth, so it was always going to be the right time for us to list!” Raluca exclaims.
At the time of writing, Munster Technological University (MTU) had just had data shared on the dark web in a ransomware attack, illustrating the point. “We are a profitable company,” she continues, “and compared to other tech companies, there’s much less uncertainty around the economic factors of this industry. Cybersecurity is an eight trillion-dollar industry at the moment and it’s expected to be ten trillion by the end of 2025,” Raluca explains. “To put it into perspective, that’s the global energy bill!”
In addition, over the last 24 months, the world has seen an accelerated digital transformation journey, mainly as a result of the pandemic, Raluca explains: “A lot more organisations now have a remote or hybrid workforce and have seen the benefits of adopting more cloud technology. That means organisations have physical premises, hybrid solutions, and cloud solutions, and when you move to the cloud it’s a challenging journey because there are many security considerations that you have to be aware of,” she says. “We help organisations ensure that their digital transformation journey employs a security by design approach.” In other words, they get them to think about cybersecurity at the beginning of a project to reduce the likelihood of flaws that might compromise a company’s information security.
“Cybercrime is an industry. These are not teenage hackers sitting in their basements hacking organisations. They are businesses, like our business.”
“The second problem is that too much data is being generated so the risk surface is much bigger,” Raluca explains. “There are more technologies, and there are too many complexities around the technologies that are being offered on the market. If you take a mid-sized organisation, it could have hundreds of security tools all doing different things, and overall, quite complex and disparate security operations, so many organisations are looking to simplify that – that’s a key area for us as a cybersecurity organisation that aims at reducing security complexity for clients,” she adds.
Raluca highlights that the most notable challenge for organisations is the fact that cybercriminals continue to innovate. “They have endless resources,” she says. “Cybercrime is an industry. These are not teenage hackers sitting in their basements hacking organisations. They are businesses, like our business. They have marketing departments, sales departments, engineering departments, and customer service departments; and they have numerous resources both financial and operational to invest in the latest tools to create the latest malware that employs artificial intelligence, for example. It’s simply very difficult to play catch-up,” she explains. “It’s really, really important that we understand the scale of the challenge and that we treat cybersecurity as a risk area rather than a technology area,” she warns.
The war in Ukraine has triggered a lot of cybercrime, Raluca says: “It’s a war behind a war: nation-states attacking other nation-states, and the ripple effect of that is that the tools they use end up in the wrong hands – the hands of criminals who use these tools to attack companies,” she explains. “Geo-political tensions have a massive, massive impact on the cybersecurity industry because they accelerate the rate and sophistication of attacks.”
In tandem with the increasing number of external threats driving the industry is the increasing amount and scope of data regulation. “Every single regulation that deals with privacy, data protection or cybersecurity is beneficial to us because it spurs organisations to really start taking their security measures more seriously,” says Raluca. “For example, the EU Cybersecurity Act came into effect recently in Europe and we are already seeing an increase in public organisations publishing tenders for security. If I were to compare it to just four years ago, we’re seeing an uplift of nearly 50 percent in public and state organisations, and government agencies looking for managed security,” she adds. “The latest Act, the Digital Operational Resilience Act (“DORA”), outlines the kind of cyber security measures that organisations need to employ in order to build resilience as a company. Every single regulation or law that comes into effect, helps not only us as cybersecurity organisations, but also the world to become a safer place,” Raluca says.
“There are a number of challenges facing the industry: number one is the huge skills shortage,” admits Raluca. “We need more people than the market has to offer.”
Smarttech247 has three core products in its portfolio which aim to help companies meet that goal. “The first one ‘VisionX’, which is a managed detection and response platform,” Raluca explains. “It employs a concept called cybersecurity mesh architecture which helps organisations simplify their security operations by sitting on top of all the other technologies that an organisation may have and makes sense of those technologies. It allows people to understand the threat that they’re facing, anticipate it, and respond to it properly,” she adds.
“Secondly, we have a product called ‘Threathub’, which is a threat modelling platform. It employs a concept called dynamic risk governance and integrates very well with ‘VisionX’. It allows organisations to prioritise the vulnerabilities that are taking place in their environment and understand what to patch, when to patch, and how to respond,” she explains.
“The third one is a very simple, but powerful one called ‘NoPhish’, which helps organisations to detect phishing, report it and remove it from their organisations, in a matter of minutes. We’ve got lots of customers that are using this product, and they absolutely love it because it empowers the users to protect the organisation from phishing,” Raluca enthuses.
“We are continuing to apply the knowledge we have built over the past ten years into developing these products further,” she explains. “We’re investing in software engineers, developers, project managers, and multiple other resources, as well as potentially looking at M&A, should there be future synergies,” Raluca adds.
Smarttech247’s investment in people highlights the main obstacle for the industry. “There are a number of challenges facing the industry: number one is the huge skills shortage,” admits Raluca. “We need more people than the market has to offer. There’s something like three million open vacancies in cybersecurity at the moment.”
The large numbers of redundancies recently announced by big tech companies is yet to have an impact, according to Raluca. “At the moment, this is happening more in the US. I believe that in the next six months a lot of organisations in Europe are going to see more talent available on the market. We’re hiring, so we’re very open to discussing opportunities with people that have been laid-off, and we are getting more applications than before, but I don’t believe we have seen the full ripple effect of that yet,” she explains.
“Diversity is a huge problem in this industry,” Raluca explains. “There’s not just a skills gap, there’s also a diversity gap. Women represent only 20 percent of the cybersecurity work force globally.”
Smarttech247 has built strategic partnerships with some of the world’s best universities to find and attract talent. “We run numerous academies for under-graduates where we bring the best students in early on,” explains Raluca. “We teach them about cybersecurity, and what it means to be an analyst or an engineer, and then, when they finish their degree, we employ the best – this initiative has allowed us to find a lot of talent,” she says.
“We also have a women in cybersecurity academy which has been quite powerful for us. Diversity is a huge problem in this industry,” Raluca explains. “There’s not just a skills gap, there’s also a diversity gap. Women represent only 20 percent of the cybersecurity work force globally. The way I see it, that’s a missed opportunity for organisations because we’ve got this huge pool of talent which is un-tapped, so, we are taking that issue seriously by developing diversity initiatives,” she adds.
As a female CEO of a cybersecurity company, Raluca is leading by example. She joined Smarttech247 in Cork nine years ago when the company had only ten employees. A strategic management Masters post-graduate from the University of Innsbruck, she started out as the company’s marketing director and quickly progressed, taking over from the firm’s founder, Ronan Murphy, as CEO in early 2022.
Developing talented people and enabling them to progress is key to retaining employees in a very competitive jobs market. “In our industry, maintaining your retention rate is really, really important. We invest a lot in our training and development, but we are an employer that focuses on both an employee’s well-being, as well as professional development, in an effort to retain people. We have a very good talent attraction strategy, but also retention strategy,” Raluca explains.
“Interestingly, although we only have about 130 employees, we compete with very large organisations like IBM, Accenture, HCL and Cognizant, and we tend to win!” Raluca exclaims. “That’s because we really understand our clients’ risk posture. Rather than treat technology as something you just plug-in and off you go, we really take a holistic approach to customers’ cybersecurity. We won a five year tender for the Institute of Cancer Research primarily for this reason, competing against some large organisations. They felt that we understood their risk strategy and risk posture much better,” she claims.
More contract wins are on the horizon. “We are going to announce more in the next three months,” confides Raluca. “We have a lot of innovation news, and we’re also bringing a lot of new talent on board and it is something that we’re very, very excited about,” she says.
Smarttech247 is also establishing itself convincingly as a global cybersecurity thought leader. Its Zero Day Con took place in Dublin earlier this month, and brought together speakers such as Legal Attachés from the FBI; the Deputy Director of Operations, NCIS; the Assistant Commissioner of the Irish Data Protection Commission; politicians and industry leaders who discussed the rapid influx of ransomware attacks, constant emerging technologies, geopolitical tensions, regulations, and the cybersecurity landscape.
“I believe that, as an organisation, you have to continually innovate,” says Raluca. “Not innovating contributes to stagnation, and we can’t afford to stagnate as a cyber security organisation. We need to keep ahead of the threats and to do that, we need to keep innovating. I don’t see it as a threat, but as a major opportunity for our organisation to lead the way and become the leader in cybersecurity,” she adds.