London, 15 January 2026 - Cyb3r Operations, a London-based cybersecurity startup, has raised $5.4m (£4m) to give organisations continuous visibility into third-party cyber risk. The round was led by Octopus Ventures, with follow-on investment from Pi Labs, bringing total funding to $6.75m (£5m).

More than a third of major cyber incidents now involve third parties, yet most organisations still rely on annual questionnaires, spreadsheets, and static audits to manage these risks, approaches that are outdated the moment they're completed. As companies rely on growing networks of SaaS tools, cloud services, AI applications, and suppliers, cyber risk increasingly sits outside their direct control, and yet most security teams are still using the same old playbook.

Cyb3r Operations was founded to replace these fragmented, manual processes with continuous, automated oversight integrated across an organisation's tech stack. They now partner with some of the largest organisations in the world to identify and monitor third-party cyber risks across their supply chains in real time.

Rather than producing abstract risk scores like letter grades or numbers out of 100 that give teams little actionable guidance, Cyb3r Operations shows which external relationships matter most, how risk is evolving, where security teams should act first, and the impact on your organisational resilience. The platform surfaces critical vulnerabilities across third-party ecosystems, undisclosed sanctions risks, shadow IT, fourth-party exposures, and supply-chain weaknesses that traditional point-in-time assessments miss entirely.

The funding will be used to scale the platform, deepen its threat intelligence capabilities, and support more organisations managing third-party and supply-chain cyber risk.

‍Vincent Cook, Founder and CEO of Cyb3r Operations, said:

‍“One of the biggest problems in cybersecurity today isn't just how advanced threat actors are getting. It's that we're stumbling over our own processes. Organisations lack basic visibility into where risk actually sits."

Exporting vendor lists from CRM or procurement systems and manually uploading them into another siloed tool is no longer good enough. Most organisations have developed an allergic reaction to third-party risk management because the market is full of meaningless risk scores and static assessments that don't reflect how companies actually work.

"Real risk sits in relationships, dependencies, employee exposure, and how those things change over time. Our mission is to enable organisations the ability to continuously detect, assess, and respond to threats in order to stay ahead."

Constanza Diaz, Investor at Octopus Ventures, added:

‍“We invested in Cyb3r Operations because they’re tackling a critical blind spot in cybersecurity: the growing gap between perceived third-party risk and real exposure. As organisations scale their digital ecosystems, risk now flows through suppliers, SaaS tools and hidden dependencies, but most teams are still operating reactively. Cyb3r Operations delivers continuous, contextual visibility across the tech stack, making third-party risk genuinely actionable.”