Armis raises $65m to enhance IoT security
April 17, 2019
California-based enterprise IoT security company Armis has raised $65m in series C funding, bringing the company's total funding to $112m.
The company will use the funds to accelerate investments in sales, marketing and engineering, as it looks to expand its cross-industry offering built to address the security exposures of enterprise IoT devices.
The connected enterprise represents an expanding attack surface, with recent reports on ransomware attacks impacting multinational corporations, often through insecure, unmanaged devices.
"IoT security has come of age, with CIOs and CISOs across industries prioritising it as they realise the significant risk these connected devices pose," said Yevgeny Dibrov, CEO and co-founder of Armis. "Our platform is purpose-built to address these new insecure endpoints, what we call un-agentable devices. But beyond the technology, it's how we partner closely with our customers to secure this new attack landscape."
According to Gartner, IoT endpoints will grow to 25 billion units by 2021, with the highest growth in the cross-industry category. These unmanaged and un-agentable devices have no inherent security, and cannot be protected by legacy security systems.
The round was led by Sequoia Capital. Carl Eschenbach, partner at Sequoia, joined the board of directors.
"Armis offers companies unprecedented visibility across managed and unmanaged devices during a time when the number of IoT devices is exploding,” said Eschenbach. “As every industry and market segment faces the issue of identifying and securing these devices, Armis is providing the best solution with their easy to install, agent-less platform. This, along with their incredible team and company culture, is why we've partnered with the company since the series A in Israel and are thrilled to be part of this next phase of growth."
There was also participation in the round from Insight Venture Partners, with Intermountain Ventures joining. Bain Capital Ventures, Red Dot Capital Partners and Tenaya Capital also participated as return investors.
"The IoT security marketplace is growing at an incredible rate," said Jeff Horing, managing director at Insight Venture Partners. "Armis executed extremely well early on, and has built the platform and approach we believe in to address the $30bn dollar market."
Leveraging insights from its cloud-based device knowledgebase, which monitors more than 80 million devices worldwide, the Armis platform delivers visibility of every device across an enterprise environment, analyses and classifies devices and their behaviour to identify risks or attacks, and protects critical information and systems. This past year, Armis has seen 700% growth in annual revenue, with multiple multimillion-dollar contracts with enterprises, and has deployments in more than a quarter of the Fortune 100. Customers include Mondelēz, Sysco Foods, Allergan and Samsung Research.
Healthcare organisations are going through a huge digital transformation with the internet of medical things (IoMT), encompassing medical devices such as connected infusion pumps, MRI machines, x-ray machines, smart beds and patient monitors. But these devices lack the appropriate security. Chief medical information officers (CMIOs) focused on patient safety are also concerned about protecting personal information and hospital operations. To do that, they need to secure all connected devices in their environment, from medical devices to smart HVACs, smart TVs and iPads. Recently, the DHS warned that malicious actors can take over heart devices, and another report showed how even medical reports, such as x-rays, can be hacked and altered.
"We're entering an age of digital healthcare with a generation of medical devices designed to connect that have no security built into them," said Nadir Izrael, Armis CTO and co-founder. "I speak with healthcare companies regularly, and I've seen the ways that connected devices in hospitals are being targeted by malicious actors or exposed – MRI machines talking to servers in Russia, a medical crash cart being used to access Facebook or phishing web sites, and even patient data being sent unencrypted."
Industrial IoT brings the promise of improved efficiency and access to critical data in real time. By 2019, three-quarters of large manufacturers will have incorporated the industrial IoT in their operations. This includes sensors to enable companies to monitor temperature and humidity in food manufacturing, or performance of the production line for automobile manufacturing. But the convergence of IT with OT gives cyber attackers an opportunity to affect the physical world and possibly impact the safety and lives of people. Ransomware continues to target industrial systems, as evidenced by recent LockerGoga attacks impacting numerous global manufacturers.
Most of these smart devices and sensors were not designed with security in mind, and they lack the ability to install an agent, so they are completely unmanageable from a security perspective. This includes devices such as industrial control systems, PLCs, HMIs, tablets, smart lighting, barcode scanners, internet connect forklifts, robotic arms, digital microscopes and infra-red readers. Companies using Armis can protect themselves when using IoT devices by identifying all devices, tracking their behaviour, and taking action, thereby reducing production downtime.
"Our connected factories, assembly lines and distribution centres are key enablers in accelerating our growth and it is essential that they run reliably," said Paolo Vallotti, global chief information security officer for Mondelēz, the maker of popular snack brands such as Cadbury, Nabisco, Toblerone and Oreo. "Our manufacturing systems operate around the clock so we can provide high-quality products for customers all over the world. By using Armis, we have further enhanced our visibility and control to ensure production is not disrupted."
Armis is a privately held company headquartered in Palo Alto, California.