Third-party cyber risk has become a major weak point for businesses. In fact, over a third of significant cyber incidents involve suppliers, partners, or outside service providers. Unfortunately, many organisations still manage these risks using outdated methods like annual questionnaires and static audits.
As businesses increasingly rely on SaaS tools, cloud services, AI systems, and global suppliers, cyber risks from these external sources often fall outside their control. And here’s where Cyb3r Operations, a London-based cybersecurity startup, is tackling this issue.
The startup provides organisations with continuous, real-time visibility into third-party cyber risk, replacing manual, fragmented processes with automated intelligence that integrates directly across an organisation’s technology stack.
The company raised $5.4 million in a new funding round led by Octopus Ventures, with follow-on investment from Pi Labs. This brings the company’s total funding to date to $6.75 million (£5 million). However, the company did not disclose its current valuation.
Monitoring third-party risk within supply chains
The company was founded on both personal experience and a clear market gap. Founder and CEO Vincent Cook entered the cybersecurity industry at 16 and spent years developing intelligence tools to address real business problems.
“Cyb3r Operations originally started as a consultancy to test whether automated intelligence could replace manual, point-in-time assessments,” says Cook to TFN.
“When we sold our first engagement for over £100k before a product even existed, it was obvious the demand was already there. Since then, high-profile supply-chain incidents and increasing regulatory pressure have only reinforced what we saw early on: third-party risk is one of the biggest unresolved problems in cybersecurity, and the way it’s traditionally managed simply doesn’t work anymore,” he adds.
Cyb3r Operations uses a unique risk assessment method, focusing on external relationships rather than traditional letter grades or numeric scores. The platform highlights key areas of concern, tracks changes in risk over time, advises on priority actions, and explains the impact on overall organisational resilience.
It identifies issues often overlooked in standard assessments, including vulnerabilities in supplier networks, undisclosed sanctions, shadow IT, third-party dependencies, and broader supply chain weaknesses.
Currently, Cyb3r Operations collaborates with major organisations to monitor third-party risk within their supply chains in real time.
The company competes with BlackKite, BitSight, and SecurityScorecard. As third-party exposure continues to rise and regulators increase scrutiny around supply-chain security, Cyb3r Operations is positioning itself as a continuous, intelligence-driven alternative to the static assessments that still dominate third-party risk management today.
What about diversity?
Cyb3r Operations’ team is currently 75% male and 25% female.
What’s next?
The company will use the capital to scale its platform, deepen its threat intelligence capabilities, and support more organisations in managing third-party and supply chain cyber risk.
Constanza Diaz, Investor at Octopus Ventures, adds, “We invested in Cyb3r Operations because they’re tackling a critical blind spot in cybersecurity: the growing gap between perceived third-party risk and real exposure. As organisations scale their digital ecosystems, risk now flows through suppliers, SaaS tools and hidden dependencies, but most teams are still operating reactively. Cyb3r Operations delivers continuous, contextual visibility across the tech stack, making third-party risk genuinely actionable.”
