Ireland, February 3 –

Raluca Saceanu, chief executive of Smarttech. At only 33 she has succeeded in an industry that is still largely the preserve of men. Raluca joined Smarttech in Cork nine years ago, becoming one of its first ten employees. She now heads up the business as it is plotting a major expansion.

Raluca Săceanu might be an optimist by nature, but her views on cybersecurity threats are bleak to say the least.

It is, she says, a matter of when, not if, Ireland is hit by a major incident that is every bit as bad, or possibly considerably worse, than the ransomware attack on the Health Service Executive which took place nearly two years ago.

“Cybersecurity attacks are getting bigger and global political tensions, including the war in Ukraine, is contributing to that. We’ve seen a big surge in attacks targeting critical infrastructure as well as energy companies, banks and public communications,” Săceanu says.

“And these aren’t just focused on Ukraine, but also on countries that back them, like Ireland. The more support we show, the more likely it is we will be targeted. This includes potential attacks on utilities, as well as other critical infrastructure.”

Săceanu is chief executive of Smartech247, the Cork-based cybersecurity company that listed in London late last year, so you could say it is in her interest to scare all of us when it comes to cyber threats. But she has plenty of facts and figures to hand to back up her claims.

“Everyone is impacted by cybersecurity risks, whether they realise it or not. From phishing attempts that target individuals, to ransomware and widespread distributed denial-of-service (DDoS) attacks that seek to damage large organisations, these can affect every single one of us,” she says.

“People often don’t consider how cheap it is to commit this type of crime. You can easily purchase a phishing kit on the dark web for $100, and send out an email to 40,000 people with it. Even if you only get a couple of people to give away their credentials or financial details, it’s a big win. And that isn’t even something sophisticated – spending on cyber warfare by nation states is almost without limits, so imagine the damage that they can achieve.”

Money isn’t the only thing that cybercrime can cost its victims – it can also lead to the theft of intellectual property, compromised data and lost productivity.

“In Ireland we’ve become a lot more aware of the dangers, but there is still a lot of education needed because of the scale of what we’re dealing with,” she says.

“Cybercrime costs the world $8 trillion annually and this is expected to hit $10.5 trillion in the next three years, which is equivalent to the global energy bill each year. Cybercrime is worth the risks for those involved in it, because the rewards are so great.”

Rising to the top

If it was up to her, Săceanu would only talk about the facts and figures during our talk at Smartech’s headquarters, which are just over the road from Cork Airport. Most of her media interviews to date have focused on her work, and she admits to being wary of sharing “personal stuff”.

It’s a pity, as she has an incredible story to tell of having risen to the top of what is regarded as one of Ireland’s top tech companies quickly. Only 33, she has succeeded in an industry that is still largely the preserve of men and done it all without being a techie.

In fairness, she’s not the only shy person at Smarttech. Showing me around the company’s offices, Săceanu tells me that most of the software engineers are currently missing, having beaten a retreat at the arrival of the Business Post’s photographer. The firm employs around 120 people globally, and as well as Cork, has offices in Belfast, Krakow and Bucharest.

From Romania but brought up in Austria, Săceanu moved to join Smarttech in Cork nine years ago, becoming one of its first ten employees. It was only her second job after completing an MSc in strategic management at the University of Innsbruck.

Starting out as the company’s marketing director, she quickly progressed in the organisation. Săceanu took over as chief executive early last year from Ronan Murphy, the firm’s founder, after he stepped down to lead Getvisibility, a company that had been spun out from Smarttech.

Murphy retains close links with the firm as its executive chairman, and the two firms share the same workspace.

“We both spend a lot of time travelling so it is rare for us to be in the same country at the same time, but it is good to have him here when he is around, and the companies do work together sometimes,” Săceanu says.

Founded in 2008, Smarttech247 uses big data analytics and machine learning, as well as incident response teams, to proactively protect enterprises as they migrate to cloud-based IT operations. Its clients include Arytza, Aptiv, Ervia, Laya Healthcare, Kerry Group, the Royal College of Surgeons, BioMarin, ASL Aviation, TransferMate parent, CluneTech and the Ireland East Hospital Group.

The company was valued at €42.7 million after being admitted to London’s Alternative Investment Market (AIM) in December. It raised £3.67 million as part of the listing, having ditched its original plan to list via a reverse takeover involving Conduit Capital.

Twice ranked in Deloitte’s Fast 50 list of the quickest-growing Irish tech firms, Smarttech reported revenues of €7 million in 2021, more than double what it recorded in 2019 as it gained from the rush by businesses to embrace remote working during the Covid crisis. Pre-tax profits totalled €1.3 million versus just €201,524 two years earlier.

Tough competition

It is still relatively early days for Smarttech, which faces some tough competition in the space in which it operates from big players such as Accenture, Cisco and IBM.

But unlike so-called ‘pandemic stocks’ such as Peloton and Zoom, business has continued to boom for Smarttech since the end of lockdown. A trading update released earlier this month shows the firm is still cleaning up when it comes to securing contracts with big organisations.

In the last quarter it agreed a three-year agreement with an unnamed US tech company and a two-year deal with an Irish university which are worth a combined $850,000. The contract wins build on a three-year $800,000 deal agreed in October with a Fortune 150 automotive retailer with annual revenues of over $20 billion.

Săceanu would like to name more of the companies with whom Smarttech is winning deals, but as with other cybersecurity companies, the firm is often precluded from revealing most of its clients, who prefer to stay quiet when it comes to security matters.

“You usually have to sign an NDA before even thinking of sitting in the same room with prospective clients,” she jokes.

The Ireland East Hospital Group was not impacted by the HSE ransomware attack; Smarttech was subsequently asked to participate in the clean-up operation. Săceanu says the incident was a “wake-up call” for organisations in Ireland.

“It used to be difficult to get some organisations to treat cybersecurity properly, but most do now,” she says. This doesn’t mean that businesses here or further afield are doing enough to protect themselves, however.

“As part of our threat intelligence work, we often look on the dark web to see what’s happening, and we constantly see hackers posting about attacks they’ve undertaken on individual organisations. There are big names mentioned,” Săceanu says.

“Sometimes these organisations are able to keep the news under wraps, but that is increasingly difficult to do. Sometimes though they don’t even know they have been attacked, and it can be many months before they find out.”

Smarttech has done well from the listing, Săceanu says, with the share price up nearly 7 per cent since the firm went public. The listing has ensured the company is becoming better known globally, and has also given it funds that will likely be used for acquisitions.

“We’ve not done any M&A to date, and in fact any conversations of that type in the past have been with companies looking to buy us. But we’re keen to do acquisitions as a way to grow,” she says.

Joining what was a small start-up in 2014 involved a steep learning curve, according to Săceanu.

“The fact that we were so small helped, because titles were often cast aside with everyone expected to do multiple roles. I learned the essentials quickly, and while I’m not a technical person I am comfortable talking about the threats that exist and what we do to help protect organisations,” she says.

You’d imagine that ensuring everyone stays safe is something that might be a little stressful. After all, it only takes one time for Smarttech to not be on top of things for its business model to be impacted. “I never turn my phone off. I’m always available even at weekends,” Săceanu admits.

She has even less time to herself now, but has no complaints. She is, she says, happy to be a role model in terms of showing that you don’t have to be a man, or a techie, to thrive in the cybersecurity sector.

“Women only represent about 20 per cent of the workforce in this sector and increasing their participation is something that is very dear to me. For me personally, I’ve never experienced any obvious bias apart from occasionally being referred to as ‘he’ on calls by people who have not met me,” she says.

The company runs its own ‘women in cybersecurity academy’ to help more people train to work in the sector, and while the gender breakdown in Smarttech is currently 60/40 in favour of men, Săceanu says she is determined to bring it to 50/50.

Looking ahead, Săceanu says she is excited by the opportunities that exist for Smarttech. Even as it grows though, she is adamant that Cork will remain central to its plans.

“Someone asked me recently why don’t we move our headquarters, seeing as a lot of our growth is happening outside of Ireland. But I said absolutely not. We are very proud of having started the business and grown it from Cork. It will always be home.”

In her own words: Adversaries innovate to find new ways to infiltrate

As we reflect on the last 12 months, it is difficult not to look at the cybersecurity landscape through a geopolitical lens. Cyber warfare developed through various channels including the manipulation of information, attacks on infrastructure services, election influence, and reconnaissance.

Governments are addressing these growing risks more seriously as we have seen new cybersecurity regulations adopted for better risk management, heightened reporting obligations and more effective information sharing. Unfortunately, whether financially motivated or nation-states, adversaries continue to innovate and find new, creative ways of infiltrating public and private organisations.

Targeting software and developer infrastructure, code repositories and managed providers continue to be a viable entry vector into government, critical infrastructure, and private organisations. In response to these complexities and growing risks, organisations will look to adopt cybersecurity frameworks into their operations with a view to better monitor and measure their exposure and risk.

Furthermore, in an effort to simplify their security operations, security leaders will seek to leverage more automation between integrated elements and gain real-time visibility of risk in order to manage risk holistically.

In 2023, we will also see the continuous expansion cybercrime-for-hire in the form of both ransomware and phishing as a service. Social engineers will advance their tactics and techniques to gain access to systems. Credentials stealing, particularly via compromised third-party sites, will give attackers an easy way to walk in through the front door of corporate networks.

Resilience is the keyword for 2023. When it comes to preparing for the future, organisations will need to learn how to stay strong in the face of adversity. Increasing visibility, managing dynamic risks and preparing for the worst will increase resiliency.

CV

Raluca Săceanu

Lives: Cork

Age: 33

My working day: I spend a large amount of time travelling. My day is typically split between time allocated to calls and meetings with investors, media, clients, shareholders and the board, and managing internal business units. I also ensure there are plenty of check-ins with my leadership team.

Switching off: I like to spend time in the mountains and I’m a great believer in the power of meditation. I also like to spend plenty of time with family and friends.

My perfect weekend: Either outdoors hiking or indoors reading.

Full Press Release – The 33-year-old CEO leading one of Ireland’s top tech firms I Business Post

Smarttech247