Risk Ledger secures £6.25m to prevent cyber attacks on the supply chains of nation’s largest enterprises
November 2023 by Marc Jacob
Organisations have been laser focussed on protecting their own networks, applications, physical premises and people against cyber security attacks but have neglected their exposure to suppliers. Indeed, over the past 3 years, a staggering 73% of organisations have been affected by a third-party security breach. Helping these businesses toughen their resilience against such attacks, cyber security business Risk Ledger is today announcing it has raised a £6.25 million series A funding round to strengthen supply chains.
The funding round was led by UK investor Mercia Ventures, which joins Seedcamp, Firstminute Capital, Episode 1, Village Global as well as Finnish VC Lifeline Ventures as investors. To date, Risk Ledger has raised a total of £9.8 million in venture funding.
Recent cyber attacks on The Metropolitan Police and NHS Trusts through their supply chains have the potential to compromise the UK’s national security and private citizen data. A threat alert by the National Cyber Security Centre is also warning of increased state-sponsored attacks against UK critical national infrastructure. Supply chain attacks are on the rise, and can have severe impacts, as the Solarwinds, Log4J, and MOVEit Transfer attacks have shown. According to recent research by KPMG, 73% of the surveyed organisations had experienced at least one significant disruption, caused by a third party, within the last three years, while 85% said that their business considers third party risk management (TPRM) a strategic priority. The cost of global supply chain attacks is expected to reach $46 billion this year (Juniper Research).
Organisations are increasingly trusting others with critical business functions and sensitive data, meaning vulnerabilities can appear anywhere in the supply chain, from suppliers to partners. Traditional, point in time cyber security risk assessments make for poor quality data that goes out of date fast, offering little protection.
Risk Ledger offers an innovative social network approach to supply chain risk management, allowing organisations to use the platform as both clients and suppliers, able to share with connected organisations a single profile of their controls across 12 security domains, including ESG and financial risk. This reveals relationships in many directions and allows for a unique visualisation of the entire supply chain ecosystem, and the uncovering of critical interdependencies, concentration risks and single points of failure well beyond immediate third party connections. It also results in more accurate and real time data, giving organisations the ability to make better decisions to protect their business from supply chain threats.
Risk Ledger has seen rapid adoption over the past two years and today counts over 5,000 organisations with 17,000 users across large public sector and financial services organisations as customers. Client bookings have consistently doubled year on year, or more, since the company launched its platform in 2020.
Risk Ledger’s growing international client base includes many organisations in sensitive sectors such as critical national infrastructure, financial services and the public sector, which face particular regulatory scrutiny and need to demonstrate how they effectively limit the risks emanating from their suppliers.