Riot Raises $30 Million in Series B Funding to Expand Employee Security Posture Management

French Startup Sees $10 Million in Annual Revenue in 2024

French startup Riot has secured a $30 million Series B round of funding, following a successful year of reaching $10 million in annual revenue in 2024. The company, which initially focused on educating employees about cybersecurity risks, is now expanding its offerings to help employees minimize their attack surface.

Leading Investors Back Riot’s Growth

Left Lane Capital is leading the Series B round, with existing investors Y Combinator, Base10, and FundersClub participating once again. The funding round has resulted in a post-money valuation of over $170 million for Riot.

From Phishing Campaigns to Employee Security Posture Management

Riot originally started with fake phishing campaigns to educate employees about cybersecurity risks. Employees receive emails that appear to be legitimate, but are designed to trick them into clicking on links and entering personal information. Over time, the company added educational content, including a friendly security chatbot called Albert, which can be accessed on Slack and Microsoft Teams.

Success with Current Strategy

Riot’s current strategy has been successful, with the company interacting with one million employees across 1,500 companies. Clients include L’Occitane, Deel, Intercom, and Le Monde. In contrast, just a couple of years ago, Riot worked with only 100,000 employees.

Growing Concerns about Cybersecurity

Despite Riot’s success, cyber incidents are still on the rise, with widespread consequences. A recent example is the Change Healthcare data breach, which is affecting 190 million Americans and started with compromised credentials on a consumer service. An employee reused the same password for their personal account and Change Healthcare’s Citrix portal, without multifactor authentication.

Expanding Beyond Education

Riot wants to grow beyond educating employees and instead focus on helping them minimize their attack surface. "Our job is to look at employees’ posture," said Riot founder and CEO Benjamin Netter. "Do they activate multifactor authentication? Do they have a secure code on their smartphone? Are their privacy settings on LinkedIn not too permissive?"

Introducing Employee Security Posture Management

Riot is introducing an Employee Security Posture Management platform, which will become a central cockpit to manage security at the employee level. While there are many Posture Management solutions, Riot believes employees have been neglected for too long.

The Future of Employee Security

Riot’s platform will automatically analyze employees’ security and provide a score, known as a karma score, which will indicate their posture. The company will then nudge employees to change settings and activate multifactor authentication. This is expected to be an interesting challenge for Riot, as employee security also depends on their cyber hygiene on personal devices and services.

Gamification and Consumer-Grade Features

Riot’s new security product will look more like a consumer product, with nice animations and gamification features to incentivize employees to improve their security posture. "It’s the little things you can do that will take you a minute or two, and that will basically make life difficult for hackers," said Netter.

Long-Term Vision

Riot’s long-term vision is to build an employee security company and provide all the tools in the employee security stack. This could include products like antivirus software or password managers. With the new funding, the company plans to open new offices in other countries and grow its client base to develop more sophisticated products.