Small and medium businesses that work in areas like defence and critical infrastructure have become a key target for cybercriminals. They typically do not have the same level of products or protection as larger organisations, yet once one is breached, this is not only bad for the SMB itself, but it can become a conduit for targeting the wider supply chains in which it sits. A US startup called RADICL has built a platform aimed at SMBS in very situation — a virtual security operations centre (vSOC) that provides threat detection, response, compliance data and more. This week RADICL announced $31 million in new funding to scale it.
Paladin Capital Group led the Series A round, with Access Venture Partners, Denver Ventures, and Cervin Ventures participating. The Colorado-based startup said the funding will be used to accelerate development of its AI-based vSOC platform and expand market adoption of its security-as-a-service.
RADICL previously raised $12 million in November 2023, a round that also included Paladin.
RADICL positions itself as a cybersecurity-as-a-service provider focused on smaller organisations supporting the US Defence Industrial Base and other regulated sectors. These smaller companies are facing an increasing number of nation-state-level cyber threats, but they often lack the resources to operate the traditional security operations centres that would be set up for detecting and fighting those threats. Even for larger enterprises, those SOCs are becoming ever-more sophisticated, and thus costly to set up and run, because of adversaries’ advancing skills. RADICL takes that on board with its own approach: the startup has baked automation and AI into its platform and says automation is becoming essential as adversaries adopt AI-assisted attack techniques that outpace conventional defence models.
Mourad Yesayan, managing director of Paladin Capital Group, said that since its initial investment in 2023, the company’s revenues have increased over sevenfold year-over-year with adoption accelerating, too. (Neither he nor the company provided specific figures for revenue or customer numbers. We have also asked about the valuation and will update this if we learn more.)
“This round reflects our decision to double down on that momentum and empower the team to continue its work to provide an option for SMBs to meet the challenges of today’s adversarial AI threat landscape,” he said. “We share the belief that these businesses are critical parts of the global economy and deserve security solutions that match the threat environment.”
The company’s vSOC is built around what it calls a “service as software” model. It has built automated monitoring tools but combines these with human analysts and managed service provider support so that customers can handle compliance and incident response through one platform.
With the needs and sometimes budgetary limitations that SMBs might have, the startup has taken a modular approach: organisations can begin with regulatory compliance or targeted infrastructure protection, for example, before expanding to broader defensive coverage.
Chris Petersen, co-founder and chief executive of RADICL, said smaller suppliers have historically struggled to access advanced security capabilities.
“SMBs have historically been left behind when it comes to robust security operations and defense-in-depth. They simply cannot afford best-in-class technology nor talent and have gone without or adopted lower-quality options,” he said.
Petersen added that emerging AI-driven attack activity is widening the threat landscape for smaller organisations and making automated defensive tooling increasingly necessary.
“An AI-enabled threat tsunami is on the horizon for SMBs as AI accelerates threat actors and widens their target aperture,” he warned.
The deal highlights growing investor attention on security platforms for smaller suppliers and subcontractors, long viewed as softer targets for reaching defence and infrastructure networks.
As governments tighten supply-chain cyber requirements and adversaries increase pressure on smaller partners, vendors positioning automated SOC capabilities as managed services are increasingly being viewed as a way to raise baseline resilience without requiring organisations to build in-house cyber teams.
