Ransomware, extortion, chaos, service disruptions, and data theft. Cyberattacks are becoming more sophisticated, and they are now regarded as the "new weapon" requiring advanced defense. Fernando Bortman, CEO of Bugsec, explains the shift in the global battlefield, how his company has solved highly complex problems, and why every company executive must take cyber threats seriously.
By: Uri Geffen, www.ynet.co.il
Original article in Hebrew
Fernando Bortman, CEO of Bugsec, one of the veteran players in the Israeli market, explains things simply. In his view, every organization, large or small, is exposed to cyberattacks that could cause immense financial and reputational damage, disrupt infrastructure, and steal sensitive data. “It’s no longer a question of ‘if’ but ‘when,’ yet we still encounter many clients who do not adequately protect themselves against cyberattacks,” he says. “We are here to combat cyber threats based on the belief that protecting digital information and assets is not a luxury but a leadership duty.” In today’s digital world, cyberattacks pose a clear and present danger to the existence of both companies and nations. A common mistake is thinking that migrating to cloud environments ensures optimal protection by cloud infrastructure providers. After October 7th, the understanding of how critical it is to defend Israel’s cyber space was sharpened, as the country has experienced a significant rise in cyberattacks on civilian and military targets since the outbreak of war.
Unlike other companies in the cloud security domain that offer only a technological product or basic managed services, Bugsec, under Bortman’s leadership, combines both and provides a 360-degree cyber defense solution. The company’s product, CYCL, offers a comprehensive response to current cloud challenges and allows organizations to monitor and manage their cloud environments securely and efficiently in real-time, alongside a managed service available 24/7. In recent years, and especially after October 7th, they have managed to assist many private and public entities both in Israel and abroad.
This combination of technology and managed services places Bugsec at the forefront of the field, ensuring effective protection and constant availability against the increasing cyber threats worldwide. Bortman explains, “The system we offer is based on highly advanced technology but is easy and user-friendly. Through an annual subscription, the system conducts continuous 24/7 scans of the cloud environment, immediately detects anomalies and vulnerabilities using artificial intelligence, and provides real-time alerts and responses to potential threats.”
“There is a wide range of cyberattacks. Some aim for extortion or ransomware, others to create chaos and disrupt services, while some are for intelligence and data acquisition. Often, we encounter clients who cannot even identify where the attack began. Recently, one of our clients suffered a severe cyber breach where the attackers, through SaaS (cloud applications), managed to encrypt the organization’s servers and demanded a ransom in Bitcoin in exchange for releasing the data. In this case, the investigation and cleaning of the infected servers were highly complex since the attacker penetrated the systems through multiple security breaches simultaneously. This event demonstrates the danger of cyberattacks, which can disrupt entire businesses and cause significant financial and reputational damage.”
How did you help that client?
“In every cyber event, we provide a complete picture of the attack, including the source of the breach, how the attackers infiltrated the organization, the tools they used, and how long they were in the network. In this case, we deployed CYCL while conducting a technical and forensic investigation. We mapped each server, identified the tools used by the attacker, and within a few days, we restored the client to full operation without paying the ransom. Often, small and medium businesses fear that cloud security is only suitable for large corporations, but the system we offer is highly effective and not particularly expensive.”
Does real-time protection against a cyberattack mean saving the entire organization and preventing significant damage at the national level as well?
“Absolutely. State-level cyberattacks can lead to the collapse of critical infrastructures such as railways, essential industries, and communication systems. We work with the Ministry of Defense and provide services to entities responsible for Israeli research in the cyber field. I can’t go into details about the projects, but I am encouraged by our capabilities in this area. Israel is perceived globally as a leader in the field. The international market recognizes and highly values veterans of various cyber units, and in many cases, this is a decisive factor when they choose cyber defense providers in the civilian market. Today, Israel is considered a leader in cloud-stored data protection, and it is no coincidence that Google wanted to acquire an Israeli company like WIZ. It’s important to understand the reality we live in and prepare accordingly. The cyber world is evolving, and those who don’t jump on the bandwagon will be left behind.”
Working During Emergencies
The events of October 7th caught Bortman during a round of meetings with clients in the U.S. He immediately made a U-turn and returned to Israel to be with his family and employees, understanding that the entire country was entering a very complex situation.
On his way to Israel, he convened all employees for a Zoom meeting, ensured everyone was safe, and then announced a transition to working from home. “The message was that we continue to work during emergencies and provide 24/7 assistance to our clients. One-third of our employees were called up for reserve duty. As cyber professionals, we were required to contribute to the effort, and of course, we mobilized and leveraged our technology to assist intelligence agencies and civilian entities searching for their loved ones. My employees were always at the forefront of my mind. Fortunately, none of them were directly harmed, but many were drafted, and some knew victims from the ‘Nova’ festival or knew of hostages. We provided psychological services to employees, and our HR team stepped up to meet every need.”
Leadership from the Ground Up
Bortman, 51, married with three children, immigrated to Israel from Argentina at age 17. He enlisted in the Navy’s Shayetet unit and entered the tech world in 1996 as a fraud investigator at telecom company 012. Later, he established the fraud prevention department at Orange. Since then, he’s had a managerial journey in senior positions at companies like Amdocs, Celtique, and Cognite, and even spent 11 years in a relocation. Two years ago, he was appointed CEO of Bugsec. “If I’ve learned anything from many years of managing employees and leading organizations, it’s that personal example is the foundation of good management. A manager must be well-versed in the details, deeply understand the subject they are dealing with, so they can help their employees grow, develop, and make the right decisions. I enjoy recruiting young employees the most and watching them grow and realize their potential. That’s my greatest satisfaction, and I strive to be a role model for them.”
How do you navigate all this in such turbulent waters?
“Leadership requires composure. First and foremost, we as managers must stand shoulder to shoulder with our employees. We need to convey that even in an emergency, we know how to work, find creative ways to overcome limitations, and keep moving forward. I strongly believe in the ‘how can we’ approach, instead of ‘why not.’ We cannot let this complex period paralyze us, especially when our work is so critical. I try to be very attentive to the employees and maintain open communication with them, but ultimately, we all remember that we have clients who expect us to continue standing by their side 24/7 to provide them with the best protection solution and ensure business continuity.”
