Israeli startup Claroty, which provides security technology for hospitals, manufacturing, and industrial control systems, has raised a $150 million Series F round at a $3 billion valuation, according to sources. The funding comes as industrial and healthcare sectors face increasing cyber threats targeting operational technology (OT) and connected medical devices.
Industrial cybersecurity firm Claroty has secured $150 million in a Series F funding round, with sources indicating the round values the Israeli startup at approximately $3 billion. The investment, first reported by CTech's Meir Orbach, brings the company's total funding to over $600 million since its founding in 2015.
What's Claimed
Claroty's platform is designed to secure operational technology (OT) networks across healthcare, manufacturing, and critical infrastructure sectors. The company's technology monitors industrial control systems (ICS), medical devices, and building management systems, identifying vulnerabilities and threats that traditional IT security tools often miss. Claroty's approach includes asset discovery, network segmentation, and continuous monitoring for anomalies in industrial protocols like Modbus, DNP3, and BACnet.
What's Actually New
This funding round arrives during a period of heightened focus on OT security. The industrial sector has seen a 300% increase in ransomware attacks targeting OT environments since 2020, according to IBM's 2024 X-Force Threat Intelligence Index. Healthcare has been particularly vulnerable, with the 2021 attack on Ireland's Health Service Executive demonstrating how medical device networks can be compromised.
Claroty's growth reflects a broader market shift. The company claims over 2,000 customers globally, including major manufacturers, hospital networks, and utilities. Its recent product expansions include:
- Claroty xDome: A cloud-native platform launched in 2023 that integrates asset discovery, exposure management, and threat detection
- Medigate integration: Following its 2021 acquisition of medical device security specialist Medigate, Claroty has deepened its healthcare focus
- Continuous Threat Detection (CTD): Real-time monitoring for OT network anomalies
The Series F round follows a $100 million Series E in 2021, which valued the company at $1.3 billion. The 2.3x valuation increase suggests investor confidence despite broader tech funding challenges.
Limitations and Challenges
Despite growth, Claroty faces significant hurdles in a fragmented market:
- Market fragmentation: The OT security space includes competitors like Nozomi Networks, Dragos, Fortinet, and Palo Alto Networks, each with different approaches to industrial cybersecurity
- Legacy system complexity: Many industrial environments run decades-old equipment with limited security capabilities, making comprehensive monitoring difficult
- Regulatory pressure: While regulations like NIS2 in Europe and CISA directives in the US create demand, they also increase compliance complexity
- Integration challenges: Customers often need to integrate Claroty's platform with existing IT security tools and legacy OT systems, which can require extensive customization
Technical Approach
Claroty's technology operates on several layers:
Asset Discovery: Uses passive network monitoring to identify connected devices without disrupting operations. This is critical in environments where active scanning can cause production downtime or safety issues.
Protocol Analysis: The platform decodes industrial protocols to understand normal communication patterns. For example, in a manufacturing plant, it might detect if a programmable logic controller (PLC) suddenly receives commands outside its typical operational parameters.
Risk Scoring: Assigns risk scores to devices based on factors like network position, known vulnerabilities, and operational criticality. A medical infusion pump on a hospital network would receive different risk weighting than a temperature sensor in a warehouse.
Integration Ecosystem: Claroty integrates with SIEM platforms like Splunk and IBM QRadar, as well as industrial systems from vendors like Siemens, Rockwell Automation, and GE.
Industry Context
The funding comes amid broader consolidation in the OT security market. In 2023, Fortinet acquired OT security firm NextDLP for $350 million, while Tenable purchased Ermetic for $265 million to expand its cloud and OT security capabilities.
Claroty's valuation also reflects investor appetite for cybersecurity companies with recurring revenue models. The company operates on a subscription-based model, which provides predictable revenue streams attractive to investors during economic uncertainty.
Practical Applications
Claroty's technology is deployed in scenarios including:
Hospital networks: Monitoring connected medical devices like MRI machines, patient monitors, and infusion pumps. In one documented case, a hospital using Claroty identified an unauthorized device attempting to connect to its network, which turned out to be a contractor's personal laptop.
Manufacturing plants: Securing production lines where downtime can cost thousands of dollars per hour. A European automotive manufacturer reported reducing incident response time from days to hours after implementing Claroty's monitoring.
Critical infrastructure: Water treatment facilities and power plants use Claroty to segment OT networks and monitor for anomalous behavior that could indicate compromise.
What Comes Next
With this funding, Claroty is likely to expand in several areas:
- Geographic expansion: Particularly in Asia-Pacific markets where industrial digitization is accelerating
- Product development: Enhanced AI/ML capabilities for anomaly detection, though the company has been relatively conservative about marketing "AI-powered" features
- Partnerships: Deeper integrations with cloud providers (AWS, Azure) and major OT vendors
- Potential acquisitions: The company has previously acquired Medigate and industrial IoT firm Medit in 2022, suggesting a strategy of strategic acquisitions
Investor Perspective
The round reportedly includes participation from existing investors including Battery Ventures, Bessemer Venture Partners, and Temasek. The involvement of strategic investors from the industrial and healthcare sectors could provide Claroty with valuable market access and technical partnerships.
The $3 billion valuation, while substantial, appears grounded in the company's revenue growth rather than speculative AI hype. Claroty reportedly reached $100 million in annual recurring revenue (ARR) in 2023, putting it at a 30x revenue multiple—high but not unprecedented for a growing cybersecurity company in a critical niche.
The Bottom Line
Claroty's funding reflects the growing recognition that industrial and healthcare cybersecurity requires specialized approaches beyond traditional IT security. While the company faces stiff competition and technical challenges in securing legacy systems, its focus on OT and medical devices positions it well in a market where the consequences of failure extend beyond data loss to potential physical harm or operational disruption.
For practitioners, Claroty's growth signals that industrial cybersecurity is moving from a niche concern to a mainstream priority. The company's success will depend on its ability to deliver measurable risk reduction in complex, heterogeneous environments where security cannot come at the expense of operational reliability.
Related Resources:
Comments
Please log in or register to join the discussion