SCADAfence today announced a $12million funding round lead by JVP and automation and analytics vendor Rapid7. SCADAfence provide IoT and OT (operational technology) cyber security solutions for the manufacturing and critical infrastructure space – focused upon water treatment, critical infrastructure, oil & gas, pharmaceuticals, chemicals, and building management systems. SCADAfence was a named a “cool vendor” by Gartner in 2020 in the cyber/physical OT security space.
The round followed several in the last 6 months focused on security within the industrial control system, SCADA (supervisory control and data acquisition) and CNI (critical national infrastructures) spaces.
SCADAfence Key Facts
|Headquarters||Ramat Gan, Israel|
|Founders||Yoni Shohet, Ofer Shaked|
|No. of Employees||~50|
|Total Funding||$22 million|
The SCADAfence funding followed that of MissionSecure in January, who received $5.6million Series B round. MissionSecure claim to deliver “the first integrated OT cybersecurity protection platform backed by an expert managed services team that stops OT cyber threats head-on”. That round was co-lead by IREON Ventures, Energy Innovation Capital, and Blue Bear Capital Partners.
MissionSecure Key Facts
|Founders||David Drescher, Daniel Park, Barry Horowitz|
|No. of Employees||43|
|Total Funding||$22.5 million|
Back in December 2020, Dragos received a $110million Series C round co-lead by National Grid Partners (the independent venture investment and innovation arm of National Grid plc.) and Koch Disruptive Technologies (the investment arm of Koch Industries). This is the largest amount over the last 12 months that The Cyber Hut are aware of with regards to ICS funding. Dragos (lead by ex USAF and current SANS instructor Robert Lee), provides three main products, including the Dragos Platform, Dragos Threat Intelligence and Neighbourhood Keep – an asset identification solution.
Dragos Key Facts
|Founders||Jon Lavender, Justin Cavinee, Robert M. Lee|
|No. of Employees||266|
|Total Funding||$158.2 million|
ICS Security Functionality
So what are many ICS and CNI focused security vendors providing? Many energy providers have interconnected and digitised their infrastructure over the last 8 years. Whilst this may have improved failure monitoring and improved efficiency with respect task completion and staffing, it has also lead to a more accessible attack plane for external adversaries. The traditional security posture of a coal fire power plant for example, would likely have prioritised safety and availability above confidentiality and integrity.
A lack of vulnerability awareness and management, coupled with a lack of visibility and security control prioritisation has opened up new ways to cause adversarial disruption. Security controls for ICS and CNI may not initially be focused on information asset protection – they are more likely to be focused upon keeping systems working, available and safe. Here we start to see cyber security focus not just on the “protect” set of capabilities (where protect comes from the likes of the NIST Cyber Security Framework’s Identify, Protect, Detect, Respond & Recover model) but also on detection and recovery.
Providers are typically looking to provide features in the areas of:
- Asset discovery – what is on the network?
- Network monitoring – what is normal? When is it not?
- Threat intelligence – identifying indicators of compromise, abnormal activity and building pictures of adversarial activity
- Monitoring of device configuration change – comparison to governance models
- Segmentation – enforced data flow separation between management intelligence/reporting, human machine interfaces and downstream controllers
- Data assurance – providing integrity that signals emitting from controllers can be trusted
Expect continued innovation and investment in this area, in both North America, EMEA and Israel. There is likely to be increased funding activity, with a likely shortage of key personnel to support, design and implement related technology within industry. The Cyber Hut research report on “The Market of ICS/SCADA Cyber Security Technology” will be released later in 2021.
NB: article updated March 23rd 2021, with updated Key Facts for SCADAfence.