ISO 27001 certification by Secfix
Jessica Doering

April 8, 2024

-

2

 min reading time

Trying, Failing and Learning from this!

The idea was born in 2019 at the Technical University of Munich, where our two founders asked themselves the question:

"How to buy cybersecurity services?"

Because obviously there was (and is) a need in the cybersecurity industry!  

Grigory felt underwhelmed and fenced in by corporates. “I am a creative person, who always wants to try things out, but I was not really able to do it in the big companies, for which I was working as a student. I never had time for my own passionate ideas, because these companies always have to think about the core business.” Grigory was 18, when he built his first own company back there in Moscow, while he was a student in physics. He did his first MVP with excel sheets, while playing the drums in his free time. 

„Just do it and try!“ Especially after working for big companies, he missed the entrepreneur life. “I still wanted to do “this thing“ - but in my own company. Grigory is bubbling over with enthusiasm for his work: “It’s just amazing to see how people, who needed our services, reached out to us and were able to listen to them and give them what they needed. Love that!” 

There you get your motivation from! Doing what you love or at least like. 

What he learned: “You can always bring value to the customer in any way, just because it’s something they really need. Even though it was scrappy and not 100% user-friendly.”

His motto for life is: “Enjoy life and every opportunity, intensively, without planning every step of your journey” -  and to be honest, with that way of thinking, Grigory is not made for a strict and thoroughly organized structure and this is totally fine! 

In early 2020, we started our journey with requestee 1.0, our first product: the #1 marketplace for ethical hackers!

Like a booking platform for white-hat hackers, with ratings and an overview of skills and a lot of expertise. These good hackers must be of high quality and trustworthy, because a client puts his whole business in the hands of a stranger! So, our main goal was to help companies find these white-hat hackers as easy as ordering a pizza. And how? We look out for ethical hacking companies that are certified and verified, and therefore trustworthy.

Since our launch, we've been able to acquire small and large clients, from startups to enterprises, and build the largest partner network of ethical hacking companies in Europe!

But that was just the beginning - during our startup journey (and the worldwide pandemic), we realized that there is a much bigger problem for small and medium-sized businesses (SMEs) around the world. 

Fabiola: "Corona had become a very important topic for us, because especially SMEs suddenly had to go remote and they had to build their secure technical infrastructure from the ground up. Obviously, many companies weren’t prepared for that and even less prepared to get hacked! In 2019, cybersecurity was important, but not super important, because the companies’ management team were not aligned and everybody thought that it would take off in 3-4 years, but the pandemic hit hard and something happened. Their mindset completely changed. Our idea was basically booming, because there was a need in the market.”

Fabiola, who also always wanted to be an entrepreneur, tells further, that many companies didn’t really care about cyber security, actually before the pandemic (especially in Germany), they didn’t even think that much about how to implement cybersecurity processes, what exactly needs to be done in their organization to be and stay secure. Pentesting is only a small part of a large process. To build a cybersecurity baseline you also need to comply with best practices and security standards such as ISO 27001. But the usual methods for preparing for an ISO 27001 compliance audit are time-consuming, costly and error-prone. 

The problem was and currently also is that 60% of small-medium sized businesses go bankrupt six months after a cyber attack. Sad but true, often they can’t work for one week (or longer) after an attack. Since SMEs don’t have much cash flow running, they start to pile up debts and usually can’t pay them in the near future.

During the pandemic almost every company started to get hacked.. maybe due to the boredom of the hackers at home, we will never know...

Co-Founders of Secfix: Grigory Emelianov und Fabiola Munguia

Secfix developed automated cybersecurity processes for ISO 27001.

Secfix helped reduce the time, effort and cost of ISO 27001 certification with its software. 

We have therefore made it our mission to make life easier for SMEs by enabling them to become secure and ISO 27001 compliant in weeks rather than months. To this end, we have expanded our current marketplace for ethical hacking and developed our own software to automate security and compliance for businesses.

And Fabiola was also able to fulfill her wish for her own team. “I want to see a change everyday! Working with people who have the same mindset. I constantly wanna build something amazing and leave a print in this World. I want to see it grow. That’s my motivation behind becoming a founder.” Big words by a strong woman, who never lost her “go with the flow” motto on this journey. Both founders are passionate surfers. They do this around the globe. So it's no wonder that the team is represented on almost every continent. Sorry Australia, we haven't figured you out yet. Secfix stands for #workation. For the possibility to decide whether you want to go to the office or work from home, wherever your current home might be at the moment.


Focus on building Security with Compliance in the background

Secfix has the largest EU auditors network and minimizes time, effort and cost through its platform.

Book consultation

non-binding and free of charge

Other Articles

How to find experts who understand regulatory ISO 27001 compliance

How to find an Internal Auditor

Find a skilled internal auditor who is tailored to your company's needs

ISO 27001

ISO 27001:2013 vs ISO 27001:2022 Controls

Key Changes in ISO 27001:2013 to ISO 27001:2022 Controls

Adapting ISO 27001 Controls: A Transition from 2013 to 2022

ISO 27001

ISO 27001:2022

ISO 27001:2013

Gaining Insight into Third Party Vendor Security

Understanding Vendor Security Risks

Unraveling the Landscape of Vendor Security Risks

ISO 27001

Vendor management

Mastering Vendor Management in ISO 27001

How to approach effective Vendor Management in ISO 27001

Secure Partnerships: Elevating Your Business through Superior Vendor Management

ISO 27001

Vendor management

Implementation of ISO 27001 Risk Management

How to approach risk management in ISO 27001

Strategically navigating and mitigating risks is a crucial aspect of effective management

ISO 27001

Risk management

TISAX®: Main benefits for your company

TISAX®: Who needs it and why

A TISAX certification is mandatory for any organization engaging with key stakeholders in the German automotive industry

TISAX

Jessica Doering

Jess is the marketing mind at Secfix. She loves every dog on this planet!

Secfix News

Secfix News
Secfix News