You never have to look too far for a headline about the latest hack. The most recent one showed the dark side of all the IoT devices we surround ourselves with.
The arms race against cybercriminals and state-sponsored hackers isnt letting up anytime soon. On the frontlines are cybersecurity startups and veteran companies trying to stay one step ahead of the next vulnerability or zero-day.
Many of them have a footing in Ireland, tackling cybercrime, fraud, and security for both the consumer and the enterprise. Dublin itself has a unique cluster of companies old and new.
Our place in a global effort
Two forces drove the Russian company to set up shop in Dublin, according to the Head of Engineering, Keith Waters. Firstly, the access to talent and secondly, that its an English-speaking EU city.
Its well-known, theres a very large IT ecosystem here in general and then with security you have most of the major security companies operating in Dublin and Ireland, he says.
Also being a part of the EU we can attract talent from all over Europe. There are no visa restrictions unlike in Moscow where its more difficult in general to bring people from Europe into Moscow.
Tom Keating (pictured) is the MD of FireEyes Dublin office. Previously he was running the Irish office for security firm Mandiant before it was bought by FireEye in 2013. The name above the entrance changed, but the mission remained the same for Keating and the team, which now collaborates with FireEyes teams globally.
— Waratek (@waratek) September 8, 2015
Dublin has seen many big international security firms come to the city like Symantec, which has been employing hundreds for a couple of years. But it has also seen Irish-founded companies make a splash internationally like Dermot Desmonds Daon, specialising in biometric security, which now has offices in the US, UK, Australia, and India.
Daon is in good company in Dublin with a myriad of other home-grown security companies. Theres Zinopy, which builds IT security tools for enterprise networks, and AdaptiveMobile, focusing on mobile communications security.
Many of the companies have witnessed massive changes in the security space and have been quick to adapt.
Waratek was founded in 2003, first working on JVM (Java Virtual Machine), but in 2013 it moved into application security. It builds products for Runtime Application Self-Protection or RASP. Its main aims are to detect malicious activity as early as possible but also reduce the risk created by false positives, where harmless activity is triggered as dangerous. If this happens too often, users become complacent and ignore the warnings. Thats when a threat is most dangerous.
PixAlert is another company with tenure that has changed with the times. Founded in 1999, it first sold software for enterprises to detect pornography on their networks but now helps companies find, manage and secure all its data to prevent breaches.
We already had the technology out there in companies, and it dawned on us that while were out there scanning networks and data, we could bring back more information. Thats when we broadened out the scope into other sensitive data, says Darragh Kelly, VP of Business Development.
— Dr. Mary Aiken (@maryCyPsy) August 26, 2016
But cybersecurity is global and just like any other sector, startups need to think internationally, and thats still a huge challenge.
Dublin email encryption startup Jumble found this out the hard way. The founders took part in the Texas TechStars Cloud program earlier this year and came close to securing a funding round between $1.7 million and $2 million. Ultimately they turned down the funding, explains founder Gavin Kearney, because while the money offer was great, the team wouldnt have received the business support it needed. Since then, Jumble has returned to Dublin, shed some staff, and refocused their mission on closing sales with a view to having another crack at the US market in the future.
Research, education, and staying one step ahead
With evolving strains of malware and ransomware, state-sponsored attackers, and shadier tricks used to target businesses and individuals, cybersecurity research is pivotal to understanding this ever-changing landscape.
At the forefront of this in Ireland is UCDs Centre for Cybersecurity and Cybercrime Investigation (CCI). The research and education centre carries out its programs almost entirely online, training the next generation of bug hunters and digital forensics professionals.
At the forefront are also individuals such as UCD professor Dr Mary Aiken. A cyberpsychologist, studying the psychology of internet users, anonymity, and cybercriminals, she recently published her latest book The Cyber Effect. Dr Aiken has also served as the influence for the protagonist of CSI: Cyber.
Meanwhile, the Irish chapter of the nonprofit ISACA holds regular seminars across the country on the best security practices.
— Charlie Taylor (@ChasTaylor) November 2, 2016
All that effort has paid off in more ways than one. According to Brian Honan, the founder of BH Consulting, cybersecurity is shifting from being an IT issue to a wider business problem that needs to be managed just like financial risk. Honan approaches the cybersecurity challenge from every angle as he also heads up the nonprofit IRISS-CERT that sends security alerts out to companies and is an internet security advisor for Europols cybercrime division.
Irelands security community isnt limited to Dublin though, far from it. Cork has grown into a thriving ecosystem for security companies like Trustev (acquired by TransUnion this year for $44 million) and Barricade.io (freshly acquired by UK giant Sophos for an undisclosed sum). US Cybersecurity company Cylance recently announced its opening an office in the city. Galways TitanHQ and Netfort are protecting companies email communications and networks from attack.
Dublin may not have the same reputation for cybersecurity as Israel or clusters in the US like Virginia but whether it’s startups, local veterans or large multinationals, the city and Ireland as a whole are contributing in an important way to the big problem of cybercrime.