Shift5 Raises $50M in Series B Round to secure operational technology in critical transportation and weapon systems

Shift5 is a cybersecurity company specializing in protecting significant national security systems in the United States. The CEO of Shift5, Josh Lospinoso, recently joined Railway Age Editor-in-Chief William Vantuono and others for a cybersecurity webinar.

The webinar is available here, and runs about an hour.

Shift5, the OT cybersecurity company that defends military platforms and critical transportation systems from cyberattacks, announced that it has raised $50 million in a Series B round to protect against increasing cyber-physical threats against planes, trains, and weapon systems. The round was led by New York-based global private equity and venture capital firm Insight Partners. The fundraiser highlights Shift5’s exponential growth and momentum, including eight-figure ARR in the first year of product sales, multiple seven-figure deals in 2021, and a 200% increase in employee headcount. Armed with new capital, Shift5 will make significant investments in product development and new talent across all teams to keep pace with demand across transportation and national defense industries.

Defending Undersecured OT

Rail operators, airlines, and militaries rely on operational technology (OT) to power their fleets. These on-board systems are teeming with digital components that were developed before the advent of modern cybersecurity solutions, and were once believed to be completely isolated. Yet today, rail, aviation, and defense assets have become increasingly connected to outward-facing networks, making them significantly more vulnerable. OT cybersecurity failures on these systems can jeopardize business and mission operations, create safety risks for operators, personnel, and passengers, and incur millions of dollars in downtime losses, remediation, and ransom payments. Gartner has validated the risk posed by OT cybersecurity incidents, predicting cyber attackers will weaponize OT to create physical harm by 2025. 

Shift5 protects the undersecured OT layer of transportation and weapon systems, providing aviation, rail and metro, and military defenders complete visibility into their OT networks. For the first time in history, operators can begin to apply cybersecurity best practices to the operation of these critical systems, dramatically reducing their cyber risk. Shift5 allows operators to gain visibility, detect threats, and maintain resilience of OT systems as cyber-physical attacks become an increasingly likely and attractive strategy for digital attackers. 

“Evolution in cybersecurity technology has historically occurred alongside innovation in the threat landscape: we’re seeing attacks now beyond the traditional network and endpoint vectors to other parts of the landscape like IoT, medical devices and operational technology that have grave consequences when disrupted,” said Joe Lea, President, Shift5. “This cat and mouse game is bleeding into critical infrastructure, and defenders must extend their purview to encompass operational technology. If the past year has proven anything, it’s that the leading defenders in rail, aviation, and national defense see the prescient risks and are mobilizing to get ahead of costly damages. We look forward to partnering with Insight Partners as we continue to grow and defend.”

“Shift5 is addressing a critical visibility gap into operational technologies onboard military and commercial fleet assets. Shift5’s experienced founding team with deep national and cybersecurity experience, plus early success, makes the company a standout in the industry,” said Nick Sinai, Senior Advisor at Insight Partners. “We’re excited to work with Shift5 as it fills a crucial space in defending national infrastructure. Nick will join Shift5’s board.

“Malicious adversaries target poorly protected technology with high operational impact. This cold calculus leads them directly to under-secured cyber-physical systems like transportation and weapon systems, where safety and availability are of utmost importance,” said Josh Lospinoso, CEO and co-founder, Shift5. “We’re at a really unique moment in time where we’re witnessing defenders of legacy systems adopt crucial cybersecurity best practices. Our work with transportation operators and military commanders gives them the ability to see into and proactively defend the assets they rely on most heavily.” 

The Transportation Systems Sector-Specific Plan from the U.S. Department of Homeland Security highlights the elevated risk in transportation due to the aging infrastructure used across the industry. In cases where transportation entities have adopted new technology, it has generally been with the goal of increasing efficiency, rather than protecting against cyber threats. According to Cybertalk.org, the transportation industry witnessed a 186% increase in weekly attacks from 2020 to 20121, while cyberattacks on maritime OT have increased by 900% since 2017. Recent incidents, like the attack against the New York Metropolitan Transportation Authority and Class I freight railroad CSX, demonstrate potential repercussions if left unprotected. 

Tremendous Demand for Shift5

Defending OT is a national security imperative and a top priority for the U.S. government, as demonstrated by 2021 advisories from the TSA and CISA. Against this backdrop, demand for Shift5’s OT cybersecurity solutions has grown at a rapid clip. This funding round follows Shift5’s $20 million Series A and a contract with the United States Special Operations Command in October, 2021. Shift5 was recently named a 2021 Tech 100 Honoree by Northern Virginia Technology Council (NVTC), the trade association representing the national capital region’s technology community. To learn more about how the company is scaling exponentially to secure the world’s transportation and weapon systems from cyberattack, please visit https://shift5.io.