After experiencing a cyberattack herself, Liba Shem Tov teamed up with Gabriel Marcus — an ethical hacker and senior cybersecurity professional — and together they founded Be Safe, a venture designed to help organizations and businesses protect themselves through consulting, awareness, and practical guidance.
Be Safe, a new startup initiated by Liba Shem Tov and Gabriel Marcus, was established to help organizations and companies defend themselves against cyberattacks and hackers — specifically from the perspective and experience of a hacker himself. The support is provided through tailored consulting and professional training.
Marcus, who serves as the company’s VP of Information Security and Technologies, previously worked as an ethical hacker. Shem Tov serves as the company’s CEO.
"Ever since I was a child, I loved computers and learned how to do things people thought were impossible. I always loved exploring and getting into places others could not access — always for a good purpose," Marcus said.
According to Marcus, whenever he discovered a breach or weakness, he made sure to alert the relevant parties. He added that he dedicates time every day to learning about new intrusion techniques, emerging threats, and changes in the cybersecurity world.
He also noted that one of his hobbies is malware analysis and building real attack simulations — מתוך the understanding that knowing how attackers think is essential to building strong defenses.
According to Shem Tov, Be Safe was born out of the need to deal with cyberattacks and out of frustration with the limited ability of authorities to provide meaningful help in certain cases. The idea for the company emerged after she personally experienced a cyberattack and found that available assistance was insufficient.
During her research and learning process, she met Gabriel Marcus, who helped her personally. She said that their partnership brought together passion, a desire to help, hands-on experience, professional knowledge, and international certifications.
Shem Tov added that they quickly realized they could and should use their skills to help businesses and individuals defend themselves in a complicated environment, where cyber threats continue to accelerate along with technological progress and easier access to offensive tools.
A Trojan Horse Inside a Resume
Among the cases handled by the company, Shem Tov described an incident during the recruitment process of a large Israeli organization. The company received dozens of resumes from private applicants, and during the review of the files it became clear that one of them contained a Trojan horse designed to create a backdoor and allow the attacker to take over the computer.
She explained that this method, known as steganography, allows an attacker to hide malicious code inside files or images in a way that is not immediately visible. The attack was stopped using monitoring tools, and the threat was removed.
In another case involving social engineering, Shem Tov described an incident at a large financial company. The mobile phone of a senior executive’s spouse was attacked באמצעות phishing, and this gave the attackers access to the executive’s own computer because both devices were connected to the same inadequately secured home network. Sensitive information was stolen, but the attacker was eventually identified by cyber detection systems.
One of the most important defensive tools is penetration testing — a process that simulates a real attack through the eyes of a hacker and gives the organization a clear map of its security weaknesses.
Shem Tov emphasized that at the end of such a test, the business receives a report that accurately maps vulnerabilities and weaknesses, giving it an opportunity to fix them before they are exploited. In some cases, she noted, such testing may even be required by law.
She also stressed that penetration tests should be conducted by qualified professionals with recognized international credentials, and that the quality and standard of the final report are highly important for regulatory, contractual, and market-facing purposes.
"Awareness and Vigilance Are a Deterrent Tool"
According to Shem Tov, information security is also a core layer of privacy protection, reflected both in Israeli privacy law and in the European GDPR, which came into force in May 2018.
She explained that these laws and regulations govern the collection, storage, and processing of personal data, and set binding rules for the protection of privacy. In some cases, Israeli organizations that do not physically operate within the EU may still be subject to GDPR if they process personal data relating to individuals in EU territory.
Following consultation with attorney Eldar Sivan, who works in the fields of high-tech and privacy law, the conclusion was that every business that holds, collects, or processes information should examine with experts whether it is subject to Israeli privacy law or GDPR. If the answer is yes, the organization may need to take multiple actions, including broad compliance reviews, privacy policy updates, contractual adjustments with employees, vendors, processors, and customers, and updates to data subject notices.
Failure to comply with GDPR may result in warnings, periodic audits, and very significant fines — up to 4% of annual turnover or up to EUR 20 million.
In conclusion, it was emphasized that a penetration test report signed by a qualified expert is a critical element within the range of measures any organization holding sensitive information should consider. Beyond reducing legal and technical exposure, such work can also strengthen the confidence of owners, executives, and customers alike.
Ultimately, awareness and vigilance are themselves a powerful deterrent. They help build the defensive layers around a business, strengthen customer trust, and reduce the risk of neglect that only becomes visible once the damage has already been done.