Offering cybersecurity solutions to SMEs at prices they can afford

Founder of CommSec says the IT security company’s ‘secret sauce’ is the expertise and vast knowledge of its technical team

CommSec’s customers range in size from those with fewer than 100 employees up to organisations with several thousand. Photograph: Getty Images
CommSec’s customers range in size from those with fewer than 100 employees up to organisations with several thousand. Photograph: Getty Images

One of the most sinister aspects of the coronavirus pandemic has been the huge spike in Covid-related cybercrime. The Twitter accounts of high-profile users have been hacked, phishing emails purporting to come from the World Health Organisation have conned thousands, and even those trying to find a vaccine for the deadly virus have not been immune from attack.

Cybercrime is thriving, and businesses need to wise up to avoid being scammed, says David McNamara, founder of IT security services company CommSec Communications & Security.

McNamara set up CommSec in 2013 following a career that began in the Army before he moved into senior roles with Eir, Siemens, Fujitsu and IBM over a 20-year period.

IT security was always McNamara’s big interest, and having spent a chunk of his career in an enterprise environment he could see that SMEs couldn’t possibly afford the IT security big organisations took for granted and that companies of all sizes were going to need as cybercrime continued to grow.

READ MORE

It was this gap in the market that convinced McNamara to establish CommSec with the aim of developing a service that would integrate a slew of complex cybersecurity solutions, and offer robust protection to SMEs at a price they could afford.

“All companies have the same challenges when it comes to security, but they don’t all have the same budgets,” McNamara says. “In the current environment every business needs to take cybersecurity seriously, and for companies with ambitious growth targets, or those who are trading in sectors where sensitive personal or commercial data is involved, security and data integrity have never been more important.”

Companies without big security budgets typically rely on bought-in services to keep them safe, but McNamara sounds a note of caution.

“Often these providers only have rudimentary IT security skills, and their clients are exposed. We are bringing the latest generation IT security services to the mid-market while working in co-operation with their in-house IT staff or managed services providers. In terms of specific innovation, we are the first company in Ireland to offer ‘threat hunting’ – the latest requirement to hit the IT security world.

Prevent attacks

“As attackers become more sophisticated many companies are realising that the best way to prevent attacks is to actively search for and prevent them. This is an enterprise grade service, but we are making it accessible to anyone that needs it.”

When McNamara left the Defence Forces in the late 1990s he says disaster recovery was already in place in most large organisations. However, at that time it was usually focused on physical threats that might disrupt the continuity of a business.

“What’s changed completely is the risk profile, and from something often perceived as low-level crime perpetrated by malicious geeks in their bedrooms, cybercrime has become industrialised with globally organised crime networks.

“The real threats now are unseen, and can start with what seem like straightforward actions. For example, organisations sending thousands of employees home with company laptops when the lockdown started without any security awareness training. Once away from their normal office environment we saw that people quickly became anxious, especially about the virus, and started clicking on links they shouldn’t be clicking on because they didn’t recognise a lure when they saw it. The first step in protecting yourself against any cyber threat is securing your human firewall.”

While CommSec is now operating profitably, McNamara says it was not all plain sailing at the start. Initially he was so concerned about cash flow that he became distracted by non-core activities just to generate revenue.

In year one he turned over €150,000. In year two he copped on that he needed to focus even if this meant taking a financial hit, and the company’s turnover halved. Since then steady progress has been made, and over the past three years sales have more than doubled to €1.8 million and the company employs 20 people.

Customers

CommSec is based at the LINC innovation centre on TU Dublin’s Blanchardstown campus, and its customers range in size from those with fewer than 100 employees up to organisations with several thousand. Clients include Apex Fund Manager and the Irish Horseracing Regulatory Board.

McNamara’s ambitions for his business are pan-European, and the company’s newly-launched CheckScan+ (a managed vulnerability scanning service) is expected to spearhead its international expansion. CommSec was to have opened an office in Jersey this year but this has been delayed by the lockdown.

The quantum leap forward for the company came in February 2019 with the launch of its Security Operations Centre (SOC). “Our SOC-as-a-service provides monitoring across a client company’s entire IT network and all the devices within it. It reviews the network’s activity, detects anomalies and sends alerts. We can then help to remediate any issues,” McNamara says.

“We audit companies to ISO security standards, identify their vulnerabilities and suggest how to remedy them. We know that budgets are tight so we help clients shore up their immediate problems and other things can be secured later.”

The SOC accounts for around 70 per cent of the company’s business, and also provides other services including security incident event management and data protection/information security cover for companies that can’t afford to hire people specifically for these roles.

McNamara decided to set up CommSec because he could see a substantial gap in the market and he fancied a new challenge. He didn’t take on his first employee until 2016, but having added three new clients in recent weeks and with interest in the company’s services at an all-time high, McNamara expects employee numbers to grow to 25 by 2023.

He favours developing talent in-house, and a number of young staff who started out as interns are now in full-time positions.

Organically

By now some entrepreneurs would be champing at the bit to raise money to accelerate growth, but McNamara is content to let it happen organically.

“I like to be in control because it means I can hire people who share my values and my goals. We have made several significant high calibre hires in the last few years, and now have a very strong technical team with a lot of experience. But equally important is that on a personal level they are really solid people I enjoy working with.”

McNamara estimates investment in the business to date at around €200,000, which was spent on testing and integrating products and building up the workforce. “The technologies we are using are class leading in their own right, but the secret sauce is the expertise and vast knowledge of the technical team.”