Category: News

Nu e un secret că traversăm o perioadă  în care progresele tehnologice par să ne transforme viaţa peste noapte. Într-o astfel de lume este uşor să fim prinşi în vârtejul termenilor la modă şi al tendinţelor trecătoare care definesc peisajul IT în continuă evoluţie. În calitate de CTO al Metaminds, am avut privilegiul de a asista la toate modificările pieţei IT din România în ultimele două decenii. În tot acest timp, cel mai important principiu care a trecut în mod constant testul timpului a fost valoarea relaţiilor şi a gândirii pe termen lung.

Evident, ca orice piaţă de IT din lume, nici cea din România nu este imună la mirajul termenilor  la modă şi a ultimelor tendinţe. Cu toţii am auzit despre SIEM, DLP, EDR şi nenumărate alte concepte si acronime care vin şi pleacă odată cu trecerea timpului. Dar, după cum am învăţat de-a lungul carierei mele, cuvintele la modă nu rezolvă problemele din lumea reală cu care se confruntă clienţii noştri.

La Metaminds, abordarea noastră a fost întotdeauna diferită. Nu începem dialogul cu clienţii aruncându-le nişte cuvinte care ştim că funcţionează şi sunt la modă în acel moment. Începem prin a înţelege provocările şi nevoile lor unice. Ascultăm şi învăţăm, apoi lucrăm împreună pentru a crea soluţii care abordează aceste probleme specifice. Această abordare îşi are rădăcinile în ideea că relaţiile pe termen lung sunt mult mai valoroase decât tendinţele pe termen scurt.

Angajamentul nostru faţă de relaţiile pe termen lung nu este doar un slogan; este un principiu călăuzitor pe care îl susţinem în fiecare aspect al muncii noastre. Ne dorim sa stabilim o relaţie de încredere implicită, în care clienţii să se simtă confortabil să ridice telefonul şi să ne adreseze întrebări despre funcţionarea întregului lor ecosistem IT. Acest nivel de încredere cu clienţii se bazează pe ani de lucru împreună, pe înţelegerea complexităţii afacerii lor şi oferind soluţii care depăşesc nevoile imediate ale pieţei IT.

Relaţiile pe termen lung nu sunt doar despre a face o vânzare şi a trece la următorul client. Acest lucru înseamnă să creştem împreună, să ne adaptăm la peisajul tehnologic în continuă schimbare şi să depăşim împreună provocările care apar inevitabil. Suntem aici nu doar pentru a livra un produs sau un serviciu, ci şi pentru a fi un partener, un colaborator şi o soluţie la toate problemele tehnice.

Într-o lume în care tehnologia evoluează constant, este uşor să uiţi de valoarea conexiunilor personale, a expertizei umane şi a gândirii pe termen lung, Însă am învăţat rapid că soluţiile de durată sunt bazele pe care trebuie să construim Metaminds.

Aşa că pe măsură ce navigăm spre viitorul IT al României, îi încurajez atât pe clienţii noştri, cât şi pe colegii mei profesionişti din IT să privească dincolo de ce se vinde acum şi care sunt tendinţele. Îmbrăţişaţi ideea de gândire pe termen lung, fie că vorbim de relaţii cu diverşi parteneri sau de sistemele IT realizate. Doar aşa ne vom diferenţia de ceilalţi, iar tehnologia va înregistra progrese reale şi semnificative.

Bucharest, September 6, 2023 – Ahead of the ninth season of the EHF Champions League, Romania’s top women’s handball team is hitting the road with the support of a new official sponsor! CSM Bucharest has entered into a partnership with METAMINDS, the Romanian technology company specializing in advanced IT&C solutions integration for private companies and public institutions in strategic industries and sectors. This collaboration will further enhance the team’s value in the competitions it participates in.

Iulian Pîslaru, CEO of CSM București, stated, “The women’s handball team of the Municipal Sports Club of Bucharest is known for its achievements, dedication, skill, and passion for sports. We are delighted to have a reliable partner, a Romanian company that has experienced growth and continues to grow, just like we aim to do. With METAMINDS’ support, we are preparing to reach new heights and establish ourselves in national and international handball competitions.”

This sponsorship will enable the athletes of the CSM Bucharest team to continue their progress, achieve their maximum potential, and compete at the highest level. It also reflects the company’s dedication to promoting teamwork, performance, and the development of women’s sports in Romania. 

Andrei Cruceru, Co-founder and CEO of Metaminds, said, “We have always had much to learn from the world of sports. Every goal scored is a story of dedication and hard work. Every victory is proof of human capacity to overcome any obstacle. And this partnership represents not only our aspiration to contribute to the development of Romanian handball but also our desire to learn from the world of sports – to be determined in the face of challenges, collaborate to achieve our goals, and not forget to celebrate together. We are delighted to be part of the CSM Bucharest story, witness the team’s achievements, and encourage young individuals to pursue their ambitions in the field of sports.”

Founded in 2007, the Municipal Sports Club of Bucharest quickly achieved success by winning its first national title in 2015. The following season, the team made its debut in the Champions League, a competition it won for the first time in 2016. CSM Bucharest boasts several other titles in its trophy cabinet, including six Romanian championships, six Romanian Cups, and five Romanian Super Cups. Additionally, the team has secured two bronze medals in the EHF Champions League (in the 2017 and 2018 Final Fours).

Who is Metaminds?

METAMINDS recently celebrated eight years of activity during which it consistently achieved impressive results and was recognized as a standard of execution and innovation by all its technology partners. Starting this year, the company has the internal capacity to cover all functional requirements for complex projects, from architectural design and security to the development and operationalization of software platforms and application architectures, with the best experts in the market. The company has a significant presence in Romania’s IT&C market, either as the sole provider or alongside other major players in projects aimed at bridging the significant gap in digitalization and effective interaction with institutions and public administration in Romania.

About Metaminds

Metaminds S.A. is a Romanian technology company founded in 2015, specializing in the integration of advanced IT&C solutions for private companies and public institutions in strategic industries and sectors such as telecommunications, energy, utilities, financial-banking, defense, and national security. Currently, the company is one of the most important players in the IT&C integrator segment in Romania.

 

This in an English translation of the original article published in the print edition of Business Magazin 21-28 feb 2022 and written by Anda Stroe. 

At the turn of the 21st century, Andrei Cruceru was teaching physics as an assistant professor at the Polytechnical University in Bucharest. Within a year, he, too, made a turn for a sales career at global IT corporations IBM and HP. Many years later, with enough solid experience and knowledge under his belt, he decided to set up his own company that soon became a € 30-million worth business.

So, what was the key for keeping up with the fierce global competitors?

“The quality of people has always been the underlying element of all my decisions and experience has proven me right so far. Ideas can’t succeed without considering the people factor in the process. We tend to ignore this basic truth all too often.”, says Andrei Cruceru, Metaminds CEO, former Nova Tech Integrated Solutions.

He is a firm believer in putting the human element at the heart of every IT innovation, strategy or solution, especially where cybersecurity is concerned; “the general perception attached to this discipline is rather on the abstract, depersonalized side. But technology should be at the service of people and not the other way round.”, he adds.

Between 2015 and 2020 the business reached a turnover of RON 156 million, according to the information published on the Ministry of Finance website. Financial Times ranked METAMINDS as one of the top 1,000 fastest growing European companies for two consecutive years, in 2020 and 2021 respectively.
METAMINDS is a team of 40 and serves B2B customers from both strategic public sectors and priority private sectors, such as banking, energy, utilities or telco.

For this type of business, says the executive, the pandemic triggered increased demand for digital security solutions, especially from companies and organizations that had not made any progress previously in that respect.

On the other hand, the industry has had its share of challenges during the pandemic. Andrei Cruceru names some of them: finding viable up-to-date solutions that had to be implemented on older systems/ infrastructures; attracting talent “while competing against giants such as Google, Amazon, Oracle, IBM, Microsoft, HP.”.

WFH, the associated cloud solutions and increased used of smart devices to make up for physical distancing have created more attack surfaces and a multiplication of cyber vulnerabilities; cyberattacks have become more numerous, more sophisticated and more diverse; the global supply chain crisis also took its toll on delivery terms and deadlines from providers all over the world, leading to delays up to 200 days.

We need a public-private partnership that works

“When compared to ALL other European Union countries as regards digital competitiveness, and I stress “all”, the decisive and the most vulnerable factor for Romania right now is IF and WHEN we have a working partnership between the Public Administration and the IT industry, as part of the country’s strategic priorities, with the goal of developing a national digital infrastructure and its respective communication systems.”

Andrei Cruceru says the public institutions and organizations in Romania have a tremendous potential for developing complex digital and IT projects; he quotes “The Program for Intelligent Growth, Digitalization and Financial Instruments” to support his argument: “there is a grave lack of capacity by the public institutions to offer citizens and companies digital and IT infrastructures as an integral part of their processes and service.” On top of that, Cruceru reminds the almost utter lack of digital solutions for the public education, cultural or medical ecosystems

We need only look at the latest DESI Report to see ROMANIA RANKS LAST, WELL BELOW THE 2020 KPIS, IN TERMS OF BASIC DIGITAL PROGRESS: HUMAN CAPITAL, INTERNET CONNECTION, INTEGRATING DIGITAL TECHNOLOGIES, DIGITALIZED PUBLIC SERVICES.

“I WISH THAT THE PUBLIC AUTHORITIES RESPONSIBLE TO SOLVE THIS CRISIS WERE AWARE OF HOW BAD THE SITUATION CURRENTLY LOOKS. WE NEED TO TAKE ACTION IMMEDIATELY. AND THIS IS NOT DOABLE WITHOUT A WORKING PARTNERSHIP WITH THE LOCAL IT INDUSTRY.” Andrei Cruceru points out.

“IT HAS REACHED THE LEVEL OF A SERIOUSLY AGGRAVATING PHENOMENON, IF WE CONSIDER A COUNTRY’S ECONOMIC COMPETITIVENESS IS DIRECTLY LINKED TO ITS LEVEL OF DIGITAL PROGRESS. ROMANIA IS A SOURCE OF HIGH EXPERTISE IN THE FIELD, AND, UNFORTUNATELY, THIS EXTREMELY VALUABLE EXPERTISE IS NOT PUT TO USE FOR THE PUBLIC ADMINISTRATION.”

The CEO highlights the huge wave of financial opportunity coming our way from European Funds and Budgets. “For 2022, I wish the State provided IT companies with the necessary leverage to access and use all those funds and transform them into interconnected digital services and infrastructures for the benefit of citizens and companies alike. “

From public to private

The decision to set up his own business presented itself as the best possible option at the time, both professionally and personally. With two MS degrees under his belt, one in Physics, the other in Economics, plus a Master’s Degree in Biophysics, Andrei Cruceru taught Physics at the Polytechnical University in Bucharest until 2001. He shifted to sales for big IT corporations IBM and HP for 13 years, during which time he got as high as National Sales Director up the career ladder, for IBM Romania.

In 2013 he became the Sales Director for local IT solutions integrator Asesoft Technologies, following a “reset of business priorities by IBM Romania on the regional market.”

The shift from the global IT player to a local solutions and services provider reshaped Cruceru’s approach of the business and the industry. “I acquired a deeper understanding of the industry and its mechanisms, but, most importantly, this paradigm shift offered me a much more subtle insight into my clients’ needs.”

Having built a career both inside global corporations and local companies, going entrepreneurial seemed like the next natural step for Andrei Cruceru. “So started the story of Nova Tech Integrated Solutions, a story that began with a core team of four people whom Andrei had previously met and worked with personally.

For 2022, “the key priority” of the company is to diversify its portfolio of security solutions, so as to accommodate for both their direct customers and their customers’ customers across all platforms and channels. We estimate a 20%-growth in 2022 against a highly volatile market, given the direct influence of public policies and mechanisms that may block or otherwise impact the business and the industry.

Asked about his plan to open an office abroad, the CEO confirms having considered this step as a natural move towards developing the business, while prioritizing a healthy, organic growth, centered around the human quality and the expertise of the team. As regards the long-terms plans, Cruceru said he would find it hard to make such a prediction, given how unpredictable and game-changing the COVID-19 pandemic has turned out to be globally within the space of only two years.

“I wish, though, Metaminds continued to be the well-established and respected security solutions provider it is now.”

ALTER EGO

In a hypothetical scenario, Andrei Cruceru thinks he would have pursued an academic research career in biophysics. “But I couldn’t see a way of turning it into a business at the time.”

“After graduation, I had the opportunity – undreamed of then – to spend two weeks in the USA, where I had the most overwhelming cultural experience, altogether different from what I was used to. I would have very likely built a solid academic career there, given the stellar tradition of this country in the field of research. But I never regret choosing to do what I do now.”

The executive believes that all his decisions were correct in the context they were taken, with the elements he had available.

“Any decision is the result of several variables, some of which are beyond our control. Once you stand by a set of values and conduct, all your decisions will be correct on a personal level, despite not all of them proving to be beneficial. I have an open approach to things and I do my best to find the best solutions.”

The entrepreneur admits being a great sport lover since childhood, with a bias for tennis; and he makes time to play football with his co-workers almost every week.

Rafael Nadal is his favorite sports figure so, not accidently, the executive is currently reading the tennis player’s biography; what he particularly admires and respects about the tennis world champion is “how Nadal does not allow professional rigor and discipline overshadow the joy and passion for the game. I just love how Nadal turns each game into a display of near perfection performance.” His favorite holiday destination is Spain, “for its geographical and cultural richness and variety.”

A personal goal for this year is – as he puts it – “the same as everyone else’s: fewer social restrictions and limitations, more visibility for our personal time and agenda. The past two years have taken their toll on every one of us, so I hope we will soon regain the personal balance and comfort we all need so much.”

Metaminds, one of the main providers of technology solutions for digital services in Romania, recently announced that the financial results of 2022 exceeded estimates and the company is still expected to grow even further in 2023. To find out more about the story of the Romanian company established in 2015, we sat down with Andrei Cruceru, co-founder & CEO of Metaminds.

How would you describe the development of the Romanian cyber security market in recent years and what are the prospects for 2023?

Let me start by quoting an official EU document stating that cyber-attacks „besides being among the fastest-growing form of crime worldwide, are also growing in scale, cost, and sophistication.”

For businesses that want to thrive in a global digital economy, this translates into increased additional risk and, so, they should prioritise securing the resilience of their digital infrastructures and services. No wonder then, that in the 2022 Gartner Board of Directors Survey, 88% of board members classified cybersecurity as a business risk.

This would explain why, if we speak in terms of revenue the market is expected to generate in Romania – according to Statista – „the Cybersecurity market is projected to reach US$161.00m in 2023”, showing a constant increase against previous years and expected to reach US$273.40m by 2027, according to the same source.

For Romania specifically, there is considerable growth potential for the market, coming from the Public/ Government sector, where we have seen an acceleration of major EU-funded digitalization projects aimed at upgrading or creating resilient digital infrastructures for public infrastructures and services.

Additionally, the new Network and Information Security (NIS) Directive (the NIS2), effective this January 2023, has expanded its scope of application with more stringent legal requirements for organizations.

This will lead, I think, to increased demand from the B2B and B2G sector for cyber security services and solutions in the following years.

Where is Romania in terms of cyber security, compared to other European states?

There’s no clear line separating cybersecurity from other IT&C areas of expertise. We know this, maybe best, as expert integrators of complex IT infrastructures and security solutions. It’s essential that we all look at it as part of an ecosystem encompassing everything digital for a country’s society and economy.

And from this perspective, in a highly digital global economy, Romania lags far behind competitive countries, including the resilience of some of its infrastructures and services. While we have the most IT specialists per capita in the world and one of the highest internet speeds, we rank last in Europe in terms of what means to be a digital economy and society (DESI) – digital public services, adoption of digital technology and digital infrastructures, digital skills or Internet use.

Even more aggravating, perhaps, is that we haven’t seen any significant improvement. For the past years, Romania has ranked among the worst performing EU countries according to the last DESI report, for all digital progress indicators mentioned above.

But on the positive side, we have a lot of room to grow, to use the most advanced technology solutions and expertise on the market to make a change for the better in Romania. Unfortunately, from a human capital perspective, we are faced with an acute shortage of expertise in both Romania and the EU. (In key areas such as cybersecurity or data analysis, there are constantly hundreds of thousands of hard-to-fill vacancies. – The 2022 DESI report).

This is a challenge that companies like Metaminds can address for someone wanting to build a solid career in this field.

The best place to become an expert is in companies such as Metaminds  – we have some of the best experts in the country and in Europe, working in some of the most complex projects for critical national infrastructures.

Are Romanian companies and state institutions more exposed to cyber-attacks considering the proximity to Ukraine?

The recent conflict on the Ukrainian territory is only one type of cyber threat. The stakes and the case for resilient and secure digital infrastructures is much larger than that.

The world will continue to evolve around technology. Our lifestyle as individuals and the long-term evolution of the society and organizations depend on how we integrate and use technologies in a safe and sustainable way.

As I was saying in an interview in December last year, states and organizations of all types and sizes – private and public – need to include the security of their data and digital infrastructures into the long term strategic plans. That is because their mere existence has technology built into their DNA as organizations of the future.

And, while cyberwarfare has been front center since the war started, the most frequent cyber threats are still linked to ransomware, malware, social engineering and threats against data (ENISA, 2022). Metaminds has some of the top expertise and solutions for this type of challenges. We never had a vulnerability problem with any of our national projects in critical infrastructures so far.

What are the main solutions available to companies to protect themselves against cyber-attacks? To what extent do cyber security solutions manage to keep up with the accelerated development of technology, but also with the number of cyber attacks that are more and more complex?

Technologies or practices by themselves are neither good or bad. In itself, cyber security is a set of technologies, processes, and good practices meant to protect. Cyber expertise can be put to good or bad use. It essentially depends on what you do with it. Artificial Intelligence, for instance, has become a cyberthreat when put to use for disinformation and deepfakes.

Metaminds provides the expertise and the tech solutions to design, implement and support advanced infrastructure solutions with a clear focus on securing the operational environment. So, stability and security are and will continue to be core to what we do for organizations.

How did the activity of Metaminds evolve last year and what are your estimates for the current year?

We have a solid business that has constantly adapted to market challenges. We have learned to be flexible both from a commercial standpoint and from a technical approach to our client projects.

Despite a rather complex and volatile international backdrop, Metaminds continues to be very well positioned to meet market and customer needs effectively and efficiently, while keeping a positive outlook on our sustainable growth objectives.

We will issue a financial report soon that will confirm we have exceeded our financial predictions and that will help us support our development plan with a new business line.

The Cyber security industry is projected to grow given the higher number of cyber attacks. How did the business strategy of Metaminds change to meet the market needs in this new context?

Scalable structures and security are part of our DNA and embedded within the client projects since day one. Metaminds has a vast experience in orchestrating IT architectures and cyber security solutions with the latest technologies in the industry. Since our inception in 2015, our technology partners have constantly awarded our industry achievements for complex national projects.

That’s why we also decided to transition to a more flexible and efficient management structure. As a result, we have redefined our corporate governance model, to attract investment that will support our development plans. Aimed at accommodating a growing number of customers and the company’s plan to set up new business lines, the new management structure includes a non-executive Supervisory Board and an Executive Board of Directors.

I will be presiding over the Board of Directors and oversee the company’s sales activity on a daily basis.

The expertise of the Board of Directors will translate into enhanced-quality services and results. As always, we are very well positioned to respond swiftly and efficiently to our customers’ needs at global industry standards, as well as to scale up our development plans and support the diversification of our business lines.

Metaminds, one of the main providers of technology solutions for digital services in Romania, confirms financial performance for all growth and profitability indicators, despite a difficult economic context. The company is very well positioned to support its development plans and set up an additional business line with a new IT&C area of expertise.

With over EUR 36mil in turnover at end  2022 (+84% YoY) and a growing net profit exceeding EUR 1.7 mil, Metaminds confirms financial performance superior to both initial estimates and the 2021 fiscal year.

“The 2022 financial results above expectations and the positive forecasts for 2023 are encouraging. They reflect both the growth potential of the market and how competitive Metaminds is. Also, the recent transition to a dual management structure and the addition of highly seasoned professionals to the top management team will support our growth and competitiveness further.” – Andrei Cruceru, Metaminds President of the Board & Cofounder

The current geopolitical context and the increasingly widespread use of smart technologies have stressed the need for cyber security at the level of IT&C infrastructures and systems critical to national security. As a result, states and international bodies have already adopted much stricter laws against cyber threats. As a result, organizations – both private and public – will have to make cybersecurity a strategic priority to ensure the resilience of their IT systems and operations.

Metaminds, one of the main providers of technology solutions for digital services in Romania, confirms the adoption of a dualistic governance structure. The new management model is the shareholders’ response thought to best accommodate a growing number of customers to the portfolio and the company’s plans to set up new business lines and attract investment. Going forward, Metaminds will be run by a non-executive Supervisory Board and an executive Board of Directors.

Overseeing the company’s long-term strategic approach, as President of the Supervisory Board, is Ovidiu Ghiman.  Ovidiu is a high-level and highly seasoned Romanian tech executive, currently CEO& Cofounder of Ronin – the startup crowdfunding platform that reached EUR 1mil in under 1 year since inception. Bringing with him over 24 years of proven expertise in top strategic roles with major corporations, he will be the head of Metamind’s new two-tier management structure as President of the Supervisory Board. Instrumental to the new strategic role Ovidiu is taking on, is his previous experience in attracting investment for fast growing companies.

“The top professionals working at Metaminds and the company values convinced me to join the team and contribute my expertise and professional record to the growth plans from a non-executive role. I bring with me my 24-year operational track-record in multinational organizations and the more recent performance in attracting investment for fast growing companies.

This is a major change for Metaminds, who is now redefining its corporate governance model to attract investment that will support its ambitious development planned designed by the management team. I’ve always been a supporter of performance and excellence and Metaminds is a perfect representation of these values, essential for a technology services company. What makes these values even more outstanding, I believe, is that they are the result of the work, the passion and the cohesion of a 100% Romanian team who became, shortly after its inception, an acknowledged and respected player on an extremely competitive and international market.” Ovidiu Ghiman, Metaminds President of the Supervisory Board.

Andrei Cruceru, who previously held the role of Sole Administrator with the company, has been appointed as President of the Board of Directors.

“The new governance structure and the expertise of the management team will translate into enhanced-quality services and results. As always, we are very well positioned to respond swiftly and efficiently to our customers’ needs at global industry standards, as well as to scale up our development plans and support the diversification of our business lines”, said Andrei Cruceru, Metaminds President of the Board of Directors & Cofounder.

State Level Security

We cannot start a Cybersecurity discussion without mentioning “The National Defense Strategy for 2020-2024” released by the Presidential Administration in 2020.

No National Information Security Strategy Clear Path

Although “The National Defense Strategy for 2020-2024” does mention some of the threats, risks and vulnerabilities related to the Information Security Domain, the strategy itself does not lay a clear path (or even a general set of recommendations) to achieve a National Information Security Strategy.
Three key elements must be addressed as a whole in order to achieve a complete and effective National Information Security Strategy:

Cybersecurity – the newest and unique national security issue of the 21st century. The shift from traditional hacker-based cyber-attacks to the use of offensive cyber weapons is the new reality. The potent nexus between threat and vulnerability makes it imperative that traditional information security strategies are enhanced but also transformed to a more resilient cyber security methodology.

Critical Infrastructure Protection – ICT will be an increasingly important underlying fabric affecting all aspects of a society and will influence its future economic prosperity. How the security and resilience functions of ICT and the information systems supporting critical infrastructures are designed, operated and monitored for threats to their operations will also influence perceptions of Romania by other nations within the international community, who are also addressing similar issues.

The National Information Security Strategy itself – it should be a related set of elements that form an integrated national strategy. The driving force behind the strategy implementation should be the Human Resource component. With development of trust and cooperation from a base of transparency, coordination and collaboration, the implementation is designed to support the national short and long-term ICT objectives.

1. Cybersecurity

Cybersecurity is an increasingly important challenge faced by Romania. Many of the core systems that underpin the economy and society are now enabled by information technology. While this has created tremendous benefit in terms of efficiency, it has also necessitated a more systematic approach to identifying and thwarting cyber-attacks and cybercrime. As the national cyber infrastructure is threatened, we will need to move quickly (both bilaterally and with private sector owners of critical infrastructures). Romania needs to be able to respond jointly and effectively to any attack and that takes expertise, preparation and cooperation. Achieving a cyber-resilient ecosystem is essential.

Many of the same vulnerabilities used to steal intellectual property can also be used to attack the critical infrastructures. Without an immediate national initiative to develop and implement a cybersecurity policy, Romania will continue to be at risk for a catastrophic attack to the nation’s vital networks – networks that power essential services for continuity of national security operations and economic stability.

2. Critical Infrastructure Protection

The National Information Security Strategy is focused on the information security efforts essential for protecting ICT, information systems and information. Within today’s world, ICT and information systems provide critical functions and services that affect the operations of a nation’s national security systems, government organizations, and private enterprises.

As operational dependency on the ICT and electronic systems increases, information security risks become more critical. Information security is not only an essential enabling function but it must also provide countermeasures to vulnerabilities that can be exploited. In addition, the implementation of the ICT, information systems, applications and operational processes affects the availability, reliably and sustainably of those “critical” functions and services in the face of disruptive events.

One of the overarching goals for the National Information Security Strategy is to provide a strategy and direction for achieving an appropriate and sustained level of ICT security. Each infrastructure operates within a unique set of requirements and collectively they contribute to national security and economic security at various levels of criticality. Most critical infrastructures, including those that perform national security functions, though generally fewer in number, perform and support the most important and fundamental role a government must exercise; namely, assuring national sovereignty and protection of its people.

Government functions and services, such as emergency services, are very critical and a variety of Government services are relied upon by its people for essential services and the orderly functioning and economic wellbeing of Romania. Many private enterprises (but not all) provide some nationally critical operations and services that underpin the effective operations of both government organizations, other private organizations’ operations and a vast array of services to the people of Romania; for example, financial services.

It is important that critical infrastructure protection and resilience be considered a separate element of an overall national security strategy. A separate Critical Infrastructure Security and Resilience Strategy for Romania should be developed. It must focus on both the physical protection of key assets and the security of ICT and information systems used within critical infrastructures. Without a comprehensive strategy, there can be no assurance that infrastructure security and resilience is being implemented and operated commensurate with identified national-level risks and interdependencies.

3. Romanian National Information Security Strategy

In order to achieve a complete and effective level of protection and defense of information and information systems the National Information Security Strategy should consider the following critical aspects:
Information Security Environment

The first and primary step is consideration and agreement at the national level on a secure and effective Information Security Environment. International research shows that a centrally-managed information security is the most effective and efficient. Because of domestic political factors, few countries are able to implement an effective centralized organization that includes the defense and intelligence sectors.

However, most countries have or are working towards a secure and effective national information security and cybersecurity for the protection of all the other ICT infrastructure and information systems. The current ICT environment with borderless infrastructure connectivity makes the threat, vulnerabilities and risk that one organization faces heavily dependent upon actions (or lack of actions) of other entities inside and outside the nation. This is why the traditional model of each organization being responsible for its own information security no longer works.

A central national environment with information security oversight, guidance and monitoring of the nonmilitary/intelligence sector on behalf of the entire nation is the best means of minimizing risk and providing maximum assurance against both natural and manmade accidents, disasters, attacks and exploitation. This information security environment should be responsible for the detailed implementation of the National Information Security Strategy objectives and recommendations.

Policies

The next step is agreement for, and development and adoption of, a set of national information security policies. This, in turn, will lead to national standards and best practices. Each ministry agency and organization should have the flexibility to adapt the policies and implement the standards according to their individual circumstances.

Regulations

This includes an update of Romania regulations and laws to take into account the legal challenges presented by the globally interconnected internet. The contents of a person’s social network page on such sites as Facebook, Twitter, YouTube or even a personal or organization’s website can be subject to unauthorized modification without the knowledge or permission of the owner. Hence, it is possible for someone whose objective is to damage the reputation of a person, organization or the state to surreptitiously plant false, inflammatory or pornographic information in an account. The defense is to minimize the vulnerabilities by employing good security measures, but ultimately a highly trained group of computer forensic specialists and investigators is needed to avoid falsely convicting innocent persons.

Risk Assessment and Management

Risk assessment and the management of risks are necessary since there is no longer an absolute defense against adverse events and attacks affecting information and ICT systems. This is because of today’s network interconnectivity and extreme ease of storing and transmitting and transporting (1 TB thumb drives can store ~100 million pages of text) sensitive and classified information. A companion to the risk assessment is a framework for ICT system assessments and audits to ensure the appropriate standards and policies are being met.
The technical infrastructure updating and hardening to a state of acceptable resilience takes longer to achieve but is a vital element of the National Information Security Strategy. Again, the interconnectivity dictates a n.

National ICT Infrastructure

National architectural framework, since all systems today will suffer successful attacks and/or some degradation due to natural events or accidents or both. Planning and implementing measures to assure a minimum grade of service is both prudent and necessary to achieve Romania’s evolution to a knowledge-based ICT economy.

National and International Cooperation

Expanding the internal cooperation communication regarding attacks, threats, vulnerabilities, mitigation techniques and best practices among and between Romania’s organizations is essential. Today, not every ministry is connected to Directoratul Național de Securitate Cibernetică (DNSC), which is an obvious starting point, but much more needs to be done for a deeper national cooperation. External initiatives with numerous international organizations are needed for any nation, since in many cases immediate mitigation against cyber-attacks depends upon international cooperative actions.

The sharing of information and establishment of a professional dialogue and trust regarding information security and cybersecurity between friendly nations is important. This provides information and cooperative preplanned actions that can improve the national defense from attacks on the national ICT systems and infrastructure (such as the electric, water, and oil/gas SCADA control systems) and those targeting valuable and sensitive information.

Human Resource

The major foundation block of the National Information Security Strategy, after the state decides upon an information security environment and policy approach is the Human Resource component. The strategy should support extensive development of Romanian citizens with a specific focus on solutions on the areas of IT, ICT and ICT security. However, the strategy focus should be a broader one than just an educational program and should be based in part on identifying citizens that could rapidly become important contributors to the needed IT and ICT security workforce.

Two groups identified are females and skilled male hackers with no formal degree, but very strong IT and ICT security knowledge. In many cases their capability and knowledge is far beyond what is currently taught in the universities. With appropriate vetting and training, they could provide much needed augmentation to the existing information security work force.

An extensive program to identify, educate and train Romanian citizens for upward mobile information security careers should be implemented. It should be based on one major change to a situation identified as a major factor in lack of skilled government IT and ICT security personnel. This situation is in part due to the very great difference in compensation for qualified IT, ICT and ICT security professionals in government positions and in private industry. One of the possible solutions could be for a special compensatory premium to be paid to citizens in government related functions purely based on their true capabilities and qualifications in these fields. There should be no distinction based on gender or unvetted paper credentials.

Research and Innovation

Research and innovation take longer to bear fruit, but the National Information Security Strategy should identify some initial projects that, in themselves, are valuable but are designed to expand the capability and success rate of researchers, innovators and entrepreneurs.

Resilience

Another feature that is most often applied to critical infrastructure protection but can be applied to all of the areas above is resilience. This is the ability to anticipate, absorb, adapt to and rapidly recover from potentially disruptive event or failure. And, not the least, to maintain and increase the confidence of the general public in the growing number of e-government services.

Written by Marius Marinescu, Chief Technology Officer METAMINDS

The photographer Adi Bulboacă is a great example of what it’s like to #beameta due to his profound passion for photography and the limits he exceeds with every project. 

We created the concept #beameta with the aim of trying to support those prone to fight and exceed their own limits for the common good. We wanted to find and reward the overachievers, those who are stepping outside their comfort zone and are pushing the boundaries of their own mind. When trying to come up with a name for the platform, we decided to get inspired by our own brand and call it #beameta. It’s a simple call to action, which invites people to embrace the overachieving typology, which is exactly what we are doing in our everyday’s work.

Adi Bulboacă, the renowned Romanian photographer, took his passion to a new level and because of this, he showed what it’s like to #beameta. His plan involved embarking on a trip to the North Pole to document the creation of EverRestless, the first Romanian documentary filmed in that area. He went to the North-West of Canada alongside two other colleagues, Sorin Florea and Tudor Petre, to document the experience of Vlad Crișan Pop, who was a part of the ultramarathon 6633 Arctic Ultra.

The race involves running for 620 km at a temperature of -30°C or even lower. The participants receive only hot water at the checkpoints, to use it either for a hot shower or to prepare some food or tea. They have to carry their own equipment across the entire distance and this sometimes can reach a weight of up to 35kg. Due to the extreme weather conditions, most participants suffer from hallucinations, fatigue and frostbites. Vlad decided to enter the race in order to raise money for the MagiCAMP educational scholarships, the same objective he has had for every race he has ever entered.

The moment we heard Adi’s plans, we knew that his intention of documenting the experience is a great Meta example, so we decided to sponsor the entire trip. Even if Adi is not directly involved in the race, he set himself a very difficult task, one that exceeds his limits, and those of his camera as well. This is what it’s like to #beameta: travelling to one of the most merciless places on Earth to shoot an experience that battles the mind and the human capacity to keep it under control when it starts creating its own reality.

The experience involved following Vlad on his trip to the North Pole, participating in his training and preparations for the marathon, as well as being by his side throughout the race. This happened from the back of a car that supervised him, since the participants are not allowed to come in contact with anybody. Adi confronted the harshest winter in the past 5 years with his camera in his hands, fingers freezing on the shutter button, to capture a mind-blowing adventure and to make it possible for others to experience it as well.