IriusRisk, the industry-leading platform for automated threat modeling, grew by more than 50% in 2023, in large part as a result of the company’s expansion into Artificial Intelligence (AI).
The company reported a 51% Annual Recurring Revenue (ARR) growth from December 2022 to December 2023, driven by strategic moves into AI as well as impressive customer retention and expansion rates.
The expansion into AI is part of the company’s wider plans to power the development of advanced AI-driven threat modeling solutions, transforming how the company can help its customers design secure software and systems.
In particular, IriusRisk’s ability to threat model machine learning and AI systems as well as embedding Gen AI into its own product has enabled the company to solve one of the key points of friction with threat modeling – the time it takes for data flow diagrams to be drawn.
The implications of the rapid development of AI on cyber security is a significant cause for concern. Earlier this year, the National Cyber Security Centre (NCSC, part of GCHQ) warned that new AI tools will lead to an increase in cyberattacks and lower the barrier of entry for less sophisticated hackers to do digital harm.
As such, the appointments of a new Head of AI – Jose Lopez – in February, alongside Chief Commercial Strategy Officer Mark Watson last August, were particularly well timed and both have strengthened the company’s growth capabilities.
In October, IriusRisk also published its AI & ML Security Library, which allows organisations to model their planned ML software, and quickly understand what the security risks are, as well as understand what they need to do to mitigate each of those risks before they build AI systems. This security-by-design approach means that engineering teams can quickly understand what the security requirements for building an AI system that meets their organisations security and data privacy policies.
Other highlights from 2023 included:
- Strong customer retention and expansion rates – In 2023, 55% of existing customers expanded their engagements with IriusRisk, highlighting the company’s ability to deliver tangible value and foster long-term partnerships.
- Increased headcount – By December 2023, the IriusRisk team had expanded to 161 members, a notable 34% increase on December 2022.
- A diverse and inclusive culture – IriusRisk employs three times more women than the average for tech companies. It scored 83% for employee engagement via the Employee Net Promoter Score (ENPS), 12% higher than the industry average.
- Expansion of Threat Modeling Connect – Since its launch in November 2022, IriusRisk’s Threat Modeling Connect platform – a global community to facilitate collaboration and sharing between threat modeling practitioners – has reached 1,500 members.
Overall, threat modeling as an activity – for SaaS and the free to use Community Edition – is on the rise, with more clients meaning more businesses using it as a tool for cyber defence. Last year, the IriusRisk platform saw a two thirds (67%) increase in the number of active users, while the number of threat models created increased by more than a third (35%).
Stephen de Vries, CEO of IriusRisk, commented: “It’s been another strong year of growth for IriusRisk. I’m particularly pleased with the enhancements made to our AI capabilities – by doing so, we have strengthened IriusRisk’s capacity to deliver cutting-edge security solutions for our clients which adapt to the continuously evolving cyber challenge.
“Our expansion into AI, coupled with several strategic hires,underscores our commitment to staying ahead of technological advancements, bolstering defences against emerging cyber threats.”
About IriusRisk
IriusRisk is the industry leader in automated threat modeling and secure software design, working with clients that include four of the top 10 Globally Systemically Important Banks (G-SIBs).
Every sector of the global economy is being transformed by software, yet vulnerabilities are too often exposed by increasingly sophisticated cyber-attacks. By identifying security flaws in software architecture at the design phase, threat modeling makes it possible to fix issues before code is written.
IriusRisk’s platform automates the threat modeling process, enabling developers to design and build secure software. At scale.
