After Triton Attack, CyberX Nabs $18M to Defend Industrial Networks

Cyber threats to industrial connected devices and critical infrastructure are growing, and more money is flowing into companies trying to thwart those attacks.

The latest deal is an $18 million investment in CyberX, a Boston-area startup whose software helps secure Internet-connected devices and networks in factories, oil rigs, electrical grids, pharmaceutical labs, and other industrial settings.

CyberX said it has raised $30 million in venture capital to date. Its latest cash infusion was led by Norwest Venture Partners, which previously backed cybersecurity firms such as FireEye and Fireglass, which was acquired by Symantec. Other contributors to CyberX’s Series B funding round include earlier backers Glilot Capital Partners, Flint Capital, ff Venture Capital, and OurCrowd.

CyberX said demand for its products and services has ramped up in the past year, amid a series of cyber attacks that have affected industrial businesses.

“Sophisticated malware such as WannaCry and NotPetya, along with targeted [industrial control system] cyber attacks such as Triton and Industroyer, have shown business leaders that industrial cyber risk can have a material impact on financial results, as well as potential safety and environmental implications,” CyberX co-founder and CEO Omer Schneider said in a press release.

CyberX’s software continuously monitors network traffic and analyzes the behavior of machine communication in order to prevent attacks and quickly detect and respond to threats. Its products can be integrated into the existing software tools and processes used by customers’ security teams, said Phil Neray, CyberX vice president of industrial cybersecurity.

“Security for industrial networks has been neglected for too long,” Neray said in an e-mail to Xconomy. “Most of these networks consist of legacy devices that were designed 10-plus years ago, and they lack modern controls such as authentication and segmentation—making them easy targets for cyber attackers.”

One of the challenges CyberX aims to address is the security risks that emerge when companies and organizations link their connected device networks with their corporate IT networks.

“Business initiatives such as smart manufacturing and the need for real-time intelligence from the factory floor are driving increased connectivity between industrial networks and corporate IT networks, which provides cyber attackers with additional pathways into industrial networks,” Neray said.

CyberX isn’t the only company focusing on securing industrial networks and devices. Other players include Waltham, MA-based Dover Microsystems, which grabbed a $6 million seed funding round this month; San Francisco-based Nozomi Networks, which raised a $15 million Series B funding round in January; Hanover, MD-based Dragos, which pulled in a $10 million Series A round in August; and New York-based Claroty, which announced a $32 million funding round in September 2016.

Schneider and Nir Giller, two veterans of the Israeli Defense Forces’ Elite Cyber Security Unit, started CyberX in Tel Aviv in 2013. They eventually set up corporate headquarters in Framingham, MA.

CyberX now has almost 75 employees worldwide, and it plans to hire more people in product development, threat intelligence and security research, sales and marketing, and customer service, Neray said.

Trending on Xconomy