The champions of cybersecurity

It was with a hunger for knowledge that a young Dmitry Volkov began studying cybersecurity at Bauman Moscow State Technical University in 2003. But as the curious student learned more about the devastating impacts of cybercrime, he quickly identified this as a field not only ripe with possibilities, but also one where he could make a real difference.

“We saw so many examples of businesses being destroyed. Sometimes people’s lives were destroyed, completely destroyed,” he tells The CEO Magazine. “So when I saw what was really going on, this dark side, I wanted to help people, to help businesses.”

With the spark ignited, Volkov and his friend, Ilya Sachkov, quickly realized that the field was largely theoretical and lacked practical, hands-on learning opportunities.

“It was extremely boring,” he recalls. “As hungry students, we were looking at how to get practical knowledge, not something theoretical, but learning about real attacks, how bad actors are always able to bypass cybersecurity controls, how to get access to sensitive information, those kinds of things.

“And so we understood that it probably could be a good idea to create a company that was responsible for digital forensics and incident response, because at that time, nobody in our country was responsible for that.”

Creating opportunities

Driven by their desire for real-world experience and a deeper understanding of cyber attacks and threat actors, he and Sachkov decided to start their own company, Group-IB, in 2003. Providing digital forensics and incident response services, the enthusiastic pair decided to take it a step further by also venturing into the world of investigations to see if they could locate the criminals behind the cyberattacks.

Over the next decade, they explored the methods and networks used by the cybercriminal ecosystem. As they gained deeper insights, they identified the need for advanced technologies to proactively counter attacks and developed a range of products and services catering to fraud protection, threat intelligence and cybercrime investigation.

Seeing great opportunity in the field of threat intelligence, Volkov took responsibility for this area in 2015. But getting people to use their products was challenging. Back then, it was a commonly held belief that investigating cyber incidents was the sole responsibility of law enforcement.

But the reality was that law enforcement frequently lacked Group-IB’s specialized expertise, knowledge and capacity for thorough investigations.

“When we do incident response, we’re already in the incident, then we do forensics and we understand what really happened in the organization,” Volkov explains. “So we already have 50 percent of the picture – we know how the attack happened, what kind of tools were used, what digital evidence may lead us to a successful investigation.”

Volkov became CTO in 2018 and the year after, Group-IB fulfilled its ambition of becoming a global company, moving its headquarters to Singapore. Then, in 2021, Volkov took over as CEO, with the company completing its exit from Russia at the end of 2023.

Shifting responsibility

Today Volkov is determined to dispel the commonly held belief that raising awareness around cybercrime is the solution to this spiraling issue, instead insisting that companies should stop placing the onus on their customers.

“My personal belief is that people don’t need to think about cybersecurity,” he says. “I don’t understand why we try to shift this responsibility on citizens, on average people, who are not even IT experts, let alone cybersecurity experts.”

Volkov stresses that consumers who pay companies for bank accounts, telecom services and so on, entrusting them with their personal information, should be made to feel secure.

“It is their responsibility to protect you. It is their responsibility to think about cybersecurity, to invest in or develop new technologies.”

The ongoing focus on raising awareness among average users, while important, doesn’t address the root of the problem, according to Volkov.

He believes, with the increasing complexity and frequency of cyber incidents, that promoting a culture where security is integral to business practices is the key to tackling cybercrime effectively. But that can only be achieved through industry standards, regulations and a focus on continuous improvement in security practices, with penalties imposed for non-compliance.

“The problem is bigger and bigger every year, but we still continue to do the same,” Volkov warns. “We continue to tell everyone that we need to raise awareness, but it doesn’t solve the problem.”

A global approach

That’s why, with global rates of cybercrime soaring, Group-IB has come up with a global model of digital crime resistance centers, which gives it the edge against competitors that tend toward a major presence in just one country.

“We need to have visibility, local support, tailored technologies and knowledge about what happens in the region in terms of cybercriminal activity,” Volkov explains.

The first step in establishing this local foothold is to send in Group-IB’s DNA team involving digital forensics, incident response, investigators and a Computer Emergency Response Team (CERT-GIB) that is capable of monitoring, analyzing and responding to cyberthreats globally while collaborating with other CERT teams in more than 150 countries worldwide.

“They help us identify this first visibility and ascertain what really happens in the region, what is really important, and how we need to tailor our technology to provide better protection, provide better services. This is a critical component,” he says. “And only after that do we start to invest more in sales, marketing, more business divisions.”

Once the company has established a strong presence in one country, the team then works on replicating similar structures in surrounding countries. For example, in Asia, it began with Singapore then spread out to Vietnam, Malaysia and Thailand, while it used a similar approach in the Middle East. The United States is next on the agenda, Volkov reveals.

Tackling the Group-IB mission remotely is an impossibility, Volkov insists. A local presence is crucial, not only to properly understand the intricacies of the market but to also build up close working relationships with clients and build a local workforce that speaks the same language and understands the culture.

Working with academia is another crucial piece of the puzzle in order to ensure there are enough people entering the workforce with the necessary skills.

“We follow the approach of ‘training the trainer’ and provide them with technologues, in some cases for free,” he says.

“Then they can train students with practical knowledge and with real data. We don’t want to create a sandbox environment with simulated attacks because this is not what happens in real life.”

And while Group-IB can find the perpetrators of such attacks, it must work closely with global organizations such as Interpol, Europol and Afripol as well as with local law enforcement to bring them to justice.

“We are not a police force. We can’t go and arrest anyone,” Volkov says.

Even as the company continues to evolve, this purity of purpose remains at its core more so than financial success.

“And this is what drives not just me, it drives the team,” he insists. “For a new generation of cybersecurity experts, this is a huge motivator – to have a social impact.”