London-based cybersecurity startup Cyb3r Operations has raised $5.4 million (£4 million) in a new funding round to strengthen its platform for continuous third-party cyber risk monitoring.
The round was led by Octopus Ventures, with follow-on investment from Pi Labs, bringing the company’s total funding to $6.75 million (£5 million).
Third-party risk continues to outpace traditional security methods
More than one third of major cyber incidents now involve third parties, yet many organisations still depend on annual questionnaires, spreadsheets and static audits to manage external risk. These approaches quickly become outdated as companies expand their use of SaaS tools, cloud infrastructure, AI applications and complex supplier networks.
As digital ecosystems grow, cyber risk increasingly sits outside direct organisational control, while security teams are left relying on processes designed for a very different era.
Advertisement
Continuous visibility replaces point-in-time assessments
Cyb3r Operations was founded to move third-party risk management away from fragmented, manual workflows toward continuous, automated oversight. The platform integrates across an organisation’s technology stack, allowing security teams to identify and monitor external cyber risks in real time.
Instead of abstract risk scores that offer little practical guidance, the platform highlights which external relationships matter most, how risk is changing, where teams should prioritise action and what those risks mean for overall operational resilience. It surfaces issues such as hidden supply-chain weaknesses, shadow IT, fourth-party exposure and undisclosed sanctions risks that traditional assessments often miss.
Capital to accelerate platform scale and threat intelligence
The new funding will be used to scale the platform, expand threat intelligence capabilities and support a growing number of organisations managing third-party and supply-chain cyber risk.
Founder and CEO Vincent Cook said organisations are often undermined not just by sophisticated attackers, but by a lack of basic visibility into where risk truly sits. He noted that exporting vendor lists between siloed systems and relying on static risk scores no longer reflects how modern businesses operate.
According to Cook, real cyber risk lives in relationships, dependencies and employee exposure, and in how those factors evolve over time. Cyb3r Operations aims to give organisations the ability to continuously detect, assess and respond to those risks before they escalate.
Investors highlight growing urgency of supply-chain security
Constanza Diaz, investor at Octopus Ventures, said the firm backed Cyb3r Operations because it addresses a critical gap between perceived third-party risk and actual exposure. As organisations scale their digital ecosystems, risk increasingly flows through suppliers, SaaS platforms and hidden dependencies.
She added that Cyb3r Operations provides continuous, contextual visibility across the technology stack, making third-party cyber risk actionable rather than reactive.
