In 2015, approximately 3.5 billion Internet of Things (IoT) devices were in use. Today, that number stands at around 35 billion and is expected to eclipse 75 billion by 2025. IoT devices range from connected blood pressure monitors to industrial temperature sensors, and they are indispensable. Yet each device increases an organization’s attack surface, as well as the potential for a cybersecurity attack.
The challenge was the driving force behind Ordr, a startup focused on network-level device security. Pandian Gnanaprakasam and Sheausong Yang – who between them have held roles at Cisco, Aruba Networks and AT&T Bell Labs – co-founded Ordr in 2015 to bridge what they call the “visibility gap” in enterprise networking.
“We realized that enterprise security had reached a breaking point as enterprises attempted to implement zero-trust policies when they couldn’t even determine which devices were connected to their own networks,” said CEO Greg Murphy to TechCrunch in an email interview. “The visibility gap and resulting risk was greatest for unmanaged IoT devices, the Internet of Medical Things, and operational technology devices that could not be secured like traditional IT infrastructure.
Certainly, the risk of breaches and ransomware has increased in recent years, especially as the pandemic has prompted organizations to move more of their devices online. According to a study, 75% of all internet-connected infusion pumps contain at least one vulnerability – a problematically high figure considering that there are 10-15 million medical devices in US hospitals today.
Murphy said WannaCry, the coordinated ransomware attack in 2017 that encrypted hundreds of thousands of computers in hours, was a particularly powerful “business accelerator” for Ordr. “Companies, particularly in the healthcare industry, have realized the threat not only to privacy and data security, but to all aspects of their operations, as they have been forced to disconnect their devices and return to manual processes overnight,” he added.
Recognizing the opportunity, investors including Dan Warmenhoven (former CEO of NetApp) and Dominic Orr (former CEO of Aruba Networks) contributed to Ordr’s $40 million Series C funding round, which was announced today. Battery Ventures and Ten Eleven Ventures co-led by Northgate Capital, Wing Venture Capital, Unusual Ventures and several health organizations including Kaiser Permanente Ventures and Mayo Clinic participated.
“Business revenue has accelerated,” Murphy said somewhat vaguely, adding that Ordr has more than 500 customers, including federal, state and local governments. “In other segments like manufacturing, security teams are looking for visibility and security of connected devices. Ordr saw more than 140% year-over-year growth in new customer revenue in its most recent quarter ending March 31, 2022, is deployed in three of the world’s top six hospitals and has been adopted in more than 150 manufacturing sites. ”
Ordr says its technology can autonomously identify and protect connected devices by enforcing traffic flow and access policies. The startup’s system, which deploys on top of existing infrastructure, uses machine learning algorithms to establish a baseline understanding of device behavior and flag suspicious events.
It is essential to note that no software is perfect. A 2021 ESG report found that nearly half of all alerts from cybersecurity tools are false positives, and 75% of organizations spend as much or more time on them than on actual attacks.
But Murphy argues that Ordr’s solution is differentiated by the visibility it provides into devices and risk, its “behavioral basis” of devices, and its automated creation of enforcement policies across network and security products. .
“Because devices are deterministic, with specific behavior based on its function, this ‘baseline’ allows Ordr to detect devices that are behaving abnormally. These machine learning models also form the basis of the zero-trust enforcement policies that are dynamically generated by Ordr,” Murphy explained. “Ordr collects 1,000 attributes for each device, including data from nearly 70 technology partners. Data models are built based on use cases and have a built-in continuous learning model by incorporating partner and customer feedback loops.
Ordr’s rivals include Claroty’s Zingbox, Armis and Medigate from Palo Alto Networks as well as Claroty, Sternum, Vdoo and Karamba Security, which provide cybersecurity tools designed to protect industrial control, IoT and embedded systems. But despite broader economic headwinds, there is an abundance of venture capital to make the rounds in cybersecurity. Last year, a record $21.8 billion was paid out to cybersecurity companies, with $7.8 billion invested in the fourth quarter alone, according to data from Crunchbase.
“[M]More than ever, businesses today understand the need to closely monitor and secure all of their connected devices, and to do so in an automated way… The Ordr platform enables device usage insights that can help organizations be more efficient in their operations, as well as optimize maintenance planning [and] help inform and support asset management/purchasing decisions for CIOs,” Murphy said. “A broader business slowdown will impact IT operating budgets, and those budgets will naturally be allocated to critical initiatives and basic cyber hygiene essential to business operations…. With the continued explosion in the number of connected devices coinciding with a dramatic increase in cyberattacks, companies like Ordr are well positioned to grow even in a challenging macroeconomic environment.
To date, Ordr has raised over $90 million in venture capital. With proceeds from the recent round, Ordr plans to double its headcount by approximately 80 people over the next year with a focus on marketing, customer success, and engineering teams and “focusing on investment in partners,” according to Murphy.
“The funds will be used for the expansion of our go-to-market capacity,” Murphy added. “Technically, the investments will be used to expand integrations with leading security solutions and simplify workflows for all categories of users, consistent with Ordr’s goal of becoming a single source of truth for connected devices in the enterprise.”