Endpoint Security , Governance & Risk Management , Hardware / Chip-level Security

Dragos Raises $74M to Advance OT Protection in Europe, Asia

Money Will Address Enhanced OT Security Rules From Regulators, Insurance Providers
Dragos Raises $74M to Advance OT Protection in Europe, Asia
Image: Shutterstock

A $74 million investment will fuel expansion plans for Europe by OT security firm Dragos, a top executive said.

The Baltimore-area industrial security vendor completed a Series D extension round and will use the money to push into the European Union, where smaller organizations affected by updated cybersecurity directives can deploy technology such as that offered by Dragos, said Phil Tonkin, chief of staff. Similarly, cyber insurance providers have begun requiring clients to use tools such as Dragos to deal with a huge rise in ransomware (see: 5 Critical Controls for ICS and OT Cybersecurity Strategy).

See Also: OT-CERT: Enabling SMBs to Address Cybersecurity Risks

"This extension allows us to expand the support that we can provide CISOs, if they're in a global business," Tonkin told Information Security Media Group. "This means that we can support them no matter where they're operating in the world. The level of service and quality that they've come to expect from us is going to be there and remain in the future."

The funding was led by WestCap, which specializes in funding late-stage startups for scale and will help Dragos grow in new markets including cyber insurance. The money comes 23 months after Dragos closed a $200 million Series D round led by Koch Disruptive Technologies and BlockRock. It maintains the company's $1.7 billion valuation despite economic headwinds.

Dragos Debuts in Different Markets

Unlike the U.S. statute for industrial cybersecurity - which primarily focuses on the electric grid - Tonkin said the European Union's NIS2 Directive covers many more sectors. It comes into effect in October 2024. Dragos has recruited employees and set up a brick-and-mortar presence in Germany to serve businesses in continental Europe.

In Asia, Tonkin said the strongest opportunities can be found in Singapore, where the government wants to advance the country's cyber posture around OT given the increasingly dangerous threat environment. Nearly 6 in 10 dollars the company earns today comes from North America, but Tonkin believes Dragos' sales in Europe and the Middle East will equal that from North America within the next year or two.

Dragos plans to hire for multiple roles in Europe, including industrial consultants to aid with preventative measures, technical resources and architects to help with deployment and intelligence staff to make sure the company addresses in-country needs. The company laid off 50 workers - 9% of its staff - in May, but has since begun hiring in international markets to take advantage of the opportunity, he said (see: Dragos Lays Off 9% of Workers as OT Security Spending Slows).

Insuring for Industrial Security Incidents

Tonkin said cyber insurance providers have become more cautious about who they'll insure or how they'll insure them. Dragos has worked with cyber insurance providers to be an approved responder should a security incident occur, giving the company direct access to new industrial organizations due to being seen as a trusted mitigator.

"If we can get to the point where insurance recognizes that our detection capabilities and our services can materially reduce their risk, it'll makes organizations' premiums lower or potentially make them insurable when they weren't insurable before," Tonkin said.

Dragos brings to the table expertise across the industrial sector from oil, gas and electricity to water, manufacturing and pharmaceuticals, but to fully capitalize on the cyber insurance opportunity, Tonkin said, the company will need to gain a better understanding of how the market operates and pitch itself in a way that insurance providers are understand.

From a technology standpoint, Tonkin said, the new funding round will help Dragos address emerging needs in the electricity sector around data centers and building management as well as maintaining a continuous connection to IT and supply chain for manufacturing firms. Dragos has evolved its product to be more cloud-focused and lighter weight to better support organizations that aren't large utilities.

From a metrics standpoint, Tonkin wants to use the funding to help Dragos maintain 100% growth in annual recurring revenue and maintain the company's path to near-term profitability by keeping a lid on sales, marketing and engineering spend. Tonkin anticipates Dragos will need at least one more funding round before pursuing an initial public offering, which he said would require the firm to be truly global.

"We've expanded strategically into specific markets; we haven't just said, 'We sell the product everywhere, globally,'" Tonkin said. "In order to be ready to move to IPO, we want to be certain that we're not in any way diluting the brand or diluting our mission to safeguard civilization."


About the Author

Michael Novinson

Michael Novinson

Managing Editor, Business, ISMG

Novinson is responsible for covering the vendor and technology landscape. Prior to joining ISMG, he spent four and a half years covering all the major cybersecurity vendors at CRN, with a focus on their programs and offerings for IT service providers. He was recognized for his breaking news coverage of the August 2019 coordinated ransomware attack against local governments in Texas as well as for his continued reporting around the SolarWinds hack in late 2020 and early 2021.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.asia, you agree to our use of cookies.