Patricia Shields and Conor McGoveran. Image: Corporate Photographers Dublin
This Dublin-based cybersecurity start-up wants to secure supply chains and ensure that SMEs are compliant with EU regulations.
When it comes to organisational cybersecurity, a major concern for modern enterprises lies in the supply chain.
Supply chain vulnerabilities can severely impact a business’ cyber resilience and can be a significant cause of frustration for IT decision-makers.
A HP Wolf Security report from December highlighted some of this frustration, with 34pc of IT leaders revealing that one of their device suppliers failed a cybersecurity audit in the last five years, with 18pc saying the failure was so serious that they terminated their contract with the supplier.
One company that aims to address cybersecurity vulnerabilities in the supply chain is our latest Start-up of the Week, Cyber Cert Labs.
Cyber Cert Labs is an Irish cybersecurity start-up that wants to revolutionise the way organisations approach cybersecurity by addressing end-to-end supply chain vulnerabilities, as well as ensuring EU regulation compliance.
“We develop software for digital product manufacturers, enabling them to embed cybersecurity into their development life cycle,” says co-founder and CTO Conor McGoveran . “Our solutions also support businesses that purchase these products (eg internet of things, operational technology and software), ensuring secure operation as defined by the manufacturer.”
How it started
Dublin-based Cyber Cert Labs was founded in 2022 by McGoveran and CEO Patricia Shields, who both have extensive experience in the cybersecurity industry.
McGoveran has worked in cybersecurity across numerous sectors including financial services, telecoms, logistics and digital services, while Shields has 28 years of experience in cybersecurity, software development and technology companies.
As well as industry expertise, the two co-founders also have previous entrepreneurial experience, including joint involvement in the founding of cybersecurity software company Onformonics, which was acquired by UK professional services company IRM in 2012.
After noticing evolving trends in the EU tech landscape, including an increased focus on security, technology sovereignty and increasing need for cybersecurity capabilities, Shields and McGoveran joined together again to establish Cyber Cert Labs.
“From the beginning our focus was on the European market and we set out to become part of the European ecosystem and sought EU funding that aligned with our strategy,” explains Shields.
“This ecosystem approach is in line with new EU regulations such as NIS2 and the Cyber Resilience Act (CRA),” adds McGoveran. “These regulations require manufacturers and operators of critical services to have verifiable, certified cybersecurity levels.”
With a primary focus on European SMEs, the start-up saw that there were many use cases in cybersecurity that could benefit from AI to increase cyber resilience of both security in digital products and in operational environments.
As a result, Cyber Cert Labs embeds AI into its software to replace work that is currently performed by consultants.
“Tasks such as document analysis, knowledge extraction, assessments and conformity review are all suitable use cases to automate with AI,” says McGoveran. “These tasks are important in the process of embedding ‘cybersecurity by design and by default’ in any process.”
The start-up is also using graph database technologies to develop digital twins of products and operational environments to perform vulnerability analysis and control testing in a virtual environment.
“This is an important capability as it allows for rapid testing of cybersecurity controls,” says McGoveran.
How it’s going
Since its establishment three years ago, Cyber Cert Labs has seen considerable progress. The company recently kicked off a two-year EU co-funded project called CRA-AI (Cyber Resilience Act Artificial Intelligence), which aims to create a highly automated AI-based software platform to support SMEs and micro-enterprises with product security and to ensure conformity with the provisions of the Cyber Resilience Act.
“The EU funding is geared towards product development, so we are seeking investment to ramp up sales and marketing,” say McGoveran and Shields. “We are also looking for EU-based investors who have a good European network and experience in the EU market.”
As well as this, the company released its first product last month – an online readiness assessment for businesses who are in scope for the CRA.
“The assessment is an initial snapshot of where you stand in relation to the CRA requirements,” explain the co-founders. “Users will receive a comprehensive report outlining their strengths and areas for improvement and additional recommendations on what steps to take to secure their digital products.”
The start-up also recently hired its head of product development and plans to grow its team even further this year.
While the company has had considerable success so far, both McGoveran and Shields think that Ireland’s cybersecurity scene could benefit from tailored supports.
“We applied for a few accelerator programmes here in Ireland, however we found the one-size-fits-all approach did not suit what we are trying to do. There are no cyber-specific accelerator programmes in Ireland and this is something that would have been useful.”
Don’t miss out on the knowledge you need to succeed. Sign up for the Daily Brief, Silicon Republic’s digest of need-to-know sci-tech news.
