A Journey into SoCyber's Innovative Solutions and Strategic Expansion Plans

Can you tell us about the inspiration behind starting SoCyber?

During my whole career, I have been working in the IT security sector. Day after day I watched how the big enterprises put away small, developing companies. I was feeling sick while watching the chain reaction of bad management attitude towards the employees directly reflect the clients that just wanted to secure their companies. I wanted to create an organization where the client really matters and a solution tailored to their needs is delivered, instead of just offering general, non-contextual, “one fit all” solutions for every problem.

Cyberattacks are becoming increasingly prevalent, with a cyberattack occurring every 14 seconds. How does SoCyber aim to address the vulnerability exposure and help companies protect their systems and data?

SoCyber helps proactive companies by discovering vulnerabilities that would be exploited by malicious actors before they happen. Companies basically hire us to try to hack them using the same resources, tools, and methodologies as the bad guys. The only differences are that the penetration testing activities are outlined in a contract signed by both parties and the morality of our penetration testing team. On the other hand, we provide our customers with continuous vulnerability assessments making sure that the results from these assessments are acknowledged, monitored, and remediated. By doing that we continuously strengthen their cybersecurity posture.

SoCyber specializes in Security Testing and Security-as-a-Service, catering to the FinTech, Banking, and eCommerce sectors. What unique challenges do these industries face in terms of cybersecurity, and how does SoCyber provide tailored solutions to address those challenges?

These industries face two of the most important and significant challenges - protecting extremely sensitive customer information and their finances. To deal with these challenges the mentioned sectors are proactive, operate with due care, and have several layers of security mechanisms in place. SoCyber helps companies operating in these and other sectors by guiding them with security in mind at every stage of their development. We design policies, procedures, and technical security mechanisms and provide implementation guidance for the latest cybersecurity best practices. When they have implemented these mechanisms, we continue with the care by assessing their cybersecurity posture on a regular basis in the form of penetration tests or vulnerability assessments.

Could you provide an overview of Kikimora, the software developed by SoCyber? How does it leverage machine learning to automate vulnerability data analysis, and what benefits does it offer to its users?

If we should describe Kikimora.io in one sentence it would be: Kikimora.io leverages AI to show companies, the needle in the haystack of security vulnerabilities. What this means is that Kikimora.io provides a centralized secure location to store, assess, manage, delegate, monitor and provide reports for security vulnerabilities discovered from any type of security assessment – penetration test, vulnerability scan with 3rd party scanner, security audits and others. By bringing machine learning to the software, we will offload a large amount of burden of the security analysts, which results directly in saved labor costs. Don’t get us wrong – this doesn’t mean that the machine learning algorithm will take over their jobs – quite the opposite, it will allow them to focus on the most important aspect - keeping the company secure.

SoCyber has achieved notable traction with €640,000 in FY2022 and 200 clients. What factors have contributed to this success, and how has the company managed to build a strong client base?

We believe that the two factors that have most contributed to these metrics are our personal attitude towards every client and our expertise in the cybersecurity domain. We believe that because of these two factors we have managed to build a strong client base through the years and still have clients that have been with us since day one. In fact, most of our reputation is built through the years by “word of mouth” and attending as many conferences as we can. Since the beginning of this year, we started to invest more in marketing activities and presence on social networks. This of course will continue, and we will significantly boost these channels with the development of Kikimora.io.

SoCyber operates in several regions, including the US, Europe, and the UK. How do you approach these different markets, and what are some unique considerations or challenges you face in each region?

The main approach to all markets through the years has been the on-site presence at conferences and events. This is because, in the cybersecurity sector, the most important factor for a strong customer relationship is trust. For a small and still developing company in the European and US market is extremely important the initial impression that we leave to our customers is. When the team is physically present at such events, we are able to build strong connections with our potential customers and then bring deep expertise to follow-on online meetings. The main challenge that we face is that we cannot be present at all conferences/events of interest at all times, due to the fact that we are still a relatively small team. But this is going to change when we close the current investment round.

The use of machine learning for vulnerability analysis is a key aspect of SoCyber's technology. Could you explain how the automatic machine learning analysis of vulnerabilities works and how it sets SoCyber apart from traditional cybersecurity approaches?

Enterprises and more precisely, security analysts, currently can’t deal with the important task of prioritizing the most critical security issues in a timely manner simply because the number of vulnerabilities discovered daily on their thousands of IT assets is huge. They get lost in the data and in the meantime, their systems are exposed to hackers. By bringing machine learning to vulnerability analysis, we save companies the burden of manually assessing thousands of vulnerabilities daily and instead of that provide them with the most important and critical issues. We are accomplishing that by utilizing our proprietary machine-learning algorithm, which we are currently developing. When it is fully developed, we will be able to filter out 95% of all discovered vulnerabilities and show them only the 5% that are applicable to their organization and their contextual infrastructure. By doing that, enterprises and security analysts will be able to timely resolve the most crucial vulnerabilities which results in a much stronger cybersecurity posture and significantly reduce the possibility of malicious actors financially exploiting them. For example, the Colonial Pipeline paid $5M in ransom after hackers successfully encrypted their data.

SoCyber's founding team comprises experts in cybersecurity, machine learning, raising capital, and audit. How does this diverse expertise contribute to the company's success and ability to deliver innovative solutions to clients?

The team is maybe the most significant factor in the company’s success. The main team of the company has remained unchanged since our start. We have an annual practice where everyone from the team narrows down their key life principles, goals, and values both in terms of personal and career aspects. Afterward, we combine the recurring points into Company Mission Statement, and we strive to stick to them during the whole year. This way the company shows care and that we value our colleagues, which directly reflects their attitude towards the clients. Also, the deep team security expertise and ability to “walk a mile” in the customer’s shoes strongly contribute to the company’s success.

The security and vulnerability market size is estimated to be worth $23 billion. How does SoCyber plan to capitalize on this market opportunity and expand its presence in the industry?

As an already-established cybersecurity company, we can effectively meet the needs of our customers and provide innovative solutions that enhance their security posture. We recognize the evolving landscape and are committed to introducing new technologies that leverage the power of data to address emerging threats. Initially, we are focusing on expanding our presence in Europe, where we have an existing customer base and a better understanding of regional needs. By establishing a solid foothold in Europe, we aim to strengthen our position before extending our reach to other parts of the world.

SoCyber currently raises €1 million in funding. Could you share the company's plans for utilizing the raised capital and how it will support SoCyber's growth and future development?

We are moving towards closing the current investment round, which will boost our market exposure and product development. We have estimated that the funds will be distributed roughly 50% toward product development and 50% to market expansion – attending conferences, boosting our presence on social networks, and more exposition on European and UK media. This investment is important for us because it will allow us to sooner exploit the market of vulnerability intelligence and analysis domain, which is relatively untapped in comparison to the overcrowded vulnerability discovery and incident response markets.

SoCyber raises €1M to automate cybersecurity through machine-learning. Explore the round materials here.