Just last month, shutdowns at Colonial Pipeline and meat producer JBS as a result of cyberattacks show how vulnerable our society is to these increasingly sophisticated attacks, leading to a greater emphasis on safeguarding critical infrastructure. Claroty is an end-to-end cybersecurity platform that’s focused on protecting the industrial economy from cybersecurity incidents. The company focuses on visibility, detection, risk and vulnerability management, and secure remote access in three areas operational technology (OT), Internet of Things, (IoT), and industrial IoT (IIoT) with solutions that integrate directly with an organization’s existing cybersecurity infrastructure. Claroty’s customers are some of the leading industrial organizations covering an array of use cases in applications like chemical manufacturing, airport management, oil & gas, utility companies, consumer goods, mining, and pharmaceuticals. In fact, Claroty is working with Pfizer to safeguard the supply chain for COVID-19 vaccine production. Through the pandemic, from the first half of 2020 to the first half of 2021 the company is expected to grow new ARR by 133% and grow the team by 50% by the end of the year.
AlleyWatch caught up with CEO Yaniv Vardi to learn more about how Claroty is safeguarding the most critical infrastructure, the company’s strategic plans, latest round of funding, which brings the total funding raised to $235M, and much, much more.
Who were your investors and how much did you raise?
Claroty secured $140 million in a Series D financial round, marking the largest investment ever made within the industrial cybersecurity sector. The round was co-led by Bessemer Venture Partners’ Century II fund, which is specifically designed for growth-stage market-leading companies, and 40 North, the related investment arm of privately-held global industrial company Standard Industries. Additional strategic investors include LG, the global innovator in technology and manufacturing, and I Squared Capital’s ISQ Global InfraTech Fund. All of our previous investors, including Temasek, Team8, and long-time customers and partners Rockwell Automation, Siemens, and Schneider Electric, also participated.
Tell us about the product or service that Claroty offers.
Claroty is a cybersecurity company focused on protecting industrial networks from cyberattacks, ensuring the safe and reliable operation of the world’s critical infrastructure. We help customers reveal, protect, and manage their operational technology (OT), Internet of Things (IoT), and Industrial IoT (IIoT) assets. The Claroty Platform is a complete industrial cybersecurity solution that provides a full range of visibility, threat detection, risk and vulnerability management, and secure remote access controls for these assets. It connects seamlessly with customers’ existing infrastructure through its vast integration ecosystem, resulting in more secure and efficient operations for the lowest possible total cost of ownership.
What inspired the start of Claroty?
The world runs on industrial control systems (ICS), but due to their very long life cycles in the field, keeping them secure is a huge challenge. When Claroty was founded in 2015, many IT security vendors hadn’t yet stepped into this space yet and companies were desperate for comprehensive ICS security solutions. It was clear that there was a gap in the market, which gave our founders the opportunity to identify and create a solution.
Effective industrial cybersecurity starts with knowing what needs to be secured. While many vendors claim to offer the best OT/IoT/IIoT visibility in the industry, Claroty is the only vendor whose caliber of visibility is proven and endorsed by the world’s top three industrial automation leaders – Rockwell Automation, Schneider Electric, and Siemens — all of which are longtime investors, customers, and partners.
Additionally, enabling remote access to IT and OT systems alike became a lifeline for many organizations during the pandemic when everyone had to work from home. This was especially the case for industrial organizations that tend to rely more heavily on in-person operations. The Claroty Platform is the first and only solution of its kind with secure remote access and remote incident management capabilities that are purpose-built for OT networks.
These capabilities are backed by the renowned Claroty Research Team, so customers always have access to the latest signatures and remediation guidance. With over 120 ICS vulnerability disclosures to date, the Claroty Research Team leads the ICS threat research industry by far.
What market does Claroty target and how big is it?
The ICS/OT cybersecurity market is expected to hit $22.2 billion by 2025. Our solutions are deployed in thousands of locations and facilities, in over 50 countries across all seven continents. Our customers are in a variety of industrial and critical infrastructure sectors, including Pharmaceuticals, Food & Beverage, Automotive, Chemicals, Mining & Materials, Manufacturing, Medical Devices & Life Sciences, Oil & Gas, Electric, Water & Waste. For example, we work with Pfizer to secure its COVID-19 vaccine supply chain in its race to meet unprecedented global demand.
What’s your business model?
We conduct much of our global business through the channel, working with an expansive ecosystem of partners to understand and support the challenges facing end-user organizations in different regions. We focus on subscription software opportunities, which allows solution partners to have a recurring reseller revenue stream.
How has COVID-19 impacted your business?
The pandemic created an even greater need for our solutions, particularly Secure Remote Access (SRA), which provides frictionless, reliable, and highly secure remote access to OT environments. When the whole world shifted rapidly to working remotely as much as possible, industrial network administrators were on the front lines of enablement. They needed to provide online connectivity to users who typically accessed industrial control systems physically while minimizing the substantial risks introduced by remote users.
SRA provides a single, manageable interface through which all external users can connect to the OT environment. The system enforces password management, authentication, and access control policies for remote connections and monitors and records remote sessions.
What factors about your business led your investors to write the check?
Our investors say it best:
David Cowan, partner at Bessemer Venture Partners: “We launched Bessemer’s growth fund to invest specifically in clear market leaders. We are focused on helping the next generation of category-defining companies that have standout product-market fit, scalability, and a strong executive team. Since our first investment in Claroty in 2016, the company has continued to demonstrate that it has the best vision, team, and technology to address the unique challenges in the critical infrastructure security sector.”
David Millstone, co-CEO of Standard Industries and co-CIO of 40 North: “David Winter and I are passionate about investing in high-potential companies, especially those focused on building the industrial future. Cybersecurity is a crucial component of that effort, and Claroty has proven itself as the most experienced, innovative, and visionary company in this industry.”
What are the milestones you plan to achieve in the next six months?
Our growth goals are threefold:
- Expand into more verticals and geographies: We are looking to expand into transportation, particularly within government-focused industries as well as building management systems. In terms of regions, we’d like to build upon our existing presence across the Americas, EMEA, and APAC by expanding further into Japan and Italy.
- Expand product capabilities: We plan to strengthen our commitment to securing IoT devices and further empower our customers’ journey to the cloud.
- We may also consider inorganic growth to execute our rollout strategy, depending on the opportunity.
Where do you see the company going now over the near term?
The industrial cybersecurity market is at a critical juncture. In the past few months alone we have seen a significant uptick in cyberattacks against organizations that underpin the world’s critical infrastructure and supply chains – including Colonial Pipeline, JBS, and the Oldsmar, Florida water supply. According to Cybersecurity Ventures, global ransomware damage costs are predicted to exceed $265 billion by 2031, up from $20 billion in 2021. As these incidents show no signs of slowing, the massive global demand for our specific expertise and capabilities is growing larger by the day. We now have the financial runway we need to meet that global demand, with a proven product strategy in a hyper-growth market, with a world-class leadership team, and a strong ecosystem of partners to take us there.