Arlington, VA-based OT security firm Shift5 has raised an additional $33 million in its Series B financing. $50 million was announced in February 2022. The total venture funding now stands at $108 million.
Shift5 brings cybersecurity to the operational technology (OT) within fleet vehicles: planes and boats and trains – and military vehicles and weapon systems. Its customers go beyond the military, but founders Josh Lospinoso (CEO) and Michael Weigand (CGO) both have a background in US Army cyber operations.
This, together with the Ukraine conflict and geopolitical tensions rising worldwide, has led to the DoD being a major customer, and perhaps partly explains the involvement of Booz Allen Ventures in the funding round. It is the venture firm’s first investment aligned with Booz Allen Hamilton’s National Cyber strategy.
“Since inception, we’ve worked with the DoD and we continue to make progress in working across different US military branches and combatant commands,” Lospinoso told SecurityWeek. “We work with the US Army, Navy, Air Force, Space Force, and Special Operations Command, and expect to further grow in the next year. Our work with Booz Allen will absolutely help us to accelerate our support of the warfighter across the DoD.”
Cybersecurity is central to Shift5’s solution offerings, but perhaps its USP is the ability to gather OT communications data in real time within a vehicle in motion. Shift5 calls this capability, ‘observability’.
“If you look into the fuselage of a modern aircraft or inside a combat vehicle you’re going to be greeted by dozens and dozens of tiny little computers doing everything from controlling the engine to moving the turret and operating all of the hydraulic lifts,” says Lospinoso.
These tiny computers all work together. “Aircraft, locomotives and rolling stock, military vehicles, and weapon systems are supercomputers – they create massive volumes of data via serial buses that enable different systems and components to communicate,” he continues. Those communications can indicate the operational veracity of the vehicle – and can indicate a problem that could be a mechanical fault or a cyber intrusion.
They are continuous but ephemeral, and can easily be missed. If they’re not captured, it is almost impossible to triage a problem, understand the root cause, and ultimately make the correct remediation for a vehicle in motion. “With observability,” he continues, “not only do you gain more accurate and timely security insights, but you also unlock the ability to detect anomalous behavior that may have simply resulted from a faulty part—to the point that you can actually start to look at leading indicators of failure and employ predictive maintenance measures to predict and prevent failures before they happen.”
In pure cybersecurity terms, Shift5’s observability of all IoT device communications provides the visibility that CISOs often lack. “Observability is about getting the most detailed, up-to-date, and accurate representation of exactly what’s going on with the OT asset in question at any given time, and using that information to make decisions and take corrective action as needed,” explains Lospinoso.
“One of the things that makes observability as novel as it is impactful is the ability to take the appropriate actions in real time. With observability, we can dig into questions like: does this data show activity from a malicious actor? When did that happen? At what speed was the vehicle traveling; what altitude? Where was the vehicle – in a contested environment or US territory? These details paint a vivid, actionable picture that a rail, aviation, or DoD security team can use to triage a cyber threat, and that the CISO can use to better inform their security strategy.”
Shift5’s ‘observability’ serves the dual purpose of cybersecurity visibility (“and we will continue to innovate our novel cyber solutions for OT in the future,” says Lospinoso); and monitoring the physical health and performance of the mechanics. “There are other uses for onboard data by different teams on the operational side of the business, so we are working with customers to help them use onboard data to unlock operational efficiencies as well.”
Learn About OT Security at SecurityWeek’s ICS Cyber Security Conference
The leading global conference series for Operations, Control Systems and OT/IT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.
October 23-26, 2023 | Atlanta