The Internet of Things is growing at breakneck pace and may end up representing a bigger economic shift in networking than the Internet itself did, making security threats associated with the IoT a major concern.\nThis worry is reflected by investments being made in startups that focus on stopping threats to the IoT, the industrial IoT (IIoT) and the operational technology (OT) surrounding them.\nThe 10 young companies profiled here are developing everything from IoT intrusion prevention tools to IIoT\/OT cybersecurity suites to firmware-hardening services. As cyber-attackers shift their focus to the IoT, startups like these may well end up being your first line of defense.\nBayshore Networks\nWhat they do: Intrusion protection for IoT\nYear founded: 2012\nFunding: $14 million\nHeadquarters: Durham, N.C.\nCEO: Kevin Senator, who previously served as VP of Sales and GM of SaaS Sales for Cal Amp\nProblem they solve: Industrial network operators don\u2019t typically have the internal expertise to effectively handle the security threats that continuously hit their networks. Many operators rely on IoT visibility tools to monitor risks, but those tools don\u2019t actually provide real-time active protection against threats to their OT environments.\nHow they solve it: Bayshore Network\u2019s industrial cyber protection software provides real-time, per-asset intrusion prevention throughout an industrial network. Bayshore appliances are deployed inline as a transparent bridge, so there is no need to rebuild all the of the IPs for the plant.\nBayshore\u2019s security suite is built on top of a policy engine that works at the byte level.\u00a0It ingests packet streams via their native protocols, disassembles them into a set of parameters and metadata, and then applies policy controls.\u00a0These can be simple signature-based checks or the policies can be context-sensitive.\u00a0\nBayshore\u2019s policy engine breaks down all the messages sent to a device, organizes the contents into logical containers and applies rules on a per-value basis. It can also apply external parameters via logical constructs. So, for example, an industrial customer might use Bayshore to apply virtual segmentation such as: Source\u00a0IPs from subnet-A might be allowed to perform read and write operations, but IPs from subnet-B can only do reads.\u00a0\u00a0\nBayshore can also apply context-sensitive actions where the context is defined as an amalgam of known baseline ranges \u2013 such as how hot an oven should run \u2013 and external threat conditions \u2013 such as an uptick in blocked activity targeting the oven\u2019s PLC from external users.\nCompetitors include: Cisco, Palo Alto Networks, Tenable, Symantec and startups including Claroty, Nozomi Networks, Indegy and CyberX\nCustomers include: AT&T, GE, Kimberly Clark Corporation, Yokogawa\nWhy they\u2019re a hot startup to watch: For a seven-year-old company, Bayshore Networks has a modest amount of funding. However, it has something even more important than eye-popping VC rounds: named customers \u2013 big ones.\nThe senior leadership team has a track record of successful exits. CEO Senator and CPO Toby Weir-Jones were both in management positions at Counterpane when it was acquired by BT. Other exits include Bluecurve\u2019s sale to Red Hat (Senator) and ValiCert\u2019s IPO (Weir-Jones).\nClaroty\nWhat they do: Provide security for OT networks\nYear founded: 2014\nFunding: $93 million\nHeadquarters: New York, N.Y.\nCEO: Amir Zilberstein. He formerly co-founded Waterfall Security Solutions and Gita Technologies\nProblem they solve: As cyber-attacks explode in volume and become increasingly complex, the shortage of IT skills in OT environments is becoming a massive risk.\nNot only are OT networks vulnerable to new, evolving attacks, but many industrial control systems (ICS) networks also lack even basic intrusion prevention, allowing potential attackers to case out networks undetected long before launching attacks.\nHow they solve it: Claroty\u2019s IIoT cybersecurity platform discovers and eliminates vulnerabilities, misconfigurations and insecure connections in IIoT and OT environments. The Claroty platform offers granular visibility into IIoT and industrial control networks \u2013 understanding a device\u2019s function in the network, its relationship to other devices and details about its layer 7 traffic \u2013 to improve uptime and enable a proactive security posture.\nIts flagship Continuous Threat Detection platform provides real-time threat detection, including anomaly and signature-based detection. It establishes a real-time view of the network topology, including connections and traffic flow for both Ethernet and serial networks.\nContinuous vulnerability-monitoring capabilities help operators uncover and remedy network configuration issues, while also discovering assets with known vulnerabilities. The platform can automatically generate current-state views of OT process communications, which enables it to automatically determine network segmentation strategies.\nClaroty enables secure remote access with policy- and workflow-based access control and session monitoring. It can be integrated with common cybersecurity products, such as those from Cisco, Check Point and Splunk.\nFinally, Claroty can be deployed in extremely remote, bandwidth- or compute-constrained environments. It relies on a sensor-based architecture to adapt to such use cases as protecting electric transmission lines, and oil and gas pipelines.\nCompetitors include: Cisco, Palo Alto Networks, Tenable, Symantec, Bayshore Networks, Nozomi Networks, Indegy and CyberXCustomers include: None publicly disclosed.\nWhy they\u2019re a hot startup to watch: Claroty has raised an eye-popping $93 million in funding, including a $60 million Series B announced in June 2018. The round was led by Temasek and included Rockwell Automation, Aster Capital, Next47, Envision Ventures and Tekfen Ventures. Original investors Bessemer Venture Partners, Team8, Innovation Endeavors and ICV all participated in the round, as well.\nThe senior leadership team has relevant industry experience, holding management positions at Siemens, NextNine Cyber Security, Optiv and IBM. The founding team also served in various cyber-defense roles for Israeli Defense Forces.\nFormer NSA Director and Commander of the U.S. Cyber Command Michael S. Rogers is chairman of the company\u2019s board of advisors.\nThe company has inked strategic deals to serve as the preferred IIoT security provider for Siemens, Schneider Electric and Rockwell Automation, and expects that soon more than half of its revenues will be generated by these partnerships.\nCyberX\nWhat they do: Provide IIoT and ICS cybersecurity software\nYear founded: 2013\nFunding: $48 million\nHeadquarters: Waltham, Mass.\nCEO: Omer Schneider. Prior to co-founding CyberX, Schneider spent more than seven years as a commander in the Israel Defense Forces where he led a blue-team cybersecurity unit tasked with protecting critical national infrastructure.\nProblem they solve: IIoT creates an attack surface of billions of online devices, and the increased connectivity between IT and OT networks brings previously isolated environments online as well. This introduces new risks, such as downtime from software failures and dangerous cyber-physical safety incidents.\nHow they solve it: CyberX\u2019s agentless platform enables organizations to continuously auto-discover and fingerprint unmanaged IIoT and ICS devices and networks. The platform monitors production networks for destructive cyberattacks, and its ICS-aware threat analytics and machine-learning technology protect against zero-day threats.\nCyberX uses passive monitoring and network traffic analysis to provide deep, real-time visibility into IIoT\/ICS networks without impacting performance.\u00a0Delivered as a preconfigured physical or virtual appliance, CyberX says its platform can typically deliver actionable insights less than an hour after being connected to the network.\nThe platform gathers information about organizations\u2019 IIoT and ICS devices, including manufacturer, device type, firmware version, protocols, etc. It updates operators on vulnerabilities and risks, and produces an overall risk score with mitigation advice. It reports on unpatched CVEs, rogue devices, unauthorized connections to the Internet, unauthorized subnet connections to IT networks, vulnerable firewall rules, unauthorized WAPs and more.\nCyberX provides automated threat-modeling to predict the most likely paths attackers would take to compromise an organization\u2019s assets. Security analysts can then simulate mitigations, such as patching and segmentation, to eliminate these attack paths, before deploying them.\nCompetitors include: Check Point, Symantec, McAfee, Darktrace, Tenable, Indegy, Armis, Sentryo, and Claroty\nCustomers include: Teva Pharmaceuticals, Scotia Gas Networks, Adani Power, First Quality Enterprises and Deutsche-Telekom\nWhy they\u2019re a hot startup to watch: CyberX hits the trifecta:1) they have big VC backing; 2) a strong leadership team with an extensive track record of exits (the senior leadership\u2019s exit experience includes Rapid7\u2019s and Check Point\u2019s IPOs, the sale of Guardium to IMB, and HP\u2019s $1.5B acquisition of ArcSight); and 3) an impressive list of named customers.\nEdgeworx\nWhat they do: Provide edge management and security software\nYear founded: 2017\nFunding: An undisclosed amount of seed funding\u00a0from Samsung NEXT, Sequoia Seed and CloudScale Capital Partners\nHeadquarters: San Jose, Calif.\nCEO: Kilton Hopkins, who was previously IoT Program Director for Northeastern University\nProblem they solve: As edge devices explode, businesses struggle to integrate their many one-off, stove-piped IoT and industrial control solutions, many of which run on dedicated hardware. Facing massive volumes of data, increasingly complicated security threats, and the need for real-time processing to keep operations running smoothly, industrial companies need a way to migrate, manage and secure computing at the edge.\nHow they solve it: Edgeworx ioFog software is an edge-computing application platform that provides a standardized way to develop and remotely deploy secure microservices to IoT devices. Edgeworx developed ioFog as an open-source platform (now managed by the Eclipse Foundation) and continues to contribute to its development and innovate around it.\nAccording to Farah\u00a0Papaioannou, the company\u2019s co-founder and president, ioFog enables \u201cbring your own edge\u201d computing, with ioFog turning any hardware into a connected device. ioFog handles the deployment and management of multiple edge devices or nodes across multiple networks. Since each device may require its own microservices, ioFog automatically manages device discovery, network configurations and data routing.\nAs it builds services around ioFog, Edgeworx is focusing on security as a big business driver. Edgeworx argues that traditional cloud-based public-key infrastructure does not work at the edge due to device, network and legacy constraints.\nioFog\u2019s Pure Edge Security feature is blockchain-based and turns each node into a trusted device. It continuously monitors edge devices, validating a set of security rules with each node, searching for minor deviations or signs of rogue nodes. When a rogue node is found, it is automatically quarantined. If rogue nodes do not pass stringent security checks to re-enter the network, they can be remotely wiped of all software and data.\nThe Edgeworx business model focuses on customizing edge services, including running ioFog as a managed service. The startup is also building up a microservices marketplace around ioFog, enabling developers to monetize their own microservices and edge applications.\nCompetitors include: ioTium, NanoLock and Particle Customers include: None publicly announced.\nWhy they\u2019re a hot startup to watch: The complexity of securing and managing the explosion of connected devices creates a massive opportunity for open-source, standardized solutions. Just as the open-source mobile OS Android enabled Google to accelerate its mobile business, ioFog and Eclipse could make ioFog the default OS of the edge.\nioTium\nWhat they do: Provide software-defined infrastructure for IIoT\nYear founded: 2015\nFunding: $22 million\nHeadquarters: Santa Clara, Calif.\nCEO: Ron Victor, previously VP of marketing and business development for Wireless Industrial Technologies\nProblem they solve: Connecting millions of legacy industrial assets to cloud-based applications can create a massive security risk. Organizations need to connect massive numbers of dated assets, but most lack the proper expertise and infrastructure to do so in a secure fashion.\nHow they solve it: ioTium\u2019s IIoT network infrastructure software helps organizations securely connect millions of industrial assets to cloud-based applications. Delivered as a managed service,\u00a0ioTium\u2019s software collects data from legacy mission-critical brownfield machines and sends it to greenfield applications residing in public, private and hybrid clouds.\nioTium has a three-pronged approach to security \u2013 protecting the asset, securing the data and isolating every data stream within the backhaul infrastructure. ioTium first automatically discovers devices and establishes a secure perimeter around the industrial environment and then provides secure connectivity to cloud apps.\nioTium\u2019s IoT network\u00a0isolates IT and OT networks and data, preventing IT traffic from touching OT traffic\u00a0and thus eliminating the possibility of backdoor threats. Further, ioTium isolates data streams from different\u00a0subsystems,\u00a0preventing a compromise on one subsystem from affecting any other subsystem.\nCompetitors include: Check Point, Symantec, Indegy, Armis, Sentryo and NanoLock\nCustomers include: CBRE, Kilroy Realty, Rexnord, Siemens, SPIRE Realty and Emerson\nWhy they\u2019re a hot startup to watch: Delivering IIoT security as a managed service is a smart move, considering the lack of IT and cybersecurity resources in this fast-growing market. ioTium argues that the industrial side of the IoT explosion is still an untapped market. The company has $22 million in funding to target that market, a long list of named customers within it, and the startup\u2019s CEO previously led two successful exits (he co-founded Vyyo and led it to an IPO, and he led Hellosoft\u2019s VOIP business when it was acquired by Imagination Technologies).\nNanoLock Security\nWhat they do: Provide a cloud-based IoT management and security platform\nYear founded: 2016\nFunding: $9 million\nHeadquarters: Nitzanei Oz, Israel\nCEO: Eran Fine, who founded and served as CEO for OREE, which was acquired by Juganu Systems\nProblem they solve: As the IoT expands, it is becoming deeply integrated into critical infrastructure and industrial processes, which tend to lack even basic security. Edge devices and their networks require a mechanism for secure updates and bug fixes, and without a way to closely manage them outside of the CPU or operating system, the devices become unreliable and cannot be trusted.\u00a0How they solve it: NanoLock protects IoT environments through a cloud-to-flash protection approach that configures IoT devices for secure updates and device management. NanoLock creates a secure channel between the cloud and the flash memory in the edge device regardless of the status of the network, the status of the processor or the software version installed in the flash.\nNanoLock creates a virtual gatekeeper in the secured flash that blocks write operations to protected memory blocks, making it impossible for attackers to alter the firmware with malicious code, even in cases where the attacker gains full control of the host OS.\nCompetitors include: Arm, Intel, ioTium, Edgeworx, Armis, Particle and SentryoCustomers include: Thales\nWhy they\u2019re a hot startup to watch: NanoLock\u2019s senior leadership team has a mix of industry (Microsoft, Qualcomm, GM) and security (IDF and the Israeli Secret Service) experience. Its CEO co-founded and served as President for Oree, later sold to Juganu Systems. Roughly half of the startup\u2019s VC backing comes from the Awz HLS Investment Fund, an Israeli venture capital fund focused on homeland security technology, and the startup has locked down an impressive on-the-record customer in Thales.\nWhile retrofitting IoT devices with flash is labor-intensive, NanoLock\u2019s approach provides IoT owners with a safe and easy-to-understand method for securing, managing and updating constrained devices.\u00a0\nParticle\nWhat they do: Provide an IoT management and security platform\nYear founded: 2012\nFunding: $35.8 million\nHeadquarters: San Francisco, Calif.\nCEO: Zach Supalla, a former management consultant with McKinsey & Company, advising Fortune 500 companies on strategy, operations and product development.\nProblem they solve: Delivering IoT projects on time is difficult due to the complexity of IoT systems, network availability, and the lack of standards, especially when it comes to security. Even the most tech-savvy businesses are having a hard time mitigating risks as they chase new opportunities.\nHow they solve it: The Particle IoT platform adds connectivity, security and device management features to constrained devices. To internet-enable a device, Particle provides a hardware development kit that allows you to choose the right network option (Wi-Fi, cellular, Bluetooth, and\/or mesh) for your use case.\nRather than\u00a0building your own networking stack, you can use Particle\u2019s hardware and proprietary embedded OS, called Device OS, to connect to the cloud. Communication protocols, encryption, monitoring and device management features are built in. If the device requires a cellular connection, Particle provides SIM cards with data plans included.\nDevice OS also connects to Particle\u2019s Device Cloud, which is used to manage enterprise-scale fleets of devices. Device Cloud logs events, enables you to segment groups of devices, and gives you the ability to control and monitor devices individually or in groups.\nCompetitors include: Ayla, Electric Imp, Sierra Wireless and TelitCustomers include: Keurig, NASA, SpaceX, Jacuzzi, MIT and Stanford University\nWhy they\u2019re a hot startup to watch: After starting the project on Kickstarter, CEO Zach Supalla pushed Particle to the next level, locking down nearly $36M in VC funding. The startup claims to have roster of more than 8,500 customers, including half of the Fortune 500. Particle\u2019s named customers lend credence to this claim.\nReFirm Labs\nWhat they do: Provide IoT security\nYear founded: 2017\nFunding: $2.75 million\nHeadquarters: Fulton, Md.\nCEO: Derick Naef, previously VP\/GM of the mobility solutions business at Acronis\nProblem they solve: Insecure firmware is a major risk for any enterprise with IoT deployments.\nMitigating supply-chain risks in IoT firmware is more than a business risk, as well as a national security threat.\nHow they solve it: ReFirm Labs\u2019 flagship security product, called Centrifuge, vets, validates and monitors firmware security. Rather than forcing you to download source code, deploy agents or rely on specialized SKDs, Centrifuge is accessed through an API that integrates into the security and monitoring tools you\u2019re already using.\nTo vet firmware, Centrifuge decompiles a single copy of the firmware in the cloud to look for known vulnerabilities, hardcoded accounts\/passwords, embedded cryptographic material and potential zero-day threats.\nThe Centrifuge Platform includes an enterprise dashboard that provides detailed and actionable reporting. Once firmware images are uploaded, Centrifuge Guardian continuously monitors them for new threats. Alerts are prioritized by severity.\nCompetitors include: Veracode, Fortify, Synopsys, Eclypsium, Red Balloon, RunSafe Security and Finite State\nCustomers include: AT&T, Charter Communications, Arris, Altibox, Canadian Nuclear Laboratories and Deloitte\nWhy they\u2019re a hot startup to watch: The only way to mitigate the massive risk to IoT is through simple security solutions that are plug-and-play or close to it. ReFirm Labs\u2019 approach of offering IoT security as an adjunct to tools you\u2019re already using is a smart one.\nThe leadership team has a solid track record, as well. CEO Naef was a co-founder\/CTO of GroupLogic, which was sold to Acronis. Chairman Terry Dunlap and CTO Peter Eacmen were both analysts at the NSA and later co-founders of Tactical Network Solutions.\nReFirm Labs has a solid roster of named customers.\nRunSafe Security\nWhat they do: Provide security for embedded systems and devices that underpin critical infrastructure\nYear founded: 2015\nFunding: $2.4 million in seed funding\nHeadquarters: McLean, Va.\nCEO: Joe Saunders, who advises and has invested in security and risk-management companies, including Kaprica Security and TARGUSinfo.\nProblem they solve: The IoT makes it easier for attackers to find vulnerabilities, and those vulnerabilities (in oil refineries, flood control systems, nuclear power plants, medical devices, etc.) open up previously isolated environments to cyber-attacks.\nHow they solve it: RunSaf\u2019s Alkemist software blocks zero-day attacks and closes IoT vulnerabilities by hardening software binaries so malware cannot execute. Alkemist uses remotely deployable runtime application self-protection (RASP) methods \u2013 including Basic Block Randomization, Control Flow Integrity and Stack Frame Randomization \u2013 to reduce attack vectors. \u00a0\nThese methods reduce cyber-risks by preventing exploits from spreading across networks. Alkemist leaves each system functionally identical, but logically unique and requires no source code or compiler access. It can be applied to either new builds or systems already in the field.\nAlkemist, previously called Software Guardian, started out as a research project for the Advanced Research Projects Agency of the Department of Defense.\nCompetitors include: Argus, Karamba, Polyverse, Red Balloon, ReFirm Labs and Virsec\nCustomers include: Etas Bosch, Vertiv and the U.S. Department of Defense\nWhy they\u2019re a hot startup to watch: RunSafe is shipping its commercial product and attracting named customers. Its concept of cyber-hardening IoT systems to reduce vulnerabilities can protect risky systems already in the field. Moreover, Alkimet, which began as an ARPA project, is still being used by the DoD.\nSCADAfence\nWhat they do: Provide IoT security\nYear founded: 2014\nFunding: $10 million\nHeadquarters: Tel Aviv, Israel\nCEO: Elad Ben Meir, who previously served as VP of strategic accounts and business for CyberInt\nProblem they solve: Industrial trends are pushing a variety of devices online that worsen the degree of risks operators face because they\u2019re no longer in isolated environments and expose them to different kinds of risks, as well.\nIn the past, operators trusted basic protections such as network segmentation, isolation and air-gapping. But due to the increasing connectivity between OT, IT, cellular and other networks, these protections are less effective. Moreover, relying on IT-oriented security tools does not protect against OT-specific attack vectors.\nHow they solve it: The SCADAfence platform is an industrial-network monitoring system that provides cybersecurity and visibility for OT networks, such as ICS and SCADA networks.\nDesigned to protect complex, large-scale OT networks as operators pursue digital transformation, the SCADAfence platform first conducts an OT networks asset discovery sweep and creates an inventory.\nIt then establishes a baseline for the intended behavior of each device and continues to monitor it, reporting any anomalies. By employing algorithms, machine learning and AI, it detects anomalies and security events that can affect availability and the safety and reliability of the OT network and its assets. The platform also provides risk management and threat detection, notifying critical personnel when something is wrong.\nCompetitors include: Claroty, CyberX, Nozomi, Security Matters and Check PointCustomers include: Mitsui\nWhy they\u2019re a hot startup to watch: SCADAfence has raised enough VC funding to develop an IIoT security platform that\u2019s attracted an impressive on-the-record customer in Mitsui, which intends to use it to help accelerate its smart-city initiatives, relying on SCADAfence to secure its critical facilities and building management systems (BMS).\nThe senior leadership team has experience with both cyber- and national security. CEO Elad Ben-Meir\u00a0previously served as VP of Strategic Accounts and Business Development for Cyberint. CTO Ofer Shaked previously served as a project lead for Integrity Project, which was acquired by Mellanox, and VP of Business Development Yoni Shohet was both a project manager and security team lead for the IDF. Shaked and other senior leaders also came up through the IDF.