In 2015 there were about 3.5 billion Internet of Things (IoT) devices are in use. Today, that number is around 35 billion and is expected to exceed 75 billion by 2025. IoT devices range from connected blood pressure monitors to industrial temperature sensors, and they are indispensable. However, each device increases an organization’s attack surface as well as the likelihood of a cyberattack.
The challenge was the driving force behind Ordr, a startup focused on device security at the network layer. Pandian Gnanaprakasam and Sheasong Yang, who have worked together at Cisco, Aruba Networks, and AT&T Bell Labs, co-founded Ordr in 2015 to address what they call “visibility gaps” in enterprise networks.
“We realized that corporate security had reached the breaking point as businesses tried to implement zero-trust strategies where they couldn’t even tell which devices were connected to their own networks,” CEO Greg Murphy said in an emailed interview with TechCrunch. “The visibility gap and associated risk was greatest for those unmanaged IoT, IoT, and operational technology devices that could not be secured like traditional IT infrastructure.”
Of course, the risk of hacks and ransomware has risen in recent years, especially as the pandemic has prompted organizations to bring more of their devices online. According to one study, 75% of all infusion pumps connected to the Internet contain at least one vulnerability is a problematic high figure Considering that there are between 10 million and 15 million medical devices in US hospitals today.
Murphy said that Want to cry, a coordinated ransomware attack in 2017 that encrypted hundreds of thousands of computers in a matter of hours, was a particularly strong “business accelerator” for Ordr. “Companies, especially in healthcare, have become aware of the threat not only to data privacy and security, but to every aspect of their operations as they have been forced to turn off their devices and return to manual processes overnight,” he added.
Recognizing the opportunity, investors including Dan Warmenhoven (former CEO of NetApp) and Dominic Orr (former CEO of Aruba Networks) contributed to Ordr’s $40M Series C funding round announced today. It was attended by Battery Ventures and Ten Eleven Ventures led by Northgate Capital, Wing Venture Capital, Unusual Ventures and several healthcare organizations including Kaiser Permanente Ventures and Mayo Clinic.
“The company’s revenue is rising,” Murphy said vaguely, adding that Ordr has more than 500 clients, including federal, state and local governments. “In other segments, such as manufacturing, security teams need visibility and security for connected devices. In the most recent quarter ending March 31, 2022, Ordr posted more than 140% year-over-year growth in new customer revenue, deployed in three of the world’s top six hospitals, and deployed at more than 150 manufacturing sites. ”
Ordr claims its technology can autonomously identify and secure connected devices by applying traffic and access policies. The startup’s system, which is deployed on top of existing infrastructure, uses machine learning algorithms to gain a basic understanding of device behavior and flag suspicious events.
It is important to note that no software is perfect. ESG 2021 report found that almost half of all alerts from cybersecurity tools are false positives and that 75% of companies spend as much or more time on them than on real attacks.
But Murphy argues that Ordr’s solution is distinguished by the transparency it offers for devices and risks, its “behavioral baseline” of devices, and its automatic generation of enforcement policies for networking and security products.
“Because devices are deterministic, with specific behavior based on their functionality, this “baseline” allows Ordr to detect devices behaving anomalously. These machine learning models also form the basis of the zero-trust enforcement policies dynamically generated by Ordr,” Murphy explained. “Ordr collects 1,000 attributes per device, including data from about 70 technology partners. The data models are built around use cases and have a continuous learning model built in by incorporating feedback loops from partners and customers.”
Ordr’s competitors include Palo Alto Networks. Zingbox, Armisand Claroty’s Medigate, as well as Clarothy, Sternum, Vdooas well as Karamba Security, which provide cybersecurity tools designed to protect industrial controls, the Internet of Things, and embedded systems. But despite wider economic hardships, there is a lot of venture capital in cybersecurity. Last year, a record $21.8 billion was invested in cybersecurity companies, with $7.8 billion invested in the fourth quarter alone. according to Crunchbase data.
“[M]Today, businesses understand the need to closely monitor and protect all their connected devices and secure them automatically… The Ordr platform provides device usage insights that can help organizations improve their operations as well as optimize their maintenance schedule [and] help CIOs inform and support asset management and purchasing decisions,” Murphy said. “The broader business slowdown will impact IT operating budgets, and those budgets will naturally be allocated to mission-critical initiatives and basic cyber hygiene required for business operations…. Given the continued rise in the number of connected devices, which coincides with a surge in cyberattacks, companies like Ordr are well positioned to expand even in challenging macro conditions.”
To date, Ordr has raised over $90 million in venture capital. With the proceeds from the recent round, Ordr plans to double its workforce of approximately 80 over the next year, with a strong focus on marketing, customer success and engineering teams, and a “focus on investment in partners,” Murphy said.
“These funds will be used to expand our go-to-market capabilities,” Murphy added. “On the technical side, the investment will be used to expand integration with leading security solutions and simplify workflows for all user classes, in line with Ordr’s goal of becoming the single source of trust for connected devices across the enterprise.”
Credit: techcrunch.com /