What does the cybersecurity market look like in Romania at the end of 2023? What are some of the main threats local companies face in this regard?
First of all we need to understand the big picture of the specific market… and what kind of products are available now, and what are they targeting to cover…
So that, we can speak of cybersecurity products that help businesses identify security flaws in software, databases, networks, and cloud-based devices. Up until now, no system has been able to fully protect against cyberthreats and vulnerabilities. Consequently, this market continues to rise at a considerable rate.
With the growth of digital transformation, the security market has also expanded. It's certain that in 2023, there was a significant need for cybersecurity solutions. This market saw a sharp decline in 2020, but it recovered quickly, and it is expected to peak at the end of the year due to the conflict between Russia and Ukraine.
Romania's cybersecurity sector is expanding quickly, according to audit firms' studies, and most businesses have raised their security budgets for 2023 and 2024. This is the consequence of several things, such as:
- Businesses have become more digitally savvy: During the pandemic, consumers' attention was drawn to remote services. This meant that businesses and even the government had to get online and digitise their operations.
- Moreover we are facing an increasing number of attacks: according to a market survey, there were more reported ransomware attacks in the first nine months of 2023 than there were in all of 2022.
- Luckily, companies are more inclined to invest in cybersecurity measures as a result of their growing understanding of the possible financial and reputational harm that cyberattacks may inflict.
- As for threats, social engineering is the biggest one right now. A Verizon study claims that human activity is involved in 85% of data breaches. With the introduction of AI chatbots this year, which make it simple for attackers to create customised messages in any language, including Romanian, the threat has grown. The usual outcomes of a successful social engineering attack are financial fraud or ransomware. Hacking into the email accounts of reputable companies and sending out updated invoices to all of their partners is a practice that has become very popular among threat actors.
- On the other hand, organisations are focusing more on cybersecurity as a result of the growing number of devices that are connected to the cloud. Consequently, the sub-segment of cloud security has shown the strongest and most consistent growth in the revenue contribution of the cyber solutions market, with an estimated 40% in 2023.
- Open source software (OSS) continues to be the foundation for modern application development, fuelling the delivery of software at the pace demanded by consumers. Being developed by many different people who use different coding, security, and quality approaches create the premises of introducing unique risks, especially with outdated and abandoned components of OSS.
From your experience who is usually responsible for cybersecurity management in local companies? How much is externalized?
Unfortunately, security people have few representatives in the board room of decision makers. Depending on the size of the company and their main activity, cybersecurity could be taken into consideration as an important part of the business, or not. Usually, large international tech companies have an internal role assigned to this matter, while smaller, local companies tend to seek for external help whenever a problem is occurring. However, within large corporations and/or group of companies from Telecom, banking sector, retail chains, oil and gas and other international players, which have subsidiaries locally, the cybersecurity function is either centralised at the HQ level and/or partially or totally represented locally by a team of internal experts.
How much emphasis do you feel companies put on cybersecurity prevention vs recovery/remediation in Romania?
Well, generally speaking, the emphasis on cybersecurity prevention versus recovery/remediation can vary widely among organizations based on their industry, size, and overall cybersecurity posture.
However, in general, many organizations worldwide recognize the importance of both prevention and remediation in cybersecurity. Prevention involves implementing measures to minimize the risk of cyber threats, such as using firewalls, end-point security and employee training programs. On the other hand, recovery and remediation focus on responding to and mitigating the impact of a security incident after it has occurred, often involving incident response plans, data recovery processes, and post-incident analysis.
The cybersecurity landscape is dynamic, and companies are increasingly realizing the importance of a holistic approach that includes both prevention and remediation.
In conclusion, there are two types of companies. The ones who understand the cybersecurity needs and possess the required culture, which approach both prevention and remediation dynamically in a cause-effect cyclic manner, treating them as equally important. The other ones are the smaller companies, which only use basic protection at network and end-point level, usually externalised to their infrastructure and support companies.
How equipped is Euro-Testing to handle various cyber threats its clients might face?
So far, our teams of consultants have extensive expertise from end-point protection, log management, threat intelligence, threat hunting, vulnerability management, penetration testing, data security and application security, covering most of the application types and specific industries. We are using both open source tools and enterprise ones, being able to cover in the most effective and costly manner all of our customer needs. However, our new strategic partnership with Synopsys Software Integrity Group is allowing us to continuously assure and develop our capacity to keep track of the constantly evolving types of cyber threats regardless of their complexity and nature.
The reality is that these threats are constantly evolving, so we are relying on our partners R&Ds to enhance diversify the tools capabilities to prevent and protect the applications against the permanently increasing complexity and nature of cyber-attacks.
By the way, this is the main reason we decided to partner with Synopsys Software Integrity Group, a recognized global leader in application security.
How did your partnership with Synopsys Software Integrity Group come about and what does it bring to the table?
As mentioned above, we discovered Synopsys Software Integrity Group fulfills in an unique manner some of the market needs which were not properly covered by other solutions. Amongst these, we can highlight a few important differentiating or valuable features. For example, Black Duck®, which addresses license compliance and code quality risks that come from the use of open source in applications and containers. Similarly, Software Risk Manager is an enhanced analysing, correlation and reporting tool that aggregates all the existing application security infrastructure and architecture, integrating all the results from various, multiple data sources. Also, Seeker integration into DevOps CI/CD workflows enables continuous application security testing and verification. Last but not least, Defensics® Fuzz testing brings dedicated customised packages for different industries, such as telecom, automotive, ICS and networking, addressing black box testing for embedded software application security.
All these valuable features will definitely enable Euro-Testing to increase its market coverage on more verticals and a wider skill set and capabilities for comprehensive security services offering.
How is the exponential growth in AI technology impacting cybersecurity?
The way threats are recognised and addressed has changed dramatically as a result of the use of AI into cybersecurity tactics. AI-driven cybersecurity uses sophisticated algorithms, machine learning, and predictive analytics to find patterns and anomalies in vast amounts of data, compared to traditional approaches that depend on rule-based systems. Security experts have an advantage over cybercriminals in the game of cat and mouse because of their capacity to analyse and process data at levels that were previously unattainable.
The combination of AI and cybersecurity offers a multitude of benefits that are reshaping the industry, including Advanced Threat Detection, Real-Time Monitoring, Automated Incident Response, Behavioural Analysis, Reduced False Positives.
Even if AI has a lot of potential to strengthen cybersecurity defences, there are several obstacles to overcome:
Firstly, there will be Adversarial Attacks: Cybercriminals are also using AI to craft more complex attacks that are able to get past conventional defences, which makes the creation of AI-powered countermeasures necessary. Also, there are concerns about Data Privacy: The usage of AI requires the collection of large volumes of data, which presents issues with data privacy and GDPR compliance. We are also facing a Skill Gap: As AI technology develops rapidly, there is a lack of qualified experts to design, build, and oversee AI-powered security solutions. We should also mention the Fairness and Bias aspect: Artificial intelligence (AI) algorithms may be biased by the training data they use, which could result in unfair or discriminating threat detection choices. Lastly, the Complexity challenge: In order to guarantee smooth operation and optimal efficacy, integrating AI into current cybersecurity infrastructures can be costly, complicated and need careful design.
What are Euro-Testing’s plans for 2024?
We plan to enhance our offering regarding cybersecurity services by generating more awareness amongst our customers, thus consequently increasing our specific market share. Nevertheless, in parallel, we are involved in different project types targeting for example university education sector or European funding projects for different industries, including public sector. Also, we are taking part in different specific associations and business hubs, trying to address larger projects in partnership with complementary skilled technology companies as part of comprehensive consortiums.
Bottom line we can undoubtedly say the need for cybersecurity is over there and is real… We just need to create awareness and conscious education at all level from school students to CEOs to achieve a market increase of the educated approach and response to cyber threats for a safer and secure technology future.