By Faiz Shuja, Co-Founder & CEO of SIRP Labs
SIRP Labs was established in 2019 out of Dubai by myself alongside Co-Founder & CTO, Muhammad Omar Khan. SIRP develops and markets a Security Orchestration Automation and Response (SOAR) software platform that enhances the efficiency and accuracy of processing the many hundreds of cyber security alerts received by enterprise Security Operations Centres (SOCs) every day.
Our geographic location has its own idiosyncrasies which have made our start-up journey slightly unusual. It’s been filled with twists and turns but we have learnt a lot in a relatively short time.
At the time we set up the business, most VCs in Dubai and elsewhere in the Middle East were not in tune with the cyber security sector. They were more at home supporting consumer software applications. No one we spoke to seemed to be aware that in other parts of the world the SOAR market had become one of the hottest, fastest moving sectors in IT security.
It helped that we had a clear vision of what we needed to do next. We took the decision to register our company in the UK where the tech start-up scene was a lot more mature. We enrolled on one of the top cyber accelerator programs at CyLon. Following an intensive period of training, mentoring and workshops we felt ready to debut our platform on the international stage.
The journey to co-founding SIRP actually began with a previous company I helped to found. Back in 2006 I started a managed security services provider (MSSP) based out of Dubai, supplying organisations with 24/7 monitoring and response to cyber threats. As levels of cyber crime increase, so does the demand for services that keep track of these threats. We were able to do well and pursue some solid growth.
So abundant were the cyber threats out there that, like much of the security market, we struggled to keep up. Our SOC comprising a team of 30 security analysts had to manage the huge influx of security alerts coming their way, alongside the customer reporting. It is not uncommon for a single organization to receive thousands of alerts every day. As an MSSP dealing with several companies the task was multiplied further.
In searching for a solution to this challenge we started down the path that eventually led to founding SIRP.
It turned out that the issues we had encountered were shared by a great many organizations. Enterprise security teams are constantly battling to get to grips with the many thousands of threat alerts they receive every day. A worldwide shortage of skilled cyber security professionals is a contributing factor in security alerts being missed by up to 78% of organizations. According to Gartner organizations can overcome this by adopting a more risk-driven security approach.
The primary technology for achieving this is risk-based security orchestration automation and response or SOAR. Risk-based SOAR introduces automated, risk-based analysis into data from Security Information and Event Management (SIEM) systems to speed up investigation times and help prioritise threats.
Entering the SOAR market
To help reduce the workload on our team, we began to automate as many different processes as possible. Automating the more time-consuming manual activities frees up time for analysts to use their skills more productively. Suddenly they have more time to spend investigating certain threats more thoroughly.
We created a platform that ingests all the different security alerts, threat intelligence feeds, risks and vulnerabilities and fuses it together with assets to make operations more manageable and context aware. Once this was in place, we took things further until we had a platform capable of providing SOC teams with a clear view of the nature and severity of alerts. Armed with this intelligence they were better able to make informed decisions about incident response priorities.
The end result is a Risk-Based SOAR (Security Orchestration, Automation and Response) solution. In addition to helping immeasurably with our own activity it was readily apparent that other companies were crying out for something similar.
Realising its potential, we decided to spin off the platform into its own separate start-up company. Fast forward two years, and SIRP has seen steady growth and successful funding as we pursue a place in the global SOAR market.
Lessons in getting started
The single most important thing for any would-be entrepreneur to consider is the market problem they want to solve. There are many very intelligent and creative individuals out there who come up with interesting ideas for products, only to fail to get off the ground. Rather than creating a product and searching for a market, you need to find a problem and create a product that solves it.
SIRP’s origins as a way to address the challenges we and our customers faced every day gave us a solid start. We knew without a doubt there was a problem to solve. When, in 2017, one of our customers was hit by the global WannaCry attack the CISO called us in to help onsite. We were met with a scene of total chaos. More than 300 systems were infected with ransomware. The security teams were so busy they didn’t know where to start. Even the CISO was unable to fully assess and prioritise the situation. This is exactly the kind of problem a good SOAR platform can solve.
Although we had a clear vision, we had very little idea how to get our ideas heard and secure funding. For entrepreneurs with a creative or technical background like ourselves this meant stepping into an alien world.
We are so grateful that through CyLon’s connections we were able to find the right venture capitalists. Learning how to pitch the business to win them over was an incredibly valuable one. In January of this year we secured seed funding which we have used to accelerate the organic growth already achieved.
Budding entrepreneurs reading this should note that this is extremely time consuming. It’s a full-time role in its own right. You can’t really balance it alongside your day job. I decided therefore to exit my previous company and focus on SIRP full time.
We came to understand that a strong pitch showcasing the commercial value of the product is essential. Most VCs are less interested in the technology or engineering ingenuity and more focused on the vision and capability of the team behind it. This is true even for a very technical product like SOAR. A typical VC might have a list of 100 start-ups, shortlist 10 of them, and finally pick one to fund. With so much competition it’s important to have an extremely focused pitch, and we spent a lot of time refining how the SIRP story came across.
Finally, you also need to find yourself in the room with the right VC. They are very much horses for courses. You need to meet one who fully understands your field and appreciates the value of what you bring to the table.
In the two years’ since we launched SIRP, the security market in the Middle East has matured a great deal. The current wave of security start-ups will likely have better luck finding funding opportunities at home.
In summary, wherever you decide to launch, there can be no substitute for a strong vision matched equally by genuine market need as the essential ingredients for start-up success.