Interview With Raluca Saceanu - CEO at Smarttech247

Published on: March 21, 2024
Shauli Zacks Shauli Zacks
Published on: March 21, 2024

In a revealing interview with SafetyDetectives, Raluca Saceanu, the CEO of Smarttech247, opens up about the company’s journey, its flagship services, and the ever-evolving landscape of cybersecurity. Leading Smarttech247 for a decade, Saceanu’s expertise shines as she delves into the complexities of safeguarding digital transformations and the unique challenges organizations face today. From combating a sophisticated array of cyber threats to addressing the severe skill shortages in the cybersecurity realm, Saceanu lays out the criticality of adaptive, comprehensive security strategies. Through Smarttech247’s Vision X platform, the company not only promises enhanced managed detection and response capabilities but also a pragmatic approach to utilizing existing security investments more effectively. This conversation promises deep insights into not just the solutions Smarttech247 offers but the pressing cybersecurity trends and threats that businesses must navigate in this digital age.

Can you introduce yourself and talk about your role at Smarttech247?

My name is Raluca Saceanu. I’m the Chief Executive Officer of Smarttech247. I have been with Smarttech247 for 10 years and I took over as CEO in 2022.

What are the flagship services that Smarttech247 offers?

Smarttech247 provides managed detection and response (MDR) capabilities to some of the world’s largest organizations. Simply put, we help companies not only proactively prevent and respond to attacks, but we also help them secure their digital transformation journey.

Organizations need to secure their journey as they move towards cloud infrastructures. We deliver our cybersecurity capabilities through Vision X, which is our main platform for comprehensive managed detection and response.

There are a few key industry problems that organizations face which impact their security operations:

  • Evolving threat landscape: As organizations go through digital transformation, they face an increasingly sophisticated and frequent number of cyber threats. According to our threat research, the number of cyberattacks has risen by nearly 50% over the past year alone, with threats such as credentials theft attacks and supply chain attacks becoming increasingly common. Traditional security solutions and mindsets are struggling to keep pace with this rapidly evolving landscape, with a high number of organizations reporting that their current defenses are inadequate against modern threats. For example, the recent supply chain attacks from the past year showcased the vulnerabilities inherent in traditional security models, highlighting the need for more proactive and adaptive approaches to cybersecurity.
  • Massive skill shortage: This is a big problem we see in the industry and the fact that security teams are very often understaffed and overworked. Research from the International Information System Security Certification Consortium (ISC)² indicates that the global cybersecurity workforce gap has widened to nearly 3.12 million professionals. Furthermore, a high number of organizations reported being understaffed in their cybersecurity teams, leading to increased workloads and burnout among existing staff, which unfortunately leads to data breaches.
  • Complexity around security operations: On average large organizations have somewhere between 50 – 100 security tools that they need to manage, which creates a lot of complexity. This proliferation of tools not only adds to the cost of security operations but also creates significant management challenges. Integrating and managing such a diverse array of tools requires considerable time and resources, leading to inefficiencies and gaps in security coverage.

We recognize these industry challenges and we help clients address them by providing tailored solutions. Our capabilities combine technology, process and people to provide our clients with flexible cyber security solutions that help them simplify their security operations, remain unaffected by the skills shortage and increase their security posture. We have also just increased the AI capabilities inside our platforms to help our customers and other organizations manage their risk more effectively.

How would you describe the current cybersecurity landscape, and what emerging threats are organizations facing?

The threat landscape is evolving constantly. Every year we have a record cost of a data breach, and this year is somewhere around $4.45 million. Cybercriminals continue to leverage sophisticated methods so they can exploit vulnerabilities, get unauthorized access to sensitive information and disrupt operations.

The threat landscape has been heavily influenced by geopolitical tensions. We’ve seen more and more instances of cyber methods being leveraged in warfare across the world. Not only that, but AI capabilities and technologies are increasingly being weaponized by cybercriminals to craft better and stronger attacks. However, there is another very concerning trend that our threat intelligence center has been closely monitoring: cybercriminals are actively exploiting the proliferation of open-source AI tools to infiltrate applications and inject malware directly into AI/ML models. This insidious tactic poses a significant threat, potentially leading to persistent backdoors that evade detection and enable espionage or large-scale compromise. As organizations worldwide rush to adopt AI into their operations, the urgency to address this threat cannot be overstated.

Moreover, the rise of deep fake technology presents an equally difficult challenge. While discussions about deep fakes emerged years ago, the threat has now reached unprecedented levels, especially with the imminent elections happening around the world. The manipulation of audio and video content for disinformation purposes poses a real and present danger,

Phishing attacks are growing constantly, becoming more sophisticated and targeted than ever before, which has changed the landscape. Cybercriminals are employing novel tactics, such as vishing, smishing, deep fakes and other social engineering techniques, to bypass traditional security measures and manipulate unsuspecting users into divulging credentials or installing malware. Ransomware continues to grow as it continues to affect not only private organizations but also organizations that are running critical infrastructure.

What is very worrying is that we see the criminal underground constantly expanding. We’re seeing it more and more as a service operation emerging, which influences the threat landscape because it provides cybercriminals with access to very sophisticated tools and services that previously would have required a lot of technical expertise and resources to develop and deploy. What we’ve noticed is that it has democratized access to such tools, and individuals are now leveraging these technical tools with minimal technical knowledge. They can now launch complex cyber attacks, including ransomware and phishing campaigns, with just a few clicks. What’s interesting is that these services often come with customer support, tutorials, and user-friendly interfaces, so it is easier than ever to execute these cybercrimes.

What sets VisionX apart from other Managed Detection & Response platforms in the market?

VisionX offers a simple approach to managing cybersecurity operations more effectively. We have extensive integration capabilities, strong customer satisfaction, and a focus on leveraging existing security investments, which is an important value-add. In a day and age where organizations are making significant investments in their security stack, the mission of Vision X is to make those existing technologies and investments work harder for our customers so that they get more value from them. We don’t come in with our platform and say you need to remove your existing security tools. Rather, we sit on top of those tools and we make them work harder for our customers.

Importantly, VisionX also has in-built attack surface management and managed phishing products that we have developed in-house, offering our clients more than just MDR. They get what we call MDR Pro Plus. It’s a comprehensive cybersecurity defense in one platform, which allows them to reduce their risk and get faster return on investment.

What key elements should organizations consider when developing an effective incident response plan?

If we take into consideration the risks that I mentioned earlier and the ever-evolving threat landscape, having a good incident response plan can be incredibly powerful for organizations.

We always recommend companies aim for comprehensive, clear, and actionable incident response plans because these can guide them through the chaos of a security incident.

Here are my top 5 most important things organizations should consider when developing a plan:

  1. Establish clear roles and responsibilities: Everyone should know their specific duties during an incident because it can help reduce confusion, especially in an emergency situation. It also ensures a cohesive response effort.
  2. Basic elements like contact information is really important: You need to make sure this information is up to date. The plan should have contact information for key personnel as well as external contacts like law enforcement, forensic teams, legal counsel, PR teams, basically everyone that needs to be involved in a response.
  3. When you are in an emergency situation like a cyber attack, particularly if the word gets out, it’s important to have a strong communication strategy in place:

    The plan needs to outline:

      1. How are we going to communicate internally and externally?
      2. Who is authorized to speak on behalf of the Company?
      3. How do we communicate with stakeholders?
      4. How do we manage public relations?
  1. When working on your plan, it’s important to identify key assets and key priorities: Think about your critical assets, your sensitive data, your intellectual property and your critical infrastructure. This really helps prioritize response efforts to protect what’s most valuable to you as an organization.
  2. Create a phased approach to your response strategy: Every incident response has basic elements that it needs to contain, steps you take during each phase of the incident response: preparation, identification, containment, eradication, recovery and lessons learned.
    These are important steps that you must remember to keep in your plan. Include specific actions for different types of incidents because not all incidents are the same, for example:
    1. What do you do in the event of ransomware?
    2. What do you do in the event of your data being exfiltrated?

One of the most important elements of effective incident response planning is thorough testing, preferably annually, because it helps you understand whether your response actions would be effective in the event of an incident.

What do you see as the most significant trends in cybersecurity for the coming year, and how is Smarttech247 preparing for them?

As a Company, we have released a very comprehensive document outlining the 2024 trends for cybersecurity, where we explore how the attack surface is growing and how geopolitical tensions will continue to influence the threat landscape. We also talk about why organizations need to have a different approach to things like vulnerability management because prioritization of vulnerabilities is now seeing a massive shift in 2024.

Other trends that we have noted, as I mentioned earlier, are the growing skill shortage and the expansion of AI technologies to create stronger malware and more advanced cyber attacks. The weaponization of AI is a real concern that has the potential to massively change the threat landscape over the next couple of years. We haven’t yet seen large scale AI-fuelled attacks, however the infiltration of malware into AI/ML code is a real threat that organizations should be aware when welcoming such technologies into their operations.

The continuous evolution of ransomware now has a focus on stealing data rather than just encrypting data, making data theft a major risk for 2024 and beyond, as it is forcing organizations to rethink their approach to data security.

At Smarttech247, we continue to invest in our innovation to provide our customers with comprehensive security solutions that address these very risks. We’re expanding our MDR platform capabilities by including a risk-based approach to cyber defence. We’re also investing in our attack surface management product called ThreatHub to make it a full end-to-end exposure management product, and we’ve just launched more features for NoPhish, our email security product to help organizations respond to the growing threat of Phishing. Lastly, we are investing in growing our governance risk and compliance teams to support our clients in reducing their risk and managing their requirements in light of new regulations.

About the Author
Shauli Zacks
Published on: March 21, 2024

About the Author

Shauli Zacks is a tech enthusiast who has reviewed and compared hundreds of programs in multiple niches, including cybersecurity, office and productivity tools, and parental control apps. He enjoys researching and understanding what features are important to the people using these tools.