Long before Vladimir Putin brought war to Ukraine, US authorities were having negative thoughts about Positive Technologies, a Russian cybersecurity firm with ties to the Kremlin.

On April 15 last year, the US Treasury Department slapped sanctions on the company, describing it as a stooge of the FSB (successor to the KGB, where Putin cut his teeth) and host of "large-scale conventions that are used as recruiting events for the FSB and GRU [another Russian intelligence unit]."

Today, Positive Technologies is sandwiched between other suspicious Russian companies on the Entity List, a well-known US trade blacklist.

None of this was ideal from the perspective of Amit Nath, the boss of Positive Technologies Global Solutions. Nath's unit of the organization sold security products and services to the telecom sector, counting dozens of operators in numerous countries as customers.

"People said are you Russian or are you not Russian? And it always used to worry me," said Nath.

Official sanctions would have risked a serious backlash, making it hard for Nath to retain some clients. The answer, effectively, has been a de-Russification of Positive Technologies Global Solutions.

In partnership with Dmitry Kurbatov, his chief technology officer, and two Italian investors – Paolo Emiliani and Massimo Romagnoli – Nath decided to buy the unit he ran from its Russian parent, rebrand it as an independent company owned by the four men and sever all links to Moscow.

Figure 1: Vladimir Putin's antics have brought numerous sanctions for Russian firms.
(Source: Presidential Executive Office of Russia via Creative Commons)

SecurityGen, as that company is called, was fortuitously born in January, just a few weeks before Russian tanks rolled across Ukraine's border.

Equity is divided between the four founders (Nath says his own stake is 22%), although the financial terms of the transaction between SecurityGen and Positive Technologies are not being made public.

De-Russification appears to mean ditching a development center in Moscow and persuading Russian staff to relocate to other parts of Europe.

The numbers, thankfully, are quite low. While Positive Technologies still employs more than 1,000 people, Nath's unit had only 52 or 53, and SecurityGen's payroll today includes about 40 members of staff.

Of these, only about 12 worked inside Russia and a handful of these have already moved to locations including Montenegro and Georgia. Positive Technologies Global Solutions also had a second development center in the Czech city of Brno, which SecurityGen has inherited.

"The deadline is for late autumn this year to finalize operations in Russia and relocate," said Kurbatov.

The software developers who have relocated from Russia are part of a much bigger exodus of technology experts from Putin's fiefdom. Georgia's government alone reportedly estimates that among the 80,000 Russians, Belarusians and Ukrainians who have arrived in the country since the war began are between 20,000 and 25,000 who work in IT and software.

In the telecom sector, Nokia is relocating research-and-development staff employed at a facility in St Petersburg as it prepares to quit Russia. Between 40 and 50 are being moved to Finland, according to a source.

A good place to be

SecurityGen is optimistic about the future. Following the buyout, it continues to serve about 40 operators spread across 26 countries, according to Nath, and it claims to occupy a neglected part of the security market.

"There are very few cybersecurity companies that operate only in the telecom space," said Nath. SecurityGen, moreover, is heavily focused on 5G.

What seems to mark out the company especially is a recently launched tool called the Artificial Cybersecurity Expert (or ACE, for short), which runs simulations of attacks and breaches.

Previously, these would have been done by teams of consultants at considerable cost, said Kurbatov, but ACE is highly automated to run continuously. Competing platforms, he says, tend to consider IT infrastructure more generally rather than the 5G core specifically.

The other main pillars of SecurityGen's offer include detection and protection tools.

"Operators really have a huge challenge to identify what is happening inside the core network if it is not something that is meant to be monitored by the usual quality-of-service solutions," said Kurbatov.

On the protection side, SecurityGen has a signalling firewall that sits on the control plane, applying smart policies for traffic entering and leaving the network.

Technology details aside, the billion-dollar question for any security firm is why customers should spend money when it brings no guarantee a cyberattack will fail. But Nath likens investment in cybersecurity products to the sort of spending on medical insurance that nobody would even query.

"It protects against risk," he said. "Our job is to minimize the risk to the lowest possible denominator so that when this is a boardroom topic, and the chairman says what is the possibility of a cyberattack, the answer is that it is negligible."

Want to know more about 5G? Check out our dedicated 5G content channel here on Light Reading.

Given the multiplicity of risks these days, the cybersecurity market would seem like a good one to be in – especially when it comes to 5G.

Just last week, Karsten Nohl, a German cybersecurity expert, told a hacker camp in the Netherlands that virtualization and cloudification of radio access network infrastructure is generating all manner of new threats for telcos.

Kurbatov and Nath both consider 5G security to have been an afterthought for many operators and vendors, largely because most of the money is still in network deployment.

On the plus side, this means SecurityGen sees little prospect of immediate competition from big 5G players such as Ericsson.

Nath reckons his addressable market is worth between $250 million and $300 million a year. But he says it is growing by 15% to 20% annually as governments and companies realize the cost of a bad cyberattack could massively exceed any cybersecurity bill.

In a world battered by inflation, where discretionary spending is being slashed, that probably means cybersecurity looks safe.

Related posts:

— Iain Morris, International Editor, Light Reading