• Case

Almi

Co-Protecting the Next Unicorns

Supporting innovations and Swedish entrepreneurship is at the very heart of Almi Företagspartner’s business idea. In a world of rapidly evolving cyber threats, proactive detection and real-time response to attacks are top priorities on the security agenda. Almi’s initial sourcing for a 24/7 SOC not only resulted in better sleep but also turned into co-creating and customizing a close partnership with Truesec.

9 min read

Spotify. Klarna. Skype. They were once all unknown startups driven by fierce new thinking and bold strategies. Today they’re world-famous Swedish brands with a global presence. Sweden, especially Stockholm, has produced several successful tech unicorns – startups valued at over $1 billion over the years.

And chances are, right now, somewhere in a garage or home office, the next big thing might be in the making. Whether it’s a business innovation that revolutionizes the way we think, act, or use a specific service or perhaps a brand-new product – it’s also highly likely that the next big thing will eventually request and receive assistance from Almi Företagspartner (Almi).

Loans, advisory, venture capital; Almi Företagspartner and its subgroup Almi Invest offer several support functions for innovators of new business ideas. Owned by the Swedish state, it has both historical roots and a unique market position. Almi typically gets involved with new ventures and innovative business ideas at a very early stage.

As entrepreneurs interact with Almi, the organization is entrusted with a great deal of confidential information. While not all businesses can become the next Spotify or Klarna, their newly planted ideas, business plans, and intellectual properties still require cyber protection.

Jakob Lindström
Jakob Lindström, CIO, Almi

Establishing Almi’s first CIO function in 2019, Almi’s cybersecurity is always top of mind for CIO Jakob Lindström. During Spring 2022, strengthening the ability to detect and respond to cyber threats had become increasingly important.

Together with his CISO, Michael Herkommer, Jakob began sourcing for a Security Operations Center (SOC).

Strengthening Almi’s Detection and Response Capabilities

“Strengthening Almi’s ability to detect and respond to cyber threats was the foundation for our initial discussions. Our security operations center (SOC) provides a service called Detect and Disarm, and while we started talking based on the technical needs to implement such a service, we quickly realized the potential in supporting Almi with a broader partnership”, says Jesper Berglund, Strategic Advisor at Truesec.

Jesper Berglund, Strategic Advisor, Truesec

Finding a long-term Swedish partner based locally was important to both Michael and Jakob.

“We are a traditional buyer’s organization, continuously striving to become better and more efficient in our role as buyers and in our collaboration with our partners. Hence the need to join forces with the right partners and find continuity in them”, Michael explains.

Jakob continues:

“The security threats have changed, and we must defend ourselves accordingly. In our work, we get in touch with early innovations and are entrusted with sensitive information, ranging from business ideas and plans to intellectual property, such as patents – business ideas that really can become the next big thing”.

Co-Creating a Partnership in Cyber

As discussions progressed, both parties realized it was not “just” the SOC Almi was sourcing for. It was indeed a broader and more customized scope. Together, Almi and the team at Truesec found new ways to co-create the elements of the partnership.

Finding the ideal partnership and ways of working, then, how is it done? Is it even possible?

Truesec is a values-driven company with the sole purpose of preventing incidents, so a holistic approach to cyber characterizes all of the company’s assignments. Clients looking to find ready-to-buy functions instead of applying broader solutions will most likely not be a fit, Jesper and his colleague Johan Jarl, Strategic Advisor at Truesec, firmly explain.

This was not the case with Almi; on the contrary.

“With help from Jesper and Truesec’s legal team, we turned things around and said: ‘Ok, this is what we want from you.’ And then we built and customized the ingredients of our partnership together, which was a very valuable lesson for every one of us,” says Michael.

Michael Herkommer, CISO, Almi

Johan and Jesper affirm that Almi’s clear, transparent communication contributed to the joint success. Jakob also highlights how Almi’s unique role in Swedish society affected the importance of moving forward and being open about their current challenges.

“We run our business operations, but at the same time, due to our ownership, we’re also a “political” corporation.”

He elaborates: “We’re owned by the Swedish government; our mission is to aid Swedish society. This means that we’re exposed to risks affected by Sweden’s official position on various geopolitical issues. Hence, partnering with a strong and trusted industry brand is important to us.”

And with the right team in place, things moved quickly.

Starting the initial talks immediately after Russia invaded Ukraine in March 2022, just before the traditional Swedish Midsummer celebrations, all team members could check off a successful implementation of Truesec’s Detect and Disarm service.

“What perhaps has been the most fun part so far was going live with Detect and Disarm just before Midsummer. It was a great message for Jakob to be able to spread as well: ‘Everyone can check out for the holidays as we now have extra protection in place,’” Michael recalls.

Safe, Secured, and Supported

And protection is needed now more than ever. During September 2022, Truesec observed a sobering record of under an hour from the initial break-in to full encryption of IT environments, breaking the previous record number of at least a few hours.

Still, cybersecurity does not become a priority for many corporations until it’s too late.

“Having a service like this in place is one thing, but also having the ability to act on issues is key. In the case of an incident at Almi, we can fix or completely isolate it quickly”, Johan explains.

This is increasingly important as most intrusion attempts take place at night.

Johan says, “When Michael and Jakob sleep well at night, we do too, knowing we did a good job.”

Johan Jarl, Strategic Advisor, Truesec

Jakob and Michael confirm that being a CIO or CISO today can be stressful and challenging. Knowing this, Almi also decided early on that access to continuous support from Truesec’s strategic advisors should be part of the partnership package. The external perspective and Truesec’s updates on the current threat landscape not only support Michael in his role as CISO but also provide Jakob with valuable insights, which he continuously shares with his Board at their meetings.

In the end, however, having a partnership in place is perhaps most about knowing that if something were to happen, Almi has proactively done everything it could to be prepared.

“The way I see it, it’s about safety overall,” says Michael.

Jakob agrees, “The partnership with Truesec makes me feel very secure; having the partnership and the SOC service in place before Midsummer and the holidays really made a difference. I felt safe knowing we were now on the right track”.