Israeli Indegy works with clients like power plants, water, and other large infrastructures, monitoring security for industrial control systems (ICS)
Israeli industrial protection startup Indegy announced the close of their Series A round on Wednesday, bringing in $12 million in new funding.
The round was led by Vertex Ventures Israel, with Aspect Ventures out of Silicon Valley and SBI Holdings from Japan joining in. Previous investors Shlomo Kramer and Magma Venture Partners from the company’s 2014 $6 million seed round also took part in the funding to bring their total to $18 million.
Co-founded in August 2014 by CEO Barak Perelman, CTO Mille Gandelsman, and VP R&D Ido Trivizki, their main office and R&D center is located in Tel Aviv, and they have sales offices in Palo Alto.
Having launched their product in February, Indegy works with clients in the industrial sector like power plants, water, and other large infrastructures that differ from the more standard IT fare that most cyber security firms provide solutions for. More specifically, they monitor security for industrial control systems (ICS) that run on the machines like turbines built by companies such as Siemens, General Electric and others in that field.
Perelman tells Geektime that their service works to monitor any changes that can occur in the ICS, like the PLCs or RTUs that control the machines. “We can monitor any configuration,” he says, “meaning that if someone or something changes how your turbine works or the threshold of the temperature inside the turbine, we will be able to detect these changes. This currently doesn’t exist in the industrial environment.”
Interestingly enough, Indegy’s product does not attempt to block suspicious activity found on the ICS since as he says, “The customers in the industry aren’t ready for prevention measures, so we only provide detection.”
This actually makes sense when taking a step back. As opposed to a company’s IT network that can deal with being shut down for a few hours while everyone goes out for lunch, critical infrastructure by definition is critical and must be kept running unless the situation absolutely demands a shut down. No room for false positives here.
They also provide the entire audit trail to help assist the customer in understanding what happened in their case and how to recover from it.
The company is now working primarily with U.S.customers, although they say that they have some clients in Europe. Following the round, Perelman tells Geektime that they will use the funding to scale up their customer service and sales teams, while still adding on more talent to their R&D center in Tel Aviv.
Competing in an unwilling market
While perhaps not as sexy as say a honeypot web of deception, some of the large IT companies are focusing more on this area, with names like Palo Alto and Check Point among them.
But Perelman sees the market itself as the real competition. “I think that those working in critical infrastructure are starting to realize that they have to put an emphasis on the security of the industrial network.” At the same time, he says that the decision makers move slowly to adopt changes and have not put aside the budgets for industrial security. Indegy and others in this sector often hear from people in the critical infrastructure that they do not need security for their industrial networks.
As opposed to the IT sector that have movements like the DevOps field that are flying at high speeds, the industrial sector is by far one of the slowest to change. The fact that they are dealing with expensive hardware, and not just code, means that they are more hesitant to look for real upgrades. Contracts to provide services here open up every few years, and breaking in can be rough.
In looking for ways to overcome this hurdle, Perelman tells Geektime that, “What we found to be the best value proposition to move along their decision making is that the data that we collect helps the engineers with their day-to-day operations. For example we have asset discovery and inventory which means that they have an automatically updated map of their entire industrial network which is something that they don’t have today. The engineers are also encouraging the deployment of the Indegy system.”
This strategy of helping the security team and engineers he says helps turn them into advocates and improve their sales cycle.
The need for security solutions in the industrial sector has only really come about in the past few years. In a story that came out only in the past few years that highlights the potential damage that can be caused by attacks on industrial targets, the U.S. and Israel worked together to launch a virus known as Stuxnet aimed at severely damaged Iran’s nuclear enrichment efforts. Instead of attempting to shut their operations down, Stuxnet went after the programmable logic controllers (PLCs) to make the Iranian centrifuges run just a bit faster than they should have, damaging them while tricking the monitoring system to think that all was fine.
All was not fine and the virus worked to slow down their enrichment capabilities.
Since then, there have been mysterious shut downs of power grids like in the Ukraine and other strange instances where all of a sudden things have gone awry. Attacks on supervisory control and data acquisition (SCADA) systems are the most real examples of cyber crossing into the physical world and could have deep consequences.
With threats coming out of Russia, China, and even potentially non-State Actors like terrorist groups or criminal hacker gangs, the buzz surrounding critical infrastructure security is likely to continue to grow, hopefully meaning a more receptive market for startups like Indegy to flourish in.