Wednesday, May 29 2024

Phosphorus Cybersecurity, a provider of full scope security for IoT devices, announced the completion of a $38 million Series A funding round led by SYN Ventures and MassMutual Ventures.

The new capital will be used to fuel the company’s growth and technology development for its Security of Things solutions, with a majority of the proceeds to be deployed into engineering talent to fortify its software, enhance the user experience and accelerate inbound demand. Continued strong demand for the company’s services, combined with an abundance of interest from investors, has enabled Phosphorus Cybersecurity to double its workforce over the past year and stay true to its commitment to add 50 new jobs by 2024, the majority of which will be in software engineering.

The company is also planning additional enhancements to its technology platform, including extended device coverage and more seamless integration with security platforms. Self-service demos and deployment will also be made available in 2022.

Founded in 2017 by Chris Rouland, Rebecca Rouland and Earle Ady, Phosphorus Cybersecurity provides unprecedented IoT defense solutions for enterprise customers. Through its automated security solutions against IoT’s most critical vulnerabilities, Phosphorus Cybersecurity enables organizations to scale IoT technologies without adding additional employees to secure them.

“The billions of IoT devices in use today are highly insecure and vulnerable to a wide range of attacks, which expose enterprises to many serious risks, from data breaches to ransomware,” said Chris Rouland, who previously founded Endgame and Bastille, and stood up X-Force at IBM. “We have secured millions of IoT devices in our customer environments, and I remain surprised at how lax these security practices have been, particularly since IoT is becoming a more important attack vector and growing rapidly year over year.”

Most enterprises have three times as many embedded devices as they do people, and this number will only continue to grow, as IoT devices are expanding at an estimated CAGR of 31%. This presents a massive, unprotected and often undetected cyber-attack surface. IoT is the softest target on the enterprise network with a seven-year half-life for vulnerability patching and infrequent credential rotation. 

Phosphorus Cybersecurity has found that 20% to 30% of today’s corporate networks are comprised of IoT devices, with little to no security programs in place. Across the enterprise, as high as 26% of all IoT devices are end-of-life and no longer supported with firmware updates by their manufacturer; and as many as 50% have known vulnerabilities or default passwords, with 20% of those vulnerabilities being critical CVEs (CVSS score of 9 or above). As an example of these weaknesses, Phosphorus CybersecurityTM recently observed one case in which hackers launched a ransomware attack on a prominent US company after infiltrating the network through an unprotected door controller.

“Phosphorus’s unique capabilities for hardening and defending IoT infrastructure are a real game-changer for the cybersecurity industry as until now these solutions have been mostly limited to ‘discovery’ instead of actual remediation and prevention of the risk exposure,” said Jay Leek, Managing Partner of SYN Ventures. “With the IoT market expanding rapidly, there is already a tremendous need for rigorous security at the endpoint level, and that need will increase exponentially in the coming years. We see Phosphorus playing a market leading role going forward, as its technology is by far the best solution for preventing these types of risks.”

Chris Rouland, founder and chief executive officer of Phosphorus Cybersecurity
Previous

CTI Networking Report

Next

How will SEC's Cybersecurity rules affect funds?

Check Also

Widget

Don’t Miss

Best Cloud Security Posture Management (CSPM) Software

Ellie Buscemi

What is Cloud Security Posture Management and how does it work? Cloud Security Posture Management (CSPM) is a product, service or platform that allows a business to protect their cloud infrastructure through the prevention, detection and response of cyber risks. A CSPM offering uses known and effective frameworks, regulatory standards and company policies to confirm […]

Best Privileged Access Management (PAM) Products

Lara Oporto

What is Privileged Access Management and how does it work? Privileged Access Management (PAM) products stand as a crucial fortress in fortifying your company’s digital landscape. Functioning as a meticulous guardian, PAM offerings orchestrate the establishment of access protocols, meticulously determining who holds privileged access to critical data and the specific circumstances under which such […]

Best Automated Moving Target Defense (AMTD) Offerings

Ellie Buscemi

What is Automated Moving Target Defense and how does it work? Automated Moving Target Defense (AMTD) is a recent innovation in cybersecurity that focuses on flexibility, deception and attack prevention. AMTD has four main components: it provides proactive cyber defense mechanisms, contains automation to change the attack surface, utilizes deception technology and can execute preplanned […]

Third-Party Risk Management Solutions

Lara Oporto

What is Third-Party Risk Management? Third-Party Risk Management (TPRM) software assists organizations in managing risks associated with their relationships with suppliers, vendors and service providers. The products offer a range of features to automate and streamline various aspects of third-party risk management. They typically include tools for risk assessment, due diligence, contract management and ongoing […]

Best Industrial Internet of Things (IIoT) Platforms

Lara Oporto

Industrial Internet of Things (IIoT) offerings are technological solutions empowering businesses to connect, manage and analyze data from a multitude of devices and systems within industrial settings, such as manufacturing, energy, transportation, logistics and healthcare. What are Industrial Internet of Things (IIoT) platforms and how do they work? Industrial Internet of Things (IIoT) platforms are […]

The words Endpoint Detection and Response (EDR) on a green background with lines on the right side of the image

Best Endpoint Detection & Response Platforms

Lara Oporto

Endpoint Detection & Response platforms continuously monitor endpoints for signs of malicious activities, such as unauthorized access or unusual behavior, enabling rapid detection and response to potential cyber threats to safeguard organizational assets. What is Endpoint Detection and Response and how does it work? Endpoint Detection and Response (EDR) is a cornerstone in modern cybersecurity […]