Suh Sang-duk, CEO of S2W, said this in an interview with ChosunBiz at S2W's headquarters in Seongnam, Gyeonggi, on the 24th. Suh said, "This year, hacking incidents have erupted one after another in Korea, which is not just a temporary phenomenon but a new standard occurring worldwide," adding, "Since COVID-19, data held by individuals or corporations has been tied to networks, making any security incident potentially fatal, so proactive preparation is crucial."
Founded in 2018, S2W first made a name for itself as a "dark web analysis company." During the "Nth Room case," which sparked public outrage for the sexual exploitation of minors, S2W uncovered traces of illegal transaction on the dark web. Its technology at the time was recognized enough to lead to investigative cooperation with Interpol. S2W later expanded its business scope. Moving beyond tracking illegal activities in the cyber underworld such as the dark web, Telegram, and cryptocurrency transactions, it reinvented itself as an information security company that comprehensively analyzes external security threats to corporations.
S2W's core technology today is knowledge graph–based multi-domain cross-analysis. It collects and refines multi-source, heterogeneous data across multiple domains such as social media, virtual asset exchanges, and the dark web, then uses specialized artificial intelligence (AI) to cross-analyze their connections and derive insights. For example, if a hacker communicates via Telegram and conducts illegal transaction on a virtual asset exchange, S2W cross-analyzes the different data by domain to find and visualize the links. It is a solution similar to Palantir's "Ontology."
Based on this technology, S2W provides: ▲ the "XARVIS" cyber defense solution for national security and investigative agencies ▲ the "QUAXAR" cyber security solution for corporations and institutions ▲ the "SAIP" solution supporting industry-specific AI transformation (AX).
S2W's revenue is growing rapidly. Revenue rose from about 500 million won in 2019 to 4.1 billion won in 2022, 6.3 billion won in 2023, and 9.6 billion won last year. In particular, the overseas share of total revenue increased from 0.2% in 2022 to 6.1% in 2023 and 23.7% in 2024. S2W successfully completed its initial public offering (IPO) in September, securing a stable funding base. On the first day of listing, the share price rose about 80% from the offering price, bringing the market capitalization to about 254 billion won. S2W said it plans to use the funds raised through the listing to establish subsidiaries in Japan and Singapore and to build a global IDC (internet data center).
After graduating from KAIST, Suh worked as an IT developer, earned an MBA in the United States, and then served as a consultant at Boston Consulting Group (BCG) in the Seoul office. Suh later moved to Lotte Group's Corporate Strategy Office, where Suh handled new business strategy and venture investment. At that time, Suh had a first startup experience through Lotte Group's in-house venture project. Building on that experience, in 2018, Suh co-founded S2W with KAIST classmate Shin Seung-won, a professor in KAIST's School of Electrical Engineering. The following is a Q&A with Suh.
—What roles do the main solutions XARVIS, QUAXAR, and SAIP each play?
"XARVIS is a platform that analyzes cyber underworld data and is used for national security and crime response. It is S2W's flagship solution, concentrating the company's technological capabilities, and serves as the spearhead for opening overseas markets. QUAXAR is a corporate solution that cross-analyzes external corporate data to detect data leaks and supply chain vulnerabilities early. Given the large market size, it is the core product that will drive substantial revenue as a cash cow. SAIP is a solution that supports AX (AI transformation), a next-generation platform that helps safely manage complex internal data and build corporation-customized AI."
—Do you have any case studies of solution deployment?
"Given the nature of the security industry, we have nondisclosure agreements with clients, so I will explain in abstract terms. Recently, there was a case where a Zero-Day vulnerability spread rapidly via the dark web. S2W detected it early and sent advance warnings to clients who might be exposed to exploitation of the vulnerability, and although there were subsequent intrusion attempts, all were blocked. In another case, administrator or virtual private network (VPN) account information is sometimes traded at high prices among hackers. When such high-privilege accounts are leaked, it usually leads to a major security incident within one to two weeks. S2W detected signs of client account leaks, immediately guided password changes and access blocking, and prevented damage. Through these responses, we have maintained a 100% client renewal rate."
—What led you to decide to found a security company?
"While handling new business strategy and venture investment at Lotte Group, I was first exposed to the startup ecosystem. I later ventured into starting a business in apparel distribution through an in-house venture project, but after two years I closed it and learned a painful lesson. When I was about to give up on founding again, my KAIST classmate and co-founder, Professor Shin Seung-won, proposed an idea that changed my mind. Shin was researching technology to analyze the dark web and virtual assets, and proposed creating a "Korean data intelligence company" like Palantir. I judged it better to focus on a sharp technology than on a business anyone could do, and co-founded S2W. In the early days, fundraising and acquiring customers were the hardest. In particular, there was a strong perception that domestic security companies faced a small market and difficulty going global, and we persuaded investors and the market with a determination to break that wall."
—As Korea's only Interpol partner, what is your secret to long-term renewals?
"From its early days, S2W has researched cross-analysis technology between the dark web and virtual assets. A paper we released using this technology caught the eye of Interpol's unit dealing with virtual asset crime response, and Interpol reached out first to propose cooperation. As virtual assets rapidly spread as a new cross-border crime tool, it was difficult for individual national police forces to respond alone. In the early stage of cooperation, we focused on supporting virtual asset investigations, and later we also cooperated in investigations of international crimes that Interpol prioritizes, such as human trafficking and wildlife smuggling. In tracking international ransomware organizations, S2W provided key leads and received high marks. Recognized for these contributions, we were upgraded from a pro bono partner to a paid contractor in 2021 and have maintained a long-term contract to this day."
—What direction should Korea's security system take?
"With the rise of remote work and cloud migration, most organizations have shifted to open network environments premised on external connections. This change has given hackers more opportunities and tools to attack. Security incidents are 100% human-caused, but I believe it is a problem to make corporations responsible even for attacks that cannot be prevented. Therefore, while identifying and strictly punishing perpetrators, if a corporation has made an appropriate level of security investment based on the scale of its assets and the importance of its data, corresponding immunity should be granted. If this approach is introduced, corporations will invest not just for appearances but for real security enhancement, and as a result, the overall competitiveness and level of the security industry will rise."
—How do you view the increasingly sophisticated cyberattacks as AI advances?
"It is becoming harder to distinguish real from fake, and cybercrime that penetrates beyond form into context will likely proliferate. Hacking is no longer the domain of experts. If AI is used, ordinary people with criminal intent could do it easily. That said, we have already faced similar risks. There have long been machines that amplify human threat capabilities, such as guns, weapons, and cars. Systems that prevent such tools from expanding social harm are important. I believe security threats from AI can also be managed through social consensus."