Bitdefender CEO on past revolution, future shocks

Bitdefender CEO Florin Talpes has dealt with every kind of insecurity, including collapsing regimes and cyber sabotage.

A researcher in Rumania’s Institute of Research in Computers in Bucharest for most of the 1980s, Florin Talpes took the seemingly crazy decision to leave the safety of a secure job just as his country was being plunged into uncertainty and social unrest. The Rumanian revolution of 1989, under which Communism was overthrown, would have replaced fear of the Government with the insecurity of being out of a well-ordered trading bloc and a disciplined regime. Dismantling a corrupt, centralised form of government is one thing but, as his supporters would have said at the time, at least brutal dictator Nicolae Ceaușescu provided stability…

Talpes saw through what he describes as “the smoke of the propaganda”, pumped out by fans of centralised control and authoritarianism, of those who would have wanted to remain in the communist system. Here is his perspective on dealing with regime change and what he learned about living in a constant state of flux.


How did Rumania survive and become a strong IT player?

The Moscow-led common trading area of the Communist countries collapsed around 1989. The regional market collapsed, but Rumania had long had a strong foundation of physicists and mathematicians. Another fortunate set of circumstances was that, like many dictators, Ceaușescu didn’t like debts or credits because they gave outsiders the option to exert control over the country. So in order to pay them off quicker, he’d banned technology imports. This meant that in Rumania, which has one of the world’s strongest focuses on science and maths education, the IT industry was forced to reverse-engineer other people’s technology. Its universities provided great foundational knowledge, and understanding how applications work became an incredibly important skill.


Was Bitdefender’s success through luck or judgement?

I became an entrepreneur in 1990 and began to work for French companies by developing custom software and offering outsourcing services. In the late Nineties all the former members of the Soviet Union started on a new path to free markets. But not everyone succeeded. The leaders in Bulgaria, for example, blamed capitalism for the iniquities that were arising and the pain that people were going through.

There were many talented people in hi-tech but as a result of their resentment they started to look for ways to get revenge on the capitalist system, one of which was to write viruses. In some nations they were even encouraged by their own governments to be activists.

We weren’t working in security but as a service provider [Softwin, the parent to Bitdefender] we found ourselves becoming a carrier of viruses. In those days viral infection was a physical process, with the rogue code being transferred from disks to computers. Updates of antivirus software would take two months as these were based on establishing a signature and you could only detect known viruses. New viruses would come in under the radar and you could be infected for months while you waited for a cure.

We were high-tech professionals and our reputation was becoming tarnished. So in order to save our good name, we set up an internal team to detect viruses and protect our reputation.


At what stage did you realise this was a business in its own right?

Within a year we recognised it was a general problem in the market and began to investigate different ways to catch the malware. Everything else was signature based but we pioneered the behaviour-based model. We also pioneered the intelligent update as we investigated market problems and how to fix them.

Anther decision that worked out well was our choice of name. We wanted something that didn’t sound like we were an antivirus company, otherwise you can get stuck in a pigeonhole. Bitdefender is a name that implies that security is not all about viruses. That decision has proved to be useful as cyber-security has expanded into something very complex and fundamental.


How has security changed?

It used to be about individuals creating threats. Now it's an entire cybercrime industry. There is significant research and development going into cybercrime. Nations are now getting involved and investigating penetration tactics. There is state investment going into cyber weapon creation. It’s a completely different landscape now. The size and quality of the skills is dramatic. As a result, there’s a skill shortage in Rumania now.

For every 10 jobs posted, you have only six applicants. The shortage is at least 40 per cent. As a company, Bitdefender is keen on building skills so we create university courses and offer lectures.


If Rumania can’t keep ahead of the skills crisis, who can? Is automation of security the only way forward?

Machines can only augment the skills of security researchers. Bitdefender is already doing that with machine learning and has been for the last eight years. It would be great if there was universal panacea which could automate everything but it’s not just about setting up an algorithm and letting it run. Engineers are paramount still to staying ahead. It’s a continuous evolution.


Also read:
CyberArk CEO says military hackers need collaborative vendors