Dutch cybersecurity startup bags €36M amid spike in online attacks

Dutch startup Eye Security has raised €36mn as it looks to defend European businesses from cyber criminals. 

Founded in 2020 by a group of Dutch intelligence and security experts, the Hague-based outfit provides cyber protection, incident response, and cyber insurance services to small-to-medium sized companies. 

The funding round, which brings Eye Security’s total amount raised so far to €57.5mn, was led by JPMorgan, the private investment arm of American financial giant JPMorgan Chase.

Eye Security plans to use the cash to consolidate its presence in the Netherlands, Germany, and Belgium. It also aims to expand into other European nations.

Key to its strategy is focusing on protecting smaller firms, which, it says, represent around 50% of all cybersecurity attacks but are the most vulnerable to their effects. Most don’t have the budget for an in-house cybersecurity team. 

“We’ve developed a scalable platform that not only strengthens a business’s defences against cyber threats but also quickly delivers insurance coverage,” said Job Kuijpers, the startup’s CEO, who was previously the director of the National Communications Security Agency for the Dutch intelligence service.  

Cybercrime scourge

Ransomware attacks (where cybercriminals hold someone’s data hostage until the victim pays for it back) saw a significant increase last year, according to data from the European Digital SME Alliance. For instance, last May saw 575 attacks in Europe, more than double the 223 recorded a year earlier.

The most prolific of these attackers was LockBit, an infamous Russian ransomware gang that was disrupted last month. Around 60% of small companies that are hacked by groups like these go out of business within six months, said Eye Security. 

Spikes in cybercrime have pushed EU regulators to take action. Europe’s Network and Information Security Directive (NISD) was updated last year, including more stringent reporting requirements for companies. From October 17, 2024, businesses who don’t report a hack risk a fine of up to €10mn or 2% of their annual revenue. 

The rule changes are leaving businesses scrambling to get their affairs in order. This, naturally, is good news for Eye Security. 

“We felt very strongly that companies deserved better. We also realised that there are not enough security specialists to help every company in Europe. We needed a radically different approach,” the company said on LinkedIn on Monday.