London-based cybersecurity startup Cyb3r Operations has today announced that it has raised €4.6 million ($5.4 million) to help organisations tackle third-party cyber risk.
The round was led by Octopus Ventures, with follow-on investment from Pi Labs. With this funding, Cyb3r Operations has raised a total of €5.8 million ($6.75 million) in funding.
“We invested in Cyb3r Operations because they’re tackling a critical blind spot in cybersecurity: the growing gap between perceived third-party risk and real exposure. As organisations scale their digital ecosystems, risk now flows through suppliers, SaaS tools and hidden dependencies, but most teams are still operating reactively. Cyb3r Operations delivers continuous, contextual visibility across the tech stack, making third-party risk genuinely actionable,” said Constanza Diaz, investor at Octopus Ventures.
Cyb3r Operations was founded in 2021 with the mission to simplify third-party risk management. It aims to help CISOs, procurement teams, and business leaders reduce financial exposure, enhance compliance, and protect critical operations.
According to the company, more than a third of major cyber incidents now involve third parties; yet, most organisations still rely on outdated approaches, such as annual questionnaires, spreadsheets, and static audits, to handle these risks.
Cyb3r Operations states that with companies increasingly relying on SaaS tools, cloud services, AI applications, and suppliers, a large share of cyber risk exists outside their direct operational control. Therefore, resorting to the old risk management playbook is not enough.
The startup aims to replace these fragmented, manual processes with continuous, automated oversight integrated across an organisation’s tech stack. “Rather than producing abstract risk scores like letter grades or numbers out of 100 that give teams little actionable guidance, Cyb3r Operations shows which external relationships matter most, how risk is evolving, where security teams should act first, and the impact on your organisational resilience,” the company mentioned in the press release.
The platform identifies critical vulnerabilities across third-party ecosystems, undisclosed sanctions risks, shadow IT, fourth-party exposures, and supply-chain weaknesses that may not be captured through point-in-time assessments. Its core features include automated third-party discovery, surface, deep, and dark web intelligence, and actionable analytics
Vincent Cook, founder and CEO of Cyb3r Operations, said, “One of the biggest problems in cybersecurity today isn’t just how advanced threat actors are getting. It’s that we’re stumbling over our own processes. Organisations lack basic visibility into where risk actually sits.
“Exporting vendor lists from CRM or procurement systems and manually uploading them into another siloed tool is no longer good enough. Most organisations have developed an allergic reaction to third-party risk management because the market is full of meaningless risk scores and static assessments that don’t reflect how companies actually work.
“Real risk sits in relationships, dependencies, employee exposure, and how those things change over time. Our mission is to enable organisations the ability to continuously detect, assess, and respond to threats in order to stay ahead.”
The company claims to utilise AI-powered risk scoring and real-time intelligence derived from over 300 billion data points, enabling businesses to identify vulnerabilities, predict threats, and automate responses.
It plans to utilise this funding to scale the platform, deepen its threat intelligence capabilities, and support more organisations managing third-party and supply-chain cyber risk.
