OT (Operational Technology) cybersecurity company Shift5 has raised $50 million in a Series B round led by New York-based global private equity and venture capital firm Insight Partners.
“This fundraise highlights Shift5’s exponential growth and momentum, including eight-figure ARR (Annual Recurring Revenue) in our first year of product sales, multiple seven-figure deals in 2021, and a 200% increase in employee headcount,” the company noted. “Rail operators, airlines and militaries rely on OT to power their fleets. These on-board systems are teeming with digital components that were developed before the advent of modern cybersecurity solutions, and were once believed to be completely isolated. Yet today, rail, aviation and defense assets have become increasingly connected to outward-facing networks, making them significantly more vulnerable. OT cybersecurity failures on these systems can jeopardize business and mission operations, create safety risks for operators, personnel, and passengers, and incur millions of dollars in downtime losses, remediation and ransom payments.”
The new capital will be applied toward “significant investments in product development and new talent across all teams to keep pace with demand across transportation and national defense industries,” the company said. The funding round follows Shift5’s $20 million Series A and a contract with the United States Special Operations Command in October 2021.
The Transportation Systems Sector-Specific Plan (download below) from the U.S. Department of Homeland Security highlights the elevated risk in transportation due to aging infrastructure. “In cases where transportation entities have adopted new technology, it has generally been with the goal of increasing efficiency, rather than protecting against cyber threats,” Shift5 pointed out. “According to Cybertalk.org, the transportation industry witnessed a 186% increase in weekly attacks from 2020 to 20121, while cyberattacks on maritime OT have increased by 900% since 2017. Recent incidents, like the attack against the New York Metropolitan Transportation Authority and CSX demonstrate potential repercussions if left unprotected. Defending OT is a national security imperative and a top priority for the U.S. government, as demonstrated by 2021 advisories from the TSA and CISA. Against this backdrop, demand for Shift5’s OT cybersecurity solutions has grown at a rapid clip.”
Stamford, Conn.-based technology research and consulting company Gartner “has validated the risk posed by OT cybersecurity incidents, predicting that cyber attackers will weaponize OT to create physical harm by 2025,” Shift5 said. “We protect the undersecured OT layer of transportation and weapon systems, providing aviation, railroads and rail transit, and military defenders complete visibility into their OT networks. Operators can begin to apply cybersecurity best practices to the operation of these critical systems, dramatically reducing their cyber risk. Shift5 allows operators to gain visibility, detect threats, and maintain resilience of OT systems as cyber-physical attacks become an increasingly likely and attractive strategy for digital attackers.”
“Evolution in cybersecurity technology has historically occurred alongside innovation in the threat landscape,” said Joe Lea, President, Shift5. “We’re seeing attacks now beyond the traditional network and endpoint vectors to other parts of the landscape like IoT, medical devices and operational technology that have grave consequences when disrupted. This cat and mouse game is bleeding into critical infrastructure, and defenders must extend their purview to encompass OT. If the past year has proven anything, it’s that defenders in rail, aviation and national defense see the prescient risks and are mobilizing to get ahead of costly damages. We look forward to partnering with Insight Partners as we continue to grow and defend.”
“Shift5 is addressing a critical visibility gap into operational technologies onboard military and commercial fleet assets,” said Nick Sinai, Senior Advisor at Insight Partners, who has joined Shift5’s board. “Shift5’s experienced founding team with deep national and cybersecurity experience, plus early success, makes the company a standout in the industry. We’re excited to work with Shift5 as it fills a crucial space in defending national infrastructure.”
“Malicious adversaries target poorly protected technology with high operational impact,” said Shift5 CEO and Founder Josh Lospinoso. “This cold calculus leads them directly to under-secured cyber-physical systems like transportation and weapon systems, where safety and availability are of utmost importance. We’re at a really unique moment in time where we’re witnessing defenders of legacy systems adopt crucial cybersecurity best practices. Our work with transportation operators and military commanders gives them the ability to see into and proactively defend the assets they rely on most heavily.”
Shift5 was recently named a 2021 Tech 100 Honoree by Northern Virginia Technology Council (NVTC), the trade association representing the national capital region’s technology community.