About six years ago, in the spring of 2018, Bulgaria held the rotating presidency of the Council of the European Union, and I got a call from a friend who was in charge of organizing the EU ministerial meeting on digital affairs. “Max”, she said, “help me out. I need to invite cybersecurity startups to the ministerial meeting, as it’s high on the EU agenda, and we want to showcase the cool companies we have in Bulgaria and neighboring countries in this vertical. Surely, you know exactly whom to invite?”.
This was the time when Europe was waking up to the cybersecurity threats from Russian hackers and the like, and I remember well how most meetups and pitching events I visited abroad, and especially in the CEE, were always full of bright people pitching cybersecurity solutions. But here in Bulgaria? To my embarrassment, I wasn’t able to name a single one, and I even thought that it would be an interesting topic to explore further, as to why that is.
Serendipitously, right around the time when I had to wiggle out of my friend’s request and tell her that I actually didn’t know a single cybersecurity startup in Bulgaria, just about a kilometer away, one such company was being born. Krasimir Kotsev, who graduated in computer networks and had a job as a tech support engineer at a local IT firm, decided that it was time to turn his passion into a business. Krasimir was what is known as an “ethical hacker”, or “white hat”; a cybersecurity whiz who sticks to ethics rules like prior approval and full documentation, to hack systems in an authorized way, to expose vulnerabilities and help the owners and admins of a system to repair them.
Krasimir’s idea was to take ethical hacking, and transform it into a service model. A few months after starting out on his own, and serving his first clients with security assessments, he teamed up with Rumen Arsenov, who is a tech business developer with 15 years of industry experience and a previous startup of his own under his belt. Together with Rumen and first hires Martin and Petar, Krasimir founded SoCyber, which quickly focused on bespoke security assessments for companies that run critical infrastructure (think utilities companies, airlines, railroads, etc), healthcare providers, and pharmaceutical companies. Another big area for SoCyber were software development firms, which sometimes weren’t even big. “If you’re building apps for a bank, or for some other security-sensitive client, and you’re not a big firm, you actually have a serious problem”, says Krasimir. “You can’t afford to do the assessment in-house, but your client risks a huge problem if there is some kind of leak or other vulnerability. That’s where we came in handy with SoCyber."
By 2021, Krasimir and Rumen realized that the service could be productized. Having handled hundreds of clients, including large intergovernmental organizations and military facilities, they established that there’s a set of 40,000 to 50,000 security vulnerabilities in the most common software and hardware systems, that are common among many of their clients. "What if we designed a machine-learning algorithm that detects such instances in clients’ systems", they thought.
And that’s how the spin-off product company Kikimora.io was created. Kikimora is an ancient word, going back to Slavic mythology, which denotes a house spirit that wakes over the dwelling. Generally benign, Kikimora can be fierce, when evil spirits try to attack the owner and their premises. In 2022, Kikimora.io launched, offering clients automated workflows and processes that collect data points from a client’s system to determine cybersecurity risk.
As Rumen says, “the idea is that we turn assessments into an ongoing process. Most of our clients will have to comply with a security audit once a year, or at some other interval. But if a virus is written the day after an assessment, and attacks 48 hours later, the assessment is useless”. Krasimir adds: “with machine learning, once we’ve done enough of these automated ongoing assessments, we are able to see patterns across specific verticals, frameworks, and system architecture methodologies that will enable us to build the next series of solutions, specifically tailored for those industries and systems”.
Having completed their latest investment round, which we led with Vitosha, Krasimir, Rumen, and the Kikimora.io team are aiming to expand and upgrade the machine-learning backend, which will turn the security assessment management process from a 50/50 manual/automated one to an 85/15 one, in favor of automation. “The good thing with us is, we have lots of clients, and they’re all waiting for us to build this. Especially now, as all kinds of new cybersecurity certification standards like the EU-mandated NIS2 and DORA ones start getting introduced, the need for a tool like Kikimora is higher than ever, and we can’t wait to deliver on our promise”, concludes Krasimir.