The $5.4M Bet That Third-Party Cyber Risk Needs Real-Time Data

London-based startup Cyb3r Operations has closed a $5.4 million funding round, led by Octopus Ventures, aimed at solving one of the most persistent and embarrassing problems in enterprise security: the blind spot created by third-party cyber risk.

The investment, which brings the company’s total funding to $6.75 million, targets the growing chasm between modern digital ecosystems and outdated security practices. As organizations rely on sprawling networks of SaaS tools, cloud services, and AI applications, more than a third of major cyber incidents now involve a supplier or vendor. Yet, most security teams still rely on annual questionnaires, spreadsheets, and static audits, which are obsolete the moment they are completed.

Cyb3r Operations was founded to replace these manual processes with continuous, automated oversight integrated directly across the organization’s tech stack.

The Failure of Abstract Risk Scores

The core issue, according to Cyb3r Operations CEO Vincent Cook, is that security teams are stumbling over their own processes. “Exporting vendor lists from CRM or procurement systems and manually uploading them into another siloed tool is no longer good enough,” Cook said. He argues the market is saturated with "meaningless risk scores" that don't reflect real dependencies.

Instead of abstract letter grades or numbers out of 100, the platform focuses on delivering actionable intelligence. It surfaces critical vulnerabilities, undisclosed sanctions risks, shadow IT, and fourth-party exposures that traditional point-in-time assessments miss entirely.

Octopus Ventures investor Constanza Diaz noted that the firm invested because Cyb3r Operations is tackling the "growing gap between perceived third-party risk and real exposure." The funding will be used to scale the platform and deepen its threat intelligence capabilities, pushing organizations away from reactive spreadsheet management toward continuous supply-chain resilience.