As cybersecurity threats grew more sophisticated and AI began reshaping the digital landscape, Bulgarian entrepreneur Krasimir Kotsev saw a clear opportunity back in 2018 – the industry needed smarter, more adaptive defenses. At a time when most companies were still relying on static security tools and manual audits, he realized that automation and AI would soon become essential for staying ahead of cyber attackers.
That vision led him to found SoCyber, a cybersecurity services company built on his background as an “ethical hacker”, the kind who breaks into systems with permission, to expose weaknesses before the real hackers do. From SoCyber later emerged Kikimora.io, an AI-driven product designed to detect, assess, and respond to vulnerabilities automatically.
On the sidelines of How to Web in Bucharest, Krasimir told me how the two companies now work hand in hand: SoCyber provides the consulting backbone, while Kikimora pushes into the frontier of agentic AI – systems capable of making context-aware security decisions on their own. With Kikimora now expanding into Central and Western Europe, as well as emerging markets like Nigeria, Krasimir believes the region has the talent and momentum to become a global hub for next-generation cybersecurity innovation.
IT Logs: How have you seen the need for cybersecurity in the region grow over the past few years?
Krasimir Kotsev: The demand has been steadily increasing, especially among smaller companies. This is largely due to new regulations such as NIS2, DORA, and ISO 27001. Until recently, only large enterprises and major vendors were required to comply with strict cybersecurity standards. They already had protection mechanisms, incident response plans, and compliance teams in place.
Now, however, these same requirements are extending to smaller businesses. For example, if you’re a fintech company with around 80 employees, you still need to demonstrate that you can protect your data and manage risks. In the past, only big corporations had to fill out detailed cybersecurity questionnaires – covering topics like incident response, privilege access management, network compromise detection, business continuity, and disaster recovery.
Today, smaller “digital native” companies – whether in fintech, healthtech, or insurtech – are being held to similar standards. They now have to think seriously about cybersecurity, but many are struggling. They often lack the people, the expertise, and the expensive tools or licenses needed to build effective security systems.
That’s where we come in. With Agentic Kikimora, we provide a community version of our security and vulnerability management SaaS platform to help these younger organizations strengthen their cybersecurity posture and close those gaps.
IT Logs: Two major factors, the war in Ukraine and the rise of AI – how have these developments affected cybersecurity?
KK: The war in Ukraine has been a major driver of change. A lot of funding is now going into dual-use solutions that serve both civilian and military purposes. These include cybersecurity platforms for threat assessment, offensive security, and incident response – tools that help detect and respond to attacks in real time.
The conflict has created an entirely new cyber landscape. On a government level, we’re seeing constant attacks between states – targeting public administrations and, most importantly, critical infrastructure. That includes power plants, nuclear facilities, financial services, hosting providers, and telecom operators. These are the backbone of any country, and militaries are trying to exploit them as attack points to create panic, chaos, and large-scale disruption.
The second major factor is AI, which has opened an entirely new attack vector. Because of the explosion of AI solutions and large language models, almost anyone today can build an application in just a few hours. But very few can build a secure one. Using pre-trained AI models to develop new tools often introduces a huge number of vulnerabilities and potential entry points for hackers.
And then there’s the darker side of AI use – in phishing and deepfake campaigns. It’s no longer the “Prince of Nigeria” sending you an email. It could be a message in your own language, in the voice of someone you know, or even a video of your coworker. We’ve seen deepfakes generated with just a standard GPU card and a few weeks of training. We even tested one ourselves, creating a deepfake video of a well-known journalist – just to demonstrate how easy it’s become.
IT Logs: What types of threats are becoming more advanced?
KK: We’re seeing increasingly sophisticated threats across the board, but they mainly target companies. Individuals matter only insofar as they hold corporate data – ultimately it’s organizations that suffer the most.
The human factor remains the weakest link. People are still the easiest way in, which is why social-engineering attacks are so effective. For example, we recently ran a phishing exercise with a bank and successfully created an entry point into their environment. That shows how well-crafted phishing campaigns can bypass technical controls by exploiting people.
So, expect more targeted phishing, more advanced social engineering, and attacks that combine technical complexity with psychological manipulation. Those are the trends that worry me the most.
IT Logs: Cybersecurity talent in the region is quite scarce. How do you see the current situation, and what advantages does the region have?
KK: I actually believe some of the best hackers and cybersecurity experts in the world come from Central and Eastern Europe. Countries like Macedonia, Bulgaria, and Romania have produced exceptionally skilled professionals. The challenge is that our community is still small – we simply don’t have the same numbers as countries like Russia or North Korea, where there are thousands of people working in the field.
That said, the expertise here is of very high quality. The region has enormous potential to grow, and we’re already seeing positive developments. There are many new initiatives – digital academies, online universities, and training programs – focused on building cybersecurity talent, ethical hackers, and security auditors.
Cybersecurity is becoming a well-established industry in this part of Europe. We’re producing strong incident response specialists and if we continue investing in education and innovation, the region could very well become a kind of “local Silicon Valley” for cybersecurity in Europe.
IT Logs: What are your expansion plans, and what’s next for Kikimora?
KK: Kikimora is currently expanding actively into Central and Western Europe, as well as Nigeria. Nigeria is one of the most promising emerging markets – it’s relatively easy and low-cost to enter compared to regions like the US or the UAE, where competition and operational costs are much higher.
In terms of technology development, our focus is on building more integrations. That’s the real strength of agentic AI systems – the more integrations you create, the better the system understands the organization’s structure and business logic. This allows it to make smarter, more context-aware decisions and deliver stronger cybersecurity outcomes.
