An interview with Kobus Paulsen, Chairman of Cognosec
As seen in this month’s Master Investor Magazine.
James Faulkner: Thanks for taking the time to speak with Master Investor. To begin with, please introduce yourself, and the company you represent, to our readers.
Kobus Paulsen: My name is Kobus Paulsen, and I am founder and chairman of Cognosec. Since 1999 have I have acquired and divested multiple internet-based businesses, specialising in internet payments and cyber security.
Founded in 2012, Cognosec is a group of specialist cyber-security companies headquartered in Sweden, and operating internationally through subsidiaries in Europe, South Africa, Kenya, and the United Arab Emirates. The group delivers security, governance, risk and compliance services to help businesses in a variety of industries – including banking and finance, government, healthcare, manufacturing and retail – to protect themselves against the growing threat of cyber crime.
JF: Cyber crime made it onto the front pages recently with the hacking of TalkTalk, a major UK telecoms provider. High profile hackings like this one seem to be becoming more common of late. Are companies, both in the UK an internationally, doing enough to protect themselves from this growing threat?
KP: Unfortunately no – many companies are still not doing enough to protect themselves from cyber crime. We still have the same issue that we have always had – that many businesses will only do enough to meet regulatory requirements and avoid fines. With the crime climate that we have today, where teenagers have the ability to hold large corporations to ransom, regulatory requirements are really the bare minimum of protection. Organisations need to do much more to keep their data safe. When they inevitably reach that conclusion, Cognosec has the ability to show them this can be done.
What we also see in the market is that with technology developing so quickly, businesses are losing control of their data faster than they are protecting it. Data can now be processed, collected and transferred far easier than ever before. As a result, organisations have increasingly little idea of what data they collect, where it is stored, and who has access to it – which works in favour of cyber criminals. It has therefore never been more important for businesses to get their security in place.
JF: Robert Hannigan, the Director of GCHQ, recently warned that “The global cyber security industry is not developing as it needs to: demand is patchy and it is not yet generating supply.” What, in your opinion, are the current shortcomings of the industry, and how might it develop in future to address those shortcomings?
KP: In our opinion, the shortcomings of cyber security don’t lie with the industry itself. The solutions necessary to protect organisations are out there, and there is a multitude of innovative products and services, but too often organisations do not understand the risk enough to invest in these solutions. Security vendors can continue to stress the risk of cyber crime, but ultimately the decision to invest has to come from within the organisation itself.
JF: Should governments be doing more to regulate the sector and force companies to implement certain standards of cyber security to protect themselves and their customers?
KP: We have worked with a number of government organisations, and have witnessed first-hand that there is certainly a role for government in enforcing a standard of cyber security, by ensuring companies have a basic level of protection or by driving awareness of breaches. However, there is a limit to how effective regulation can be. The government can’t force companies to protect themselves; the impetus to improve security standards will have to come from the private sector.
JF: According to Forbes, the worldwide cyber security market is defined by market sizing estimates that range from $77 billion in 2015 to $170 billion by 2020. Given that cyber threats are only going to get worse in the coming years, is this currently the best secular growth market out there right now?
The simple fact is that every organisation, from the largest enterprise, to the smallest online business, needs some degree of cyber security. Moreover, as cyber criminals continue to create new methods of attack, demand is constantly being generated for innovate methods of defence. Cognosec is itself a product of this massive demand – as companies look for organisations to help them face the ever increasing risk of a breach. It will come as no surprise then, that we certainly expect the cyber security market to continue to grow at a rapid rate, as many companies have, and continue to create, insecure infrastructures.
JF: The risks for companies not deploying sufficiently robust cyber security solutions are clear. However, with many a listed cyber security firm now commanding a very high stock market rating, I think readers might want to know about the sector-specific risks facing cyber security companies. What are the key risks for these companies?
There are special risks for cyber security companies, because they are naturally an attractive target for cyber criminals looking for a challenge. If a security company can be hacked, it makes their entire user base vulnerable. Security companies therefore have a great responsibility to make sure they are protecting their own infrastructure as well as that of their customers – it is all a matter of practising what you preach.
JF: What are the key trends developing within the industry right now? What should investors be looking for when they assess a cyber security firm?
We strongly believe that the greatest trend in the security industry right now is security companies offering a holistic approach to cyber security. As the security landscape gets more and more complicated, organisations cannot just buy siloed technical solutions and hope that it will solve all their problems – it won’t. Security companies need to act in a consultancy capacity, to help organisations see where they are at risk and choose the right solutions for their problems. As breaches continue to hit the news, there is a huge opportunity for investors to spot the companies that are really helping organisations – by identifying their vulnerabilities and walking them through protection step by step – because these are the companies that are ultimately going to be indispensable as the last line of defence.
JF: The Internet of Things (IoT) is set to be a major feature of the tech landscape in the coming years. Surely this greatly exacerbates the potential disruption that a successful cyber attack might have on people’s lives?
The Internet of Things will certainly increase the potential effect of a security breach, as it massively increases the scope for cyber attacks. Everything connected to the internet is vulnerable to attack – and soon hundreds of thousands of new devices from toasters to door locks, to critical infrastructure systems, will be connected to the internet. While having a light bulb hacked doesn’t sound disastrous, each one of these devices is a potential door into a network. Unfortunately, these devices are being built with convenience, rather than security in mind. As for sectors such as the energy sector and transport, the risk of a serious incident is becoming extremely high and the results are potentially disastrous if access to back door opportunities are not protected by companies like Cognosec.
JF: Besides companies, research reveals that cyber crime can seriously affect the daily life of individual people. What kind of cyber crime may people face on a regular basis? What can people do to protect themselves?
The most prevalent personal threats are identity theft, which we are all aware of, and ransomware, which is becoming increasingly prevalent. Ransomware is malicious software which locks users out of their computes and holds them ransom, with cyber criminals demanding a payout to release the victim’s system – it is one of fastest growing threats. All we can do is to continue to impress the same message that we have for the last fifteen years: don’t open emails from unknown users, be careful what you download and make sure that you have malware protection on your personal devices.
JF: What does Cognosec bring to the table in the fight against cyber crime?
Cognosec is a global leader in cyber security, with a vast amount of expertise to help companies internationally protect themselves against cyber crime. We operate across multiple public and private sector organisations – with experience in handling security in almost every sector – including, but not limited to, government, healthcare, manufacturing and financial services.
Most importantly, Cognosec offers a truly holistic approach to cyber security. It isn’t just a software provider, and it isn’t just a consultancy service. Cognosec has ownership of the complete value chain: advisory and assurance services, solutions, implementation and managed services. This, coupled with our extensive partnership network with security solution providers, makes us a single stop for any customer looking to deploy full protection for their organisation.
JF: In an important milestone for the company, Cognosec AB will be soon listed on Nasdaq First North in Stockholm. Would you please explain the reasons behind the listing on the Stockholm exchange and your plans for growth?
Cognosec AB is recognised as a beacon in the provision of Global Cyber Defence Solutions. In order to further our organic and acquisitive growth potential, and due to the huge market for our IP, Assurance, Products and Advisory services, we felt it essential that we increase our visibility in this highly competitive but deeply fragmented space. NASDAQ First North offers us the potential to step up our offerings and to accelerate our plans on an international scale, from both visibility and liquidity standpoints, and underpins our commitment to providing best of breed solutions to organisations’ cyber security needs and their ongoing requirements for prevention, protection, surveillance and remedy.
The sector’s potential is enormous. Taking one example alone, Jamie Dimon, JPMorgan Chase’s President and CEO, is openly quoted as having doubled the company’s cyber security budget to $500m in the current financial year and Markets & Markets reference CAGRs in excess of 9.8% per annum over the next five years to provide a total global cyber security market of in excess of $170bn by 2020. Cyber security is now recognised as the most important consideration facing boardrooms around the globe, due to the effects that it has on both business continuity and reputational risk. Prevention is always better than cure. NASDAQ First North provides us with a solid backbone to execute our global reach in this critical area
JF: The media refers to the fight against cyber crime as an ‘arms race’ between the good guys and the bad guys. Are the bad guys winning?
Crime, cyber or otherwise, has always been a battle between the “good guys” and “bad guys”. The only difference with cyber crime is how fast the methods of crime evolve. There will never be a winner in this fight – crime is always going to take place. But there will also always be ways that organisations can protect themselves – the virtual equivalent of locks and intruder alarms. That is what we are helping companies do.
Comments (0)