Securing the Connected Future: Announcing Our Investment in Firedome’s $10M Series A

By Matt Jacobus and Andy Kangpan on October 23, 2019

We are thrilled to announce today that we recently led Firedome’s $10M Series A. 

Founded in 2018, the company has built a new endpoint cybersecurity solution for IoT companies, broad in its detection abilities and scalable to millions of devices, that enables manufacturers to proactively prevent, detect, and respond in real-time to vulnerabilities in fleets of devices.

Estimates vary in terms of the speed at which the IoT landscape will grow, but by any measure connected devices are proliferating at a rapid pace. Currently, there are approximately ~8 billion connected devices deployed across the globe. According to IoT Analytics, a connected device research firm, the number of connected devices is expected to balloon to ~22 billion by 2025.

While the IoT landscape is rapidly expanding, we believe cybersecurity for these devices significantly lags in comparison to non-IoT devices (e.g., mobile, laptops, desktops). Until recently, it seemed manufacturers were prioritizing speed to market over managing cyber risk, in part because IoT devices lack the significant computing resources to run traditional security solutions, and in part because IoT security threats had been considered largely theoretical. Recently, however, several high profile IoT attacks, such as the Mirai Botnet that knocked out Amazon and Netflix for part of a day in 2016, have demonstrated the cybersecurity risk these devices pose. The number of IoT attacks has skyrocketed in the past few years, with attackers leveraging devices for all types of malicious activity like data exfiltration, cryptocurrency mining, and ransomware. With billions of new endpoints coming online expanding the potential surface area of attack and bad actors demonstrating their desire to exploit weaknesses in these networks,  IoT and connected device manufacturers are now seeking proactive solutions to help address this growing risk. Not only are they worried about brand and reputational risk (new articles appear frequently revealing security vulnerabilities in even the most blue chip names, like Nest, for example), but we believe financial risk will become a major issue for manufacturers, as they will increasingly be exposed to lawsuits and potential regulatory actions. 

This has given rise to two distinct types of security products designed to protect different stakeholders in the IoT space: (i) network security products, such as firewalls and intrusion detection systems, and (ii) on-device security. Network security products are typically deployed by end-users, while IoT manufacturers are primarily responsible for implementing on-device security. These two types of products are complementary and both are required to implement the common security principal of defense-in-depth. But, while network security products can see some or all of the network traffic, they are not able to surface what is actually happening on devices. This becomes an issue when seemingly innocuous traffic can house malicious software, and execute processes on devices without a network detection product surfacing the issue. Devices need to be protected across multiple layers, with manufactures assuming that the network will be infiltrated.

That brings us to on-device security. Within on-device security solutions, the major classes of products available today fall into security-by-design solutions and related software hardening products. Security-by-design solutions help manufacturers implement best practices at the point of production and allow companies to continually update their software as new issues are surfaced. These solutions are passive in nature though (i.e. they can’t dynamically respond to threats), and they provide no visibility on what is occurring in real-time to prevent attacks as they are happening. Furthermore, these tools cannot prevent 0-day attacks, as they require the software to be patched before it can protect against any new threat. Software hardening products run into similar issues, as they are static solutions and unable to deal with unknown exploits.

Firedome is different in that it is an active endpoint protection system that enables IoT device and connected device manufacturers to detect attacks based on malware signatures or aberrant behavior. We believe their technology offers proactive, on-device protection, in ways that both network security and other security-by-design products cannot. Their solution focuses specifically on IoT devices with limited computational resources, varied operating systems, and fleets with billions of assets: design requirements that traditional endpoint providers do not satisfy. They also offer a 24/7 security operations center, staffed by cybersecurity experts, to monitor and respond to threats across industries. What’s really exciting though, is that once Firedome is integrated with millions of devices, they can collect massive datasets that correlate device behavior with cybersecurity threats and use machine learning to improve the efficacy of their detection system. This information will include characteristics of malware communication between devices and the internet, and the activity of that malware on device. This data has the potential to differentiate their product even further and give them the opportunity to become a leading provider of endpoint security for IoT manufacturers, which we believe will emerge as a major class of cybersecurity products.

Our team is feeling lucky to back Moti Shkolnik, Sharon Mirsky, Orr Chen, and the rest of the team at Firedome on this journey. As we’ve gotten to know the three of them over the past year, their security, product, and operational expertise has become evident. Moti (Co-founder and CEO) was the former head of the Cyber Division at the Israeli Prime Minister’s Office, where he ran a group of ~250 security experts, while Sharon (Co-founder and COO) and Orr (Co-founder and VP of R&D) bring a wealth of extensive startup, product, and management experience to the table. Together, they’ve been built a team headquartered in New York City, with a strong research & development organization based in Israel, that continues to impress. Congrats to the entire team on the exciting milestone, and make sure to read more about the announcement from Firedome here!

The views expressed herein are solely the views of the author(s), are as of the date they were originally posted, and are not necessarily the views of Two Sigma Ventures, LP or any of its affiliates. They are not intended to provide, and should not be relied upon for, investment advice.