Now Reading
Meet Bitdefender’s Chief Security Strategist, Catalin Cosoi

Meet Bitdefender’s Chief Security Strategist, Catalin Cosoi

by FileCriticJanuary 29, 2016

FileCritic Interview: Meet the Vendors


When Bitdefender was founded in 2001, the company actually was already quite experienced in Internet Security:

With the predecessor of Bitdefender,AVX, the specialists already brought innovations like the autoscan of downloads in the background with a browser-plugin.

But with Bitdefender itself they finally made it at the top of the business: With reliable and user friendly security-software the company managed to became one of the biggest and best known players on the market. talked with Catalin Cosoi, Chief Security Strategist, about the company, upcoming threats in 2016, and the role of mobile security in the future.


1) Catalin, what was your first contact with PCs, and what led to the founding of Bitdefender? Was there something which you didn’t like in other tools and you decided to make it better yourself?

My first encounter with computers dates back to 1996 at a local study group where I was studying biology with a group of colleagues. I guess you can call it computer science even if it was back in the early days when they were bulky, clunky and completely non-user friendly. And yes, we were using radio tapes as a storage mechanism.

I got my own PC sometime in 1998. I remember that the lack of hardware resources encouraged people to be very efficient when it came to storage and processing power. For that matter, how many things you can do on a 166Mhz computer with a 4 GB HDD (the size of a modern-day DVD)? My smartphone is a gazillion times faster than the first computer I had. Nobody back then used to complain and you had to work with what you had.

As for how Bitdefender started, the security market was not as crowded and most malware usually had a geographic distribution. With the internet still in its infancy, threats usually “traveled” via infected floppy disks (for those that still remember what they used to look like) and security vendors usually issued updates/fixes monthly, at best.

Before Bitdefender, our founder used to have an outsourcing company that had several clients around Europe. At one time, he received an infected floppy disk and he wanted to both restore the date on it as well as sanitize it. Since malware is just a piece of code and we had some really good coding skills, we successfully removed the threat came up with a “vaccine” so that our partners would never be affected by the same virus. And that was it. It was then when we realized that there’s a demand for these types of skills and we could make a significant contribution in the long run.

It wasn’t long after that that we put together a small team and started developing what was first known as AVX – our first security solution – that came with advantages that the competition didn’t have (e.g. firewall, hourly security updates). In 2001, Bitdefender was officially a standalone company internationally awarded for its technology and malware detection skills.


2) The symbol of your company is a mixture of a dog and a dragon. Is there a special reason for that or was it just the style, you liked?

The dragon-wolf is a symbol of courage that dates back to our ancestors, the Dacians, who were famous for their courage in battle. When they would go to battle, they would carry the “Dacian Draco” – their standard ensign in the form of a dragon with open wolf-like jaws. When air entered the hollow mouth opening of the Draco, it would make a shrill sound, creating the impression that it was alive and dangerous. This would not only encourage the warriors, but also frighten their enemies and help the Dacians win battles.

We continue to carry the standard of our Dacian ancestors as a symbol of courage, determination and victory in our fight against online threats.


3) The usage of an Anti-Malware Tool shouldn’t present the users with big problems – the interfaces were already mostly tidy in the past. What did Bitdefender, to improve the user experience in the current Version anyway?

Because there’s no reason for a security solution to have a clunky user interface, we decided to get a great deal of feedback from our users to deliver an experience that’s both seamless and consistent across all our product offerings. To this end, many of the new visual elements were not only focused on simply providing access to new features, but were also integrated with the already existing visual elements and usablity guidelines.

Delivering a great product is not only about having the best technology, but also offering users a great interaction with it’s features and intuitive accesses all it’s customizations.


4) Every year the new security software is tested and compared by institutions like AV-Test. The current results show an obvious triumvirate of Bitdefender, Kaspersky, and Avira. How important is that for you and is there anything you can learn from your contestants?

Competition is always the best motivation for driving innovation and development. We’ve constantly researched new threat-detection technology that’s even present in some of our competitors’ products. Not only is the security landscape constantly evolving – pushing us to constantly innovate – but this constant pressure from both security competitors and malware developers has brought forward only the best talent, ingenuity and resourcefulness when it comes Bitdefender.


5) What would you tell someone, to convince him of Bitdefender, compared to its competitors?

The best thing about Bitdefender is that it’s a technology company that has made a name for itself when it comes to the effectiveness of its security solutions. It’s also one of the few security technology visionaries that focuses not only on the long term strategic impact of new security technologies, but also on forecasting security trends and needs.


6) Microsoft is pushing it’s own security tool Windows Defender more and more. In the past the Software wasn’t as effective as the big players, but it gets better with every new version. Is that a kind of threat for classical extern security programs? Could they just boot out other security programs by not letting them into the system as easy as before?

While it is true that Microsoft has gone to great lengths to augment its security program, threats do not stop at the Windows operating system nor are they limited to desktops or PCs. The continued and accelerated proliferation of “smart things” creates new security necessities that cannot be addressed by the traditional way of thinking. We’ve been anticipating this paradigm shift and have already focused on delivering an innovative platform-agnostic security solution that can protect Windows-operated devices, as well as every IoT household device, regardless if it’s a Mac, Android, smart thermostat or even a smart doorbell.

The traditional way of looking at security will have to transcend barriers imposed by operating systems, and look at the problems associated with internet connectivity and threats.


7) After so many years of experience in PC-security: Are there any predictable threats and security problems you see for 2016?

2016 will probably be the year of ransomware, extorsionware and blitzkrieg attacks on companies. We’ve already seen ransomware moving past the Windows platform and shifting towards Linux and Android. Extosionware will become common as attackers start demanding money from breached companies to not expose their critical data online. To this end, cyberattacks on businesses will be swift, decisive, and highly motivated by financial gains. We’ll probably see more corporate data breaches in 2016 than in the past 3-4 years put together.


8) But the PC isn’t the only platform anymore, where security is important. Smartphones spread all over the world, but also are new targets for cybercriminals. How do you see the importance of mobile security today? Is it already more important than the PCs sector and what are the special threats there?

Smartphones on the Android platform have been favored by malware developers in the past couple of years, mostly because Android has the largest market share. Consequently, malware has become increasingly advanced in terms of obfuscation techniques, stealth capabilities and diversity.

Some of the top global malware families revolve around fake applications that pretend to be games or productivity tools – when in fact they perform malicious activities – and Trojans that rack up victims’ phone bills by covertly sending text messages to premium rated numbers. Ransomware has also become a major concern for Android, as it ranks first in countries such as UK, Germany and Australia. In Q4 2015 alone, ransomware accounted for more than 19.48 percent of all malware reports in UK, 33.3 percent in Australia, and 28.89 percent in Germany.

Considering that mobile devices have become an important part of our daily lives, it’s worth noting they can also be a security risk to companies. Poorly implemented BYOD practices could have dire consequences if infected mobile devices are used as an attack vector for breaching corporate security.


9) If your users want to get in personal touch with you: Are there any upcoming events, where they or interested partners could meet Bitdefender?

Bitdefender is an active member at all popular and major security events, so it’s likely that anyone interested in discussing security issues with a Bitdefender security expert will have the opportunity to find one there.

As for myself in particular, I’m available on all communication channels (email, phone, instant messaging (all platforms), Twitter, LinkedIn, Facebook and so on. All they have to do is to reach out.


10) There is a lot of software on the market and even more apps meanwhile. Are there any of them you like especially, or that have/had a special meaning for your life? And is there a story behind it?

I’m probably not the right person to be asked this question. Considering my job description, I’m using multiple operating systems, such as Windows, MacOS, Kali Linux and a handful of applications. I wouldn’t point to one that I like most, as each OS or app or even IoT device has its pros and cons.


11) A lot of talented coders moved to Bucharest the last years, and it’s said to be a beautiful city. What are the advantages there compared to places like London or Berlin?

Bucharest and other cities in Romania, such as Cluj or Iasi, have established themselves as technology hubs mostly because of skilled developers that turned to the entrepreneurial side. We’ve always had a deeply rooted culture in exact sciences, which led to one of the highest average of skilled developers per country.

Talented coders probably moved to Bucharest not only because it’s a multi-cultural European city, but also because there are a lot of other talented coders here with whom they can exchange ideas and kick-start small tech businesses that have huge potential. The IT industry in Romania is booming right now and it’s the perfect time for coders to turn entrepreneurial and start what could be considered the Silicon Valley of East-Central Europe.