Paul Dwyer, founder and chief executive at Cyber Risk International, struggled to find the right investors to participate in the company’s recently closed seed-funding round.
The Dublin cybersecurity company raised close to €1 million at the start of the year from two sources: Enterprise Ireland, the state agency, and SOSV, the New York-headquartered venture capital firm run by Irish-American tech entrepreneur Sean O’Sullivan.
The path to funding was paved with many awkward conversations for Dwyer. “Getting the funding in place was a bit of a journey for us because we were working out the investment landscape in Ireland,” Dwyer said.
“There were a lot of meetings and conversations with big promises. We discovered that there’s a whole world of guys out there who position themselves as investors, but they’re not really. What they are is really commission-based brokers who put you in touch with investors.
“It took a while, but I think we made the right choices in the end with SOSV and Enterprise Ireland, because we see our investors as partners. We want to work with them as partners.”
Dwyer established Cyber Security International in 2014, initially as a consultancy, and it now employs ten people.
He recently brought to market a software-as-a-service (SaaS) platform called CyberPrism Enterprise. Developed over five years, it uses artificial intelligence to help companies automate the process of measuring and managing cyber risks.
“I started developing the platform within the first year of starting the consultancy, basically because we couldn’t hire the people we needed,” Dwyer said.
“There are four million open cybersecurity jobs in the world and about 2,500 in Ireland. It is just so hard to find people that can do this kind of work.
“I realised that the only way we could expand would be to develop a platform that would automate a lot of the work these consultants do. Otherwise, we’d just be stuck in this kind of holding pattern.”
The process was, at times, challenging.
“Although this is still a service company, at the back end, we’ve been morphing into a technology company,” Dwyer said.
“It has been a bit of a painful transition. When you go from being an advisory firm to a techie firm, everything is completely different: how you sell, how you market and how you recruit the different kinds of people you now need.”
Dwyer launched CyberPrism at the European Cyber Threat Summit in Dublin in October 2018 and closed the company’s recent seed-funding round ahead of plans to expand in the US market.
“We were on that path right up to the edge of Covid-19. We were about to launch our New York office on March 16 and then we had to pull our flights on March 14,” he said.
“That’s how close we were, but all is not lost. One of the unique things about our software is that it calculates what’s called your inherent cyber risk. That is the cyber-related risk specific to your company, based on your business and operating models. Because of Covid-19, everybody’s working from home, so companies’ operating models have changed.
“The cyber ‘bad guys’ are taking advantage of this because they know that people are working under stressful conditions outside their normal internal controls. It’s a perfect storm for cybercrime, so there’s a greater requirement for companies to be able to understand very quickly and effectively where their cyber risks are and that’s what our solution does.”