Resources

Why we invested in Cyb3r Operations – bringing real context to supply chain risk 

Reading Time: 3 mins
23 Feb 2026
By Constanza Diaz

“Wow that product is awesome.” 

When you ask an experienced Chief Information Security Officer (CISO) to review the product of one of your recent investments and this is the feedback, you know you are onto something special.  

The superiority of the product is one of the reasons we invested in Cyb3r Operations – but equally important, we invested because the company is tackling a critical, fast-growing problem for organisations, and it is led by a founder with rare, deep conviction in Vincent Cook. 

If you’re a CISO today, chances are your top concerns will be somewhat linked to “defend against attacks”, “preventing ransomware” or “effectively managing third-party risk”. These are clearly well founded as more than a third of cyber breaches now involve a third-party vendor. And when these attacks happen, the impact can be severe and highly visible. 

When Marks & Spencer (M&S) was hit by a ransomware attack in April 2025, the fallout was immediate. For weeks, customers were unable to place online orders and warehouses struggled to fulfil even basic click-and-collect services. As the incident dominated headlines, M&S’s share price dipped sharply. The financial impact was dramatic: profits in the first half of the year were nearly wiped out, falling by 99% year-on-year – a £300m hit. M&S later confirmed that the attack originated through a third-party provider. 

Incidents like this are no longer anomalies. Today’s attack surface is no longer confined to a company’s own perimeter. It extends across cloud services, SaaS tools, partner integrations and suppliers, many of which are smaller organisations with less mature security controls. Threat actors increasingly target these indirect routes precisely because they are harder to see and easier to exploit. 

Traditional approaches to managing this risk (annual questionnaires, static spreadsheets and point-in-time audits) simply can’t keep up with the scale, speed and interconnectedness of modern environments. The result is a dangerous gap between what organisations think they’re exposed to and the reality. 

Cyb3r Operations has built a platform designed specifically to close this gap, giving organisations true visibility into their external attack surface – not just known suppliers, but also unknown vendors, shadow IT, and legacy connections that traditional approaches routinely miss. By mapping digital supply chains and continuously monitoring them with real-time threat intelligence, the platform surfaces where risk is emerging, why it matters, and what teams should prioritise. 

Rather than overwhelming security teams with static scores or long lists of issues, Cyb3r Operations delivers clear, contextual insights that supports faster, better decision-making. Customers are already uncovering previously invisible risks earlier than ever before and making measurable improvements to their security posture as a result. Against a backdrop of increasingly sophisticated ransomware campaigns and rapidly evolving attacker techniques, this kind of continuous, intelligence-driven insight is not a nice-to-have – it’s becoming foundational.  

At the centre of Cyb3r Operations is Vincent, whose deep background in cybersecurity is evident throughout the product. Vincent also has a remarkably unique story. He left formal education at just 16 to pursue cybersecurity full-time, choosing hands-on experience over the traditional academic path. He is part of a rare group of founders who have built genuine technical depth and strong early traction without university credentials. Over the years, Vincent has led intelligence-driven investigations and delivered specialist training for international partners, including government bodies and security agencies. That decision to commit fully to cybersecurity at such an early age speaks to a level of conviction that has shaped Cyb3r Operations’ distinct edge. 

We invested in Cyb3r Operations because the problem it addresses is both urgent and universal. As organisations continue to expand their use of SaaS tools, introduce AI agents and networks become more complex, the need for continuous, automated oversight of external risk will only intensify.  

We’re excited to support Cyb3r Operations as they scale their platform and help organisations build resilience. In a world where an attack on a supplier can bring an entire business to its knees, tools that bring clarity to the unseen are no longer optional – they’re essential infrastructure.  

If you’re also a solution-obsessed Founder and are aiming to solve a big, hairy problem – drop me a line on [email protected]

See more blogs

Why we Invested in deskbird – powering the future of workplaces
Why We Invested in Altura – The Hidden Engine of Revenue
In praise of builders: Morgan’s story
Why founder growth and company growth are two sides of the same coin
The AI Diaries: week 3
The AI Diaries: week 2
The AI Diaries: week 1
The unique opportunity for community in VC
A fresh approach to ecosystem health
Where we are, now: an investor’s deep dive into the opportunities in AI
‘Strong opinions, weakly held’: How humility, execution and iteration power a world-class sales function
‘Execution is everything.’ Key lessons in growth from Lodgify’s former CEO
Lessons in leadership: Automata’s revolutionary approach to lab work
Why Fintech will thrive in a shifting global environment — and why the UK stands to win
Lessons in fintech scaling