Ordr Secures $40M in Series C Funding Read more here!

Ordr Secures $40 Million in Series C Funding to Answer Increased Demand for Connected Device Security

Santa Clara, CA – June 1, 2022 – Ordr has raised an additional $40 million to meet the growing need for organizations to understand, manage, and secure the growing number of connected devices in their environment, including Internet of Medical Things (IoMT), Internet of Things (IoT), and Operation Technology (OT). The funding round was co-led by Battery Ventures and Ten Eleven Ventures, with participation from new investor Northgate Capital and continuing investors Wing Venture Capital, Unusual Ventures, Kaiser Permanente Ventures, and Mayo Clinic. Other investors in Ordr’s Series C include Silicon Valley entrepreneurs René Bonvanie, former CMO of Palo Alto Networks, Dan Warmenhoven, former Chairman and CEO of NetApp, and Dominic Orr, former Chairman and CEO of Aruba Networks. With this funding, Ordr has raised more than $90 million to date.

Ordr addresses two key enterprise initiatives associated with a growing reliance on and adoption of connected devices: digital transformation and Zero Trust. Each new device connection increases an organization’s attack surface, along with the potential for a breach or ransomware attack. In industries such as healthcare and manufacturing, a cyberattack impacting an IoT device can easily disrupt the entire business or become a life-threatening situation. For organizations to move quickly from “detection” to “response” requires insights into the compromised device, where it’s located, and what policies can be applied.

Ordr offers complete and accurate asset visibility, automates and enforces Zero Trust policies, and accelerates incident response by hours with insights into devices and risks. As a result, Ordr experienced more than 140% year-over-year growth in new customer revenue in its most recent quarter ending on March 31, 2022, is deployed in 3 of the world’s top 6 hospitals, and has been adopted across more than 150 manufacturing sites.

“Ordr has built a platform that not only solves an important market issue – the need to definitively understand and protect what is connecting to your organization’s network – but is truly scalable to keep pace with the speed of today’s businesses. We’ve worked with Ordr’s team and seen firsthand how well they’ve executed against aggressive goals. This additional funding will accelerate Ordr’s market leadership and success in the market,” said Dharmesh Thakker, general partner at Battery Ventures.

“We believe the connected device security market needs a strong, open, and independent player that prioritizes customer success, focuses on time-to-value, and integrates with all the key components of a customer’s security and network infrastructure. This funding validates our best-in-class approach and solidifies our leadership in the market,” said Greg Murphy, Ordr CEO.

Ordr plans to use the Series C funding to accelerate its sales and marketing efforts, especially in vertical markets such as healthcare, where the company has been named a market leader in the Healthcare IoT security industry by analyst firm KLAS Research for three consecutive years. The company will also look to further capitalize on steadily increasing demand from manufacturing and financial services, expand its channel and partnership programs, and accelerate investments in customer success.

“In order to advance their digital transformation goals, every organization needs to enable the visibility and security of connected devices, including IoT, IoMT, and OT. Ordr is a much-needed innovator in the market, with the ability to not only deliver granular visibility into devices, risks, and behaviors, but also automate and enforce Zero Trust policies to secure these devices from attacks,” said Justin Stebbins, partner, Northgate Capital.

“As an early investor in the company, I have witnessed Ordr’s impressive product evolution and growing traction within critical sectors, including healthcare, manufacturing, education, and extended enterprise IoT. They have developed one of the most scalable and technically robust platforms in the market, and some of the world’s leading organizations depend on it to fulfill important security needs and deliver business insights. The time is right to accelerate the company’s mission to be the leader in connected device security. We believe in their success and look forward to the next chapter.” said Alex Doll, Founder and Managing Partner of Ten Eleven Ventures.

Since its last round of funding, Ordr has experienced tremendous growth, coinciding with an increased understanding of the organizational risk represented by unknown connected devices. Some additional highlights since the last funding round include:

“Data privacy and security are imperative IT initiatives within the healthcare industry with connected device security in particular as a critical need given the increase in connected devices in health care facilities. Kaiser Permanente Ventures is pleased to continue its investment in Ordr as a key technology leader in this space, to help protect connected devices automatically, preemptively and at scale across the enterprise,” said Chris Stenzel, executive managing director, Kaiser Permanente Ventures.

Continuing the momentum of the past year, Ordr today also strengthened its executive team with the addition of Paul Davis as the company’s new vice president of customer success. Paul has decades of experience in customer-facing roles at Axis Security, Splunk, Cisco, and other leading organizations. At Ordr, he will be responsible for managing customer relationships and ensuring the successful implementation and use of Ordr technology.

Ordr Integrates With Cisco’s Flagship Catalyst 9000 Series Switches To Simplify Deployments and Accelerate Cisco ISE and SDA Initiatives

Santa Clara, CA – May 3, 2022 – Ordr, the leader in connected device security, announced the availability of the Ordr Sensor as a hosted application on the Cisco Catalyst 9000 series switches. The company’s latest integration with Cisco extends seamless visibility, comprehensive insights and security for connected devices in every environment – including data center, campus, and branch offices. Ordr and Cisco have a deep and long standing partnership, in which Ordr provides deep visibility and context that enables customers to leverage the full power of Cisco’s infrastructure – including Cisco Meraki, Cisco Identity Services Engine (ISE), Cisco Software-Defined Access (SDA) and Cisco Trustsec – to secure their IT, IoT (Internet of Things), OT (Operational Technology) and IoMT (Internet of Medical Things) devices.

You cannot secure the modern enterprise without understanding what devices are connected to your network, what they are doing, and what vulnerabilities they have,” said Pandian Gnanaprakasam, Chief Product Officer and co-founder of Ordr. “It has been operationally challenging for some organizations to gain this level of visibility for all devices, in all locations. Now, in any environment with Cisco Catalyst 9000 series switches, Ordr enables IT organizations to immediately see and secure all these devices.

Ordr makes it easy to keep the connected enterprise secure by showing customers exactly what devices are in their environment, the systems they communicate with, and the risks they bring, while providing automated policies to secure them. Ordr not only identifies devices with vulnerabilities, weak ciphers, expired certificates, and active threats, but also uses machine learning to continuously baseline normal behavior. The combination of device and risk insights, behavioral analysis, and automated policy creation accelerates Cisco ISE and SDA deployments. 

“Embedding Ordr within the Cisco Catalyst 9000 allows customers to discover and secure connected devices in locations where it is not possible or not practical to deploy a hardware sensor, such as a branch office or other remote location. This, combined with Ordr’s strengths in accelerating Cisco ISE and SDA deployments, will streamline Zero Trust security for every organization,” said Chris Kuhl CTO and CISO, Dayton Children’s Hospital

“The explosive growth of connected devices means companies are more invested than ever in visibility and security solutions,” added Rob Parsons, Director, Network and Security Practice/Portfolio at Insight. “Remote offices are often underserved by security because they lack integration with core security tools. Ordr’s connected device security platform and Cisco’s industry-leading switching products combine to create a powerful value proposition for our clients. The results are simplified deployments, comprehensive visibility across every office, and accelerated Zero Trust and Cisco ISE initiatives.”

With this integration, even in smaller office locations, enterprises gain comprehensive visibility into connected assets, risks, network connectivity, device behavior, and utilization, as well as the ability to apply segmentation to the network edge. 

Key Ordr and Cisco Catalyst 9000 Integration Benefits

  • Secure More Devices: Extend Ordr to secure connected devices in data center, campus, branch office, or other remote locations. 
  • Quick Deployment: The Ordr sensor is deployed in a matter of minutes as a pre-packaged Docker container application hosted on any Cisco Catalyst 9000 switch, and can be easily deployed to hundreds of switches from the Cisco DNA Center. 
  • Reduced Footprint and Cost: By leveraging existing Cisco Catalyst 9000 switches as distributed Ordr sensors, the deployment footprint and costs are reduced.
  • No Performance Impact: Ordr takes advantage of Cisco Catalyst 9000’s dedicated application hosting compute, storage, and memory – so there’s no impact to switch performance.

Accelerating Security Across the Cisco Product Suite 

Ordr’s close relationship with Cisco includes integrations with multiple products, including the Cisco ISE, Cisco SDA, Cisco Catalyst 9000 switching family, Cisco Meraki, Cisco TrustSec, Cisco Secure Network Analytics (Stealthwatch), and Cisco Prime Infrastructure.

In addition, Ordr has recently become a Cisco Meraki Ecosystem Partner. Now available on the Cisco Meraki Marketplace, Ordr helps customers analyze their Meraki cloud data to see, know, and secure all connected devices, across all campus, branch, small office/home office (SOHO), and VPN connections.

Ordr’s deep integrations across the Cisco portfolio help customers add the end-to-end visibility and security needed to accelerate the deployment of Cisco ISE and SDA solutions. Ordr’s device classification, network awareness, security intelligence, and ability to auto-generate enforcement rules simplify the process of creating, provisioning, and managing an IoT, IoMT and OT segmentation policy.

For more information about how Ordr can help strengthen the visibility, security and overall management of all your Cisco deployments, please visit www.ordr.net/partners/cisco and attend the Ordr Masterclass on May 19th

About Ordr:

Ordr makes it easy to secure every connected device, from traditional IT devices to newer and more vulnerable IoT, IoMT, and OT. Ordr Systems Control Engine uses deep packet inspection and advanced machine learning to discover every device, profile its risk and behavior, map all communications and protect it with automated policies. Organizations worldwide trust Ordr to provide real-time asset inventory, address risk and compliance and accelerate IT initiatives. Ordr is backed by top investors including Battery Ventures, Wing, and TenEleven Ventures. 

For more information, visit www.ordr.net and follow Ordr on Twitter and LinkedIn.


Media Contact:

Jeff Drew

Guyer Group for Ordr


(617) 233-5109

Ordr Named in the 2022 Gartner® Market Guide for Medical Device Security Solutions

SANTA CLARA, Calif.March 15, 2022 /PRNewswire/ — Ordr, the leader in connected device security, has been named a Representative Vendor in the 2022 Gartner Market Guide for Medical Device Security Solutions for the second year in a row.

Ordr was named a Representative Vendor in the 2022 Gartner Market Guide for Medical Device Security Solutions.

“The variety and scale of security risks are significant in the IoMT-rich healthcare environment and create a large and complex threat surface. At the same time, most sensor-based things have minimal internal computing resources, with limited opportunities to install antivirus, encryption and other forms of protection. However, they commonly connect to HDO back-end computing resources and require protection,” said Gregg Pessin, Sr. Director Analyst at Gartner.

The Market Guide for Medical Device Security examines the growing market for solutions that address software, hardware, and network and data protection requirements for an HDO’s IoMT devices. These solutions enable organizations to securely manage IoMT devices, ensure IoMT endpoint and data integrity, and perform asset discovery.

Three key findings were called out in the Gartner report:

  • “Most healthcare delivery organization (HDO) CIOs and chief information security officers (CISOs) do not have an up-to-date, complete and accurate inventory of the medical devices within their enterprises. This thwarts efforts to protect their healthcare delivery environments from continuous security threats.
  • Internet of Medical Things (IoMT) and Internet of Things (IoT) device populations are growing in size and diversity within HDOs. This growth drives increased smart device network traffic and the size and complexity of the resulting threat surface.
  • Market solutions that address these issues started with simple discovery and risk scoring, and have developed into full-fledged security protection systems for IoMT populations inside HDOs.”

“The number of connected devices in healthcare organizations has grown exponentially. Unfortunately, this brings with it a significant increase in attack surface,” said Greg Murphy, CEO of Ordr. “Ordr works with leading healthcare organizations to profile every connected device, deliver actionable insights into threats, vulnerabilities, and anomalous behavior, and secures every device with automated policies. We are pleased to be recognized by Gartner as a Representative Vendor to address critical visibility and security requirements within healthcare.”

Ordr recently announced its Clinical Defender solution, which gives Health Technology Management (HTM) professionals visibility into exactly what medical devices are connected to an organization’s network. The solution enables one-click access to critical HTM data, accelerates risk remediation workflows, and delivers device utilization insights.

To download the 2022 Gartner Market Guide for Medical Device Security Solutions, click here.

Ordr to Share Insights on Healthcare Security Best Practices at HIMSS

SANTA CLARA, Calif. and ORLANDO, Fla.March 10, 2022 /PRNewswire/ — Ordr, the leader in connected device security, announced today its participation at HIMSS 22 Global Health Conference & Exhibition, taking place from March 14-18, 2022 in Orlando, FL at the Orange County Convention Center.

Ordr CEO Greg Murphy and Ordr security experts will be presenting on best practices to securing healthcare organizations alongside Mayo Clinic, Cleveland Clinic and Dayton Children’s Hospital. As a sponsor, the company will showcase and demonstrate its latest Ordr 8 and Ordr Clinical Defender innovations at Booth # 309. Ordr demos will also be featured at Cisco’s Booth # 1559 on Tuesday, March 15, 2022.

Ordr speaking sessions:

  • Mayo Clinic’s IoT Journey: From Asset Inventory to Cybersecurity
    • Speakers: Mark Manning, Division Chair, Healthcare Technology Management at Mayo Clinic, and Greg Murphy, CEO at Ordr
    • Topic: The Mayo Clinic’s approach to securing connected devices in healthcare.
    • When: Monday, March 14, 2022 at 3:20 PM EDT
    • Where: Rosen Centre, Junior Ballroom F
  • Medical Device Cybersecurity Playbook
    • Speaker: Danelle Au, CMO at Ordr
    • Topic: The cybersecurity playbook on what you should do before, during and after an attack.
    • When: Wednesday, March 16, 2022 at 10:15 AM EDT
    • Where: Orange County Convention Center, Hall A, Booth 300, Cybersecurity Theater B
  • Battling Ransomware in Healthcare
    • Speakers: Kevin Tambascio, Manager, Cybersecurity IT/OT Attack Surface Reduction at Cleveland Clinic, and Srinivas Loke, Senior Director, Product Management at Ordr
    • Topic: Best practices for ransomware detection and response.
    • When: Thursday, March 17, 2022 at 8:30 AM EDT
    • Where: Orange County Convention Center, W311E
  • A Practical Approach to Zero Trust Security in Healthcare
    • Speakers: Christopher Kuhl, CISO and CTO at Dayton Children’s Hospital, and Greg Murphy, CEO at Ordr
    • Topic: Dayton Children’s Hospital best practices and approach to implementing a zero trust architecture.
    • When: Thursday, March 17, 2022 at 11:30 AM EDT
    • Where: Orange County Convention Center, W311E

Ordr recently announced its new Clinical Defender solution, which delivers one-click access to critical data, accelerates risk remediation workflows, and delivers device utilization insights to Health Technology Management (HTM) professionals. As the number of connected medical devices within a healthcare organization continues to grow, the size of the potential attack surface expands as well. With critical services and patient care at risk, it is more critical than ever before for HTM teams to gain visibility into exactly what devices and equipment are connecting to a company’s network.

For more information on Ordr’s presence and activities at HIMSS 2022, please visit here. Ordr will be at booth # 309 during the event for any attendees who would like to learn more about the company’s ability to help healthcare organizations gain visibility and security into their connected devices.

Ordr CEO Greg Murphy is available for meetings and can share insights about top of mind connected device and security issues facing healthcare teams. If interested in connecting, please reach out to our media contact, who will be able to broker an introduction and schedule a meeting.

Ordr Launches Clinical Defender to Streamline Management of Connected Medical Devices

Santa Clara, CA, March 2, 2022 – Ordr, the leader in connected device security, today announced the availability of Ordr Clinical Defender. Built on Ordr’s foundational asset and risk management features, and developed with best practices from the top healthcare delivery organizations (HDOs) in the world, Ordr Clinical Defender enables Healthcare Technology Management (HTM) teams to more efficiently and accurately manage their connected medical devices.

HTM teams today face significant challenges in managing the explosive growth of connected medical devices critical to patient care. There is typically a 15-20% discrepancy between assets registered in a computerized maintenance management system (CMMS), and assets deployed on the network. This increases risks for healthcare organizations as unknown devices increase the attack surface, and missing devices may contain protected health information (PHI), putting the organization in jeopardy of a costly HIPAA data breach violation.

Furthermore, HTM teams spend an average of 30-60 minutes per person, per shift, looking for equipment. At a cost of $100 per hour, reducing this time can lead to significant cost savings. In addition, addressing clinical risks like identifying devices running outdated operating systems can drag on for weeks due to the lack of accurate data, making organizations vulnerable to cyberattacks.

Ordr Clinical Defender, running on the new Ordr 8 Software release, provides focused, actionable, and accurate HTM insights and workflows, so HTM and clinical engineering teams can

  • Automate real-time asset inventory without impacting device operations;
  • Address compliance by identifying missing, newly-connected, or misplaced devices;
  • Mitigate risks by identifying devices with vulnerabilities and recalls;
  • Accelerate remediation efforts for devices with clinical risks; and,
  • Save millions of dollars by optimizing device utilization. 

“The thing we were astonished by was the visualization of the Ordr data. We found quite a few devices that had very out-of-date operating systems that we were not aware of, that we’re now addressing from an upgrade standpoint. We were able to mitigate those risks before anything happens,” said Chuck Christian, VP Technology and CTO, Franciscan Alliance. 

“It is refreshing to work with a vendor that actually listens and empathizes with issues and pain points from customers. It’s exciting to see the rubber meet the road in terms of suggestions and requests. Ordr’s Clinical Defender dashboard is both modern and functional. Kudos to the team,” said Jeremiah Green, Information Security Manager, University of Rochester and University Rochester Medical Center.

Ordr Clinical Defender and Ordr 8 capabilities include:

  • Data Shaper for users to customize the Ordr platform and quickly zero in on the information and insights most relevant to them; for example, enabling HTM users to only view specific medical devices they are responsible for within that hospital, or location, or that are using a specific protocol or access method.
  • Asset Inventory and Analysis highlights critical information for real-time visibility and compliance: 
    • Real-time automated asset inventory, correlated with CMMS data; 
    • Identify newly connected devices in the last 24 hours to ensure no new medical equipment is installed without following proper procedures; and,
    • Identify medical devices with Protected Health Information (PHI) that have not been seen on the network for more than 60 days. 
  • Connectivity and Location Analysis pinpoints devices in the wrong zone, VLAN or subnets:
    • Locate missing devices by identifying device details, and physical and network location; and, 
    • Monitor VLANs for rogue or misconfigured clinical equipment. 
  • Clinical Risk Insights and Workflows enable prioritized risk remediation:
    • Identify devices with vulnerabilities and FDA recalls; 
    • Prioritize clinical risk patching and remediation by impact;
    • Integrate with IT Service Management (ITSM) tools to automate process for remediation; and, 
    • Simplified sharing option to share device details with other users in the organization for further analysis.
  • Device Utilization summarizes usage of devices and fleets:
    • Identify appropriate schedule for maintenance; 
    • Identify usage of specific devices to support procurement decisions; and,
    • Analyze usage to improve efficiencies of under-utilized equipment.
  • Simplified action framework to enable quick enforcement of policies across a set of target devices.
  • Simplified search to make it easy to identify device insights no matter where users are in the Ordr interface.

“In my previous role, I was an Ordr customer, benefitting from the power of the Ordr platform and actively participating in the evolution of the platform. Ordr’s powerful platform captures not just device information but a true lifecycle view, identifying where a device is located within the network topology and how it communicates and behaves throughout the organization. This unique lifecycle view is particularly beneficial in healthcare. The launch of the Ordr Clinical Defender will be invaluable to HTM/Biomed teams that can now more effectively manage their medical devices and clinical risks,” said Ken Koos, Optiv Consultant, ICS and IOT Product Security.

“We’ve partnered closely with the leading healthcare organizations in the world to develop a simplified and optimized product for HTM. It’s everything HTM and clinical engineering teams need to more efficiently perform their most critical tasks. We’re excited to bring the value and benefits of the Ordr platform to a new set of stakeholders,” said Gnanaprakasam Pandian, Chief Product Officer and co-founder of Ordr.

To learn more about the Ordr Clinical Defender, visit www.ordr.net/clinical-defender. Register for the Ordr Masterclass on March 10th where product experts will provide a deep dive into the Ordr Clinical Defender and Ordr 8 capabilities.

Ordr Recognized as a Market Leader by KLAS Research in the 2022 Healthcare IoT Security Report

SANTA CLARA, Calif.Feb. 16, 2022 /PRNewswire/ — Ordr, the leader in connected device security, has been named a market leader in the Healthcare IoT security industry for the third year running by KLAS Research –  a premier healthcare IT data and insights firm. In its latest report, “Healthcare IoT Security 2022: Moving beyond Device Visibility,” Ordr was recognized for its high market energy, significant customer consideration rate, breadth of functionality beyond visibility, strong technical background, and success with the largest and most sophisticated healthcare systems.

As the number of internet-connected devices continues to grow exponentially, healthcare delivery organizations have become lucrative targets for attack. Ordr gives healthcare providers full confidence in the visibility and security of every connected device on the network. Ordr received high marks from customers in the KLAS report for:

  • Breadth of functionality beyond just visibility, including abnormal activity identification, traffic monitoring, and device utilization tracking;
  • High customer satisfaction rates;
  • High value across multiple stakeholders including Security, Clinical/Biomed and IT;
  • Helpful training and education offerings, including the Masterclass webinar series;
  • User interface enhancements; and,
  • Strong technical background of the Ordr team in security, healthcare and networking.

Ordr was recognized by KLAS for client list transparency, and customers interviewed celebrated Ordr’s ability to provide value beyond just device visibility. In its report, KLAS noted that “Ordr customers (often very large health systems) use the platform to do more than simply see what devices are connected to their network—they also track device utilization, identify abnormal device activity, and monitor traffic.”

When asked about Ordr, one CISO commented, “I would definitely recommend the system. The major strength is complete visibility into the endpoints for the traffic that we send through the solution. That will assist us when we get into a more stringent RADIUS authentication requirement for our wired network. Another strength is the ability to see exactly what a device has talked to from either a profile view or a specific device view. We can see what ports were used, how many times the communication happened, and what the date and time were. We can get a rather slick visual representation of that and easily export it.”

Greg Murphy, Ordr CEO, said, “We’ve worked with some of the largest and most sophisticated thought leaders in healthcare since our inception. While they have been dealing with the dual pressures of the COVID-19 pandemic and escalating cyberattacks, we have maintained our focus on technology innovation and customer success. Our customers can confidently deliver care knowing that their devices and networks are secure. This recognition by KLAS for the third year running acknowledges the hard work of our team and reflects the value of the trusted partnerships we have built with our customers. This honor reinforces the importance of our mission to keep every healthcare organization safe via comprehensive device visibility, actionable clinical and security insights, and automated policies.”

Continued Growth Highlighted by KLAS Report

Ordr’s recognition in the 2022 KLAS report as a market leader in healthcare IoT security adds to a growing list of achievements over the past year, including:

For more information on how Ordr can help healthcare organizations, please visit https://ordr.net/solutions/healthcare/. A summary of the KLAS Healthcare IoT Security Report can be found here.

Ordr Successfully Achieves SOC 2 Type 2 Compliance

SANTA CLARA, Calif. – December 22nd, 2021 – Ordr, the leader in connected device security, today announced that the company has successfully completed the System and Organization Controls (SOC) 2 audit for the Ordr Systems Control Engine. Developed by the American institute of CPAs (AICPA), SOC 2 defines criteria for managing customer data in accordance with five key service principles: security, availability, processing integrity, confidentiality, and privacy. Ordr’s SOC 2 certification demonstrates its commitment to robust information security and the implementation of controls, systems, and processes to protect sensitive customer data.

“Protecting our customers’ business is our top priority, which requires strict controls to secure their data, ” said Pandian Gnanaprakasam, co-founder and Chief Product Officer of Ordr.“We’ve invested heavily in our security programs and operations. Today’s SOC 2 announcement is a testament to the rigor and diligence in the way we build our product, run our cloud and data center operations, how we protect our IT assets, and  how we secure our customer instances on a daily basis. It demonstrates to our customers our commitment to security, and is another example of how Ordr is leading the connected device security market.”

To complete the audit, Ordr engaged with an independent third-party auditing firm, who performed an extensive audit and examination of Ordr Systems Control Engine systems, tools, processes and operations. This rigorous and comprehensive audit validated that Ordr controls were implemented properly in the following areas:

  • Information security policies and procedures
  • Systems, information, network, infrastructure security
  • Secure software development methodologies
  • Employee engagement and training
  • Customer support
  • Vendor management
  • Cloud and data center operations
  • Risk mitigation and incident response
  • Logical and physical access controls

“With cybersecurity attacks hitting the headlines every week, security vendors play a critical role in securing any customer data outside the confines of an organization’s own technical infrastructure. As a result, SOC 2 certification is a key requirement for CISOs when they look at partnering with a new security vendor. Achieving SOC 2 compliance means that Ordr’s existing and future customers can be confident that their data is being handled with the proper security, confidentiality and privacy controls,” said Greg Murphy, CEO, Ordr.

The Ordr SCE platform provides comprehensive visibility and security into all connected devices  including workstations, servers, PCs and tablets, loT, IoMT, and OT. Customers discover granular details about every connected device, gain actionable insights into threats, vulnerabilities, or anomalous behavior, and can automate the implementation of proactive, reactive, or retrospective policies to rapidly mitigate risk.

Ordr Unveils Cybersecurity Innovations and Ransom-Aware Rapid Assessment Service to Expand Its Leadership In Connected Device Security

SANTA CLARA, Calif. – October 28th, 2021 – Ordr, the leader in connected device security, announced new cybersecurity features along with a Ransom-Aware Rapid AssessmentTM service to help security teams accelerate their response to ransomware and other advanced attacks.

Ransomware attacks have accelerated in the past year, due to the ready availability of ransomware as a service, the expansion of the attack surface from connected devices and remote work, and the ease of ransomware payments using cryptocurrency. Enterprises are recognizing that in order to move quickly from threat detection to response, security teams need context on the device that is under attack – what it is, where it is located, whether they can act upon the device and exactly what mitigation steps are possible.

Ordr provides these answers via comprehensive visibility into devices, their corresponding network flows, risks, and anomalous behaviors, along with automated policies to proactively, reactively and retrospectively respond to attacks.

Highlights of the new cybersecurity features and benefits in the latest Ordr Hydrangea Fall 2021 Release include:

  • Ransom-Aware Rapid AssessmentTMOrdr now adds Ransom-Aware Rapid Assessment as an additional services This assessment, available from Ordr and its reseller partners, evaluates ransomware exposure risks in an organization, including identifying threats and vulnerable devices in the environment, reviewing user activity and devices access, and monitoring for communications to ransomware sites. The Ransom-Aware Rapid Assessment comes with a detailed report of findings and recommendations to help organizations prepare for an attack.
  • Behavioral-based tracking and visualization of suspicious communications – Ordr baselines the behavior of every device so that “abnormal” communications can be detected. Security teams can now create policies and alert when “normal” behavioral patterns are violated, such as devices communicating with blocked IPs and URLs, banned countries and malicious sites. Ordr automatically provides a visual representation of communications to newly discovered malicious domains via the Ordr Traffic Analysis view, or security teams can customize their view to include specific malicious domains targeting their industry.
  • Risk customization – Every enterprise measures risks differently based on the probability of an attack to the business. Ordr now adds the ability for risk and security customization by security teams including multiple high fidelity threat feeds controlled by weightages, risk score customization, custom alarm notifications, and flexible policy groups to customize policies by business context and/or protocol interactions.
  • Multi-stage, correlated kill chain detection – In addition to the ability to detect East West lateral movement via its integrated threat detection engine, Ordr now adds new threat detection capabilities including application anomaly detection for high-risk protocols (SMB, RDP, etc.), IP based TOR detection and special purpose scanning engine enhancements to unearth vulnerabilities like PrintNightmare. Every device risk score computation correlates risks from multiple threat events in the kill chain to surface key security issues.
  • Retrospective security – As security teams receive new indicators of compromise, it is important to incorporate a model of retrospective security, where the latest threat intelligence is continuously applied to historical device behavior and communications. Ordr adds retrospective analytics to track prior communications to new indicators of compromise. This can identify compromised devices that have slipped past preventative security measures. Ordr comprehensive device, network and behavioral context can be used to shorten the duration in triaging any malware, and to aid in forensics analysis. In one customer deployment, Ordr identified a compromised device behaving maliciously more than 15 days before the FBI indicators of compromise were published.

“As threat actors continue to target organizations around the world with ransomware, security teams need to understand where their risks lie. Ordr helps organizations understand their ransomware exposure and readiness. This will be invaluable to every organization trying to prepare against this imminent threat, “ said Frank Rondinone, President and Founder, Access2Networks.

“The enhancements in this release further bolster what is the most complete agentless device security platform in the industry. We’re making it easier than ever for enterprises to customize their risks, detect threats specific to their industry, continuously manage risks and secure every connected asset everywhere,” said Pandian Gnanaprakasam, co-founder and Chief Product Officer of Ordr.

The Ordr platform is already helping security teams reduce their time to detect and respond to attacks. In a KLAS Research customer interview, one Chief Information Security Officer said Ordr had reduced their incident response time by hours:

The biggest outcome is a significant decrease in the amount of incident response time. We have used Ordr Platform as part of our incident response with ransomware. Because we couldn’t run our antivirus on our machines, we were able to go in and identify the specific machine on the Ordr Platform and provide a picture to the field support. The network engineers had already logged into the Ordr Platform, saw the traffic and killed the port so that it couldn’t communicate. That was very handy so that when a field support person walked into the room, they knew exactly where they were going. We were able to get the medical devices back up and running on our network and segmented really quickly. Ordr made that quick turnaround happen. We have factored the utilization of Ordr platform into our incident response plans. We have been able to reduce our response time by hours. We already had a really robust response time and plan, and the system sped things up significantly.”

For ransomware best practices and insights:


Ordr Appoints René Bonvanie as Executive Chairman of the Board

SANTA CLARA, Calif.Oct. 12, 2021 /PRNewswire/ — Ordr, the leader in agentless security for all connected devices, today announced the appointment of René Bonvanie as Executive Chairman to the company’s board of directors. A 35-year executive leader, René brings a wealth of operational and go-to-market experience, providing strategic counsel and guidance to Ordr’s leadership team. He currently serves as an Executive in Residence at Battery Ventures and previously worked for over ten years as Chief Marketing Officer of Palo Alto Networks. Dominic Orr, Ordr’s Executive Chairman of the Board since 2019, will remain on the company’s Board of Directors and continue working closely with the senior management team.

“René’s deep expertise in the cybersecurity market, his intimate familiarity with customer needs, and his understanding of Ordr through his work with Battery Ventures are an ideal fit as we continue to grow rapidly,” said Greg Murphy, CEO of Ordr. “We are delighted to have a world-class executive of René’s caliber joining the Board and working closely with our leadership team to deliver the greatest possible value to our customers.”

As CMO of Palo Alto Networks, René grew the company from startup through an initial public offering, and then scaled it to become one of the leading cybersecurity vendors in the world with nearly $3 billion in annual revenue. He also served in senior executive roles at a variety of companies including Ingres, Oracle, Business Objects, SAP, and Salesforce.

The Executive Chairman appointment follows a record-breaking quarter for Ordr, with 125%+ year over year growth in new annual recurring revenue (ARR) and record total bookings. The accelerating growth was fueled by market demand for connected device security across verticals, including healthcare and industrial.

“René joins us at a pivotal point in Ordr’s journey and in the industry. With the alarming increase in cybercrime, organizations are looking not only for visibility and insights on connected devices, but a complete set of security features to protect and respond to cyberattacks. Ordr is well positioned to meet these needs, and René’s experience will be invaluable in accelerating our growth,” said Pandian Gnanaprakasam, founder and Chief Product Officer at Ordr.

“I’ve been working with Ordr over the last year and have been impressed by the team, the technology, and their customer traction.  Ordr is redefining the connected device security market with an innovative product that addresses a variety of visibility and security use cases,” said Bonvanie, “I’m thrilled to take on the Executive Chairman role and look forward to working even more closely with Greg, Pandian and the executive team, building on Ordr’s record-breaking growth and seizing the opportunities ahead of us.”

This announcement comes on the heels of Ordr’s Rise of the Machines 2021 report, which analyzed connected devices across healthcare, life sciences, retail, and manufacturing verticals, uncovering a shocking number of vulnerabilities and risks. For additional findings and details, “Rise of the Machines 2021: State of Connected devices — IT, IoT, IoMT and OT” can be downloaded in its entirety here.

Ordr Helps Healthcare Organisations Meet Key Criteria of NHS Data Security And Protection Toolkit



What is Being Announced?

NHS Digital has recently amended the NHS Digital’s Data Security and Protection Toolkit (DSPT) making it mandatory for NHS organisations to now keep an up-to-date inventory of all medical devices including security vulnerabilities and data security. All organisations that have access to NHS patient data and systems must adhere to the requirements in this toolkit to provide assurance that they are practising good data security and that personal information is handled correctly.

Ordr, the leader in agentless security for all connected devices, is today launching a guide to assist healthcare organisations to meet the new DSPT criteria. Healthcare organisations are particularly vulnerable to cyber-attacks such as ransomware, due to outdated operating systems running on medical, Internet of Things (IoT) and Operational Technology (OT) devices. This is due to the fact that many of these devices, in particular medical devices, remain in operation for a number of years and cannot be easily replaced for cost reasons.

Ordr in its recent Rise of the Machines report found 19% of deployments with devices running outdated operating systems Windows 7 and older, and almost 34% of deployments with devices running Windows 8 and Windows 10, which are expected to end-of-life in 2023 and 2025 respectively. Organisations need an automated way to identify these devices-at-risk and segment them to ensure security of these devices, keep them in operation and avoid the costs of replacing devices early.

What Is DSPT?

NHS Digital’s Data Security and Protection Toolkit (DSPT) is an online self-assessment tool that enables organisations to measure their performance against the National Data Guardian’s 10 data security standards. All organisations that have access to NHS patient data and systems must use this toolkit to provide assurance that they are practising good data security and that personal information is handled correctly. This system is subject to ongoing development.

What Does It Mean for Healthcare Organisations?

DSPT compliance will force many organisations to take a fresh look at their cybersecurity programme and make changes to align with NHS Digital requirements. Core security functions such as inventory, risk management, and threat detection will be essential to maintaining compliance, and organisations should look for efficient, automated systems that can help provide coverage for all connected devices — from traditional servers, workstations, and PCs to IoT, IoMT and OT devices.

Bob Vickers, Head of UKI at Ordr commented:

“Even though data security standards ask healthcare organisations to ensure technology is secure and up to date with no unsupported operating systems, this is actually a global medical challenge for most. Connected medical devices can range widely, and often ran on outdated systems, even though they are a critical part of business operations.

We need to remember that securing medical devices will define the future of healthcare. Security teams need the right tools to increase visibility into risks, bring devices into compliance, optimize utilization and protect them from cyberattacks. spend. Here at Ordr, healthcare organisations can not only gain complete visibility into devices and risks, they can also keep track of NHS Cyber Alerts as a data feed into the Ordr Systems Control Engine (SCE) and address cyber threats such as ransomware on their network. By leveraging automation to drive efficiencies, they can ensure the highest standards of security for patient safety.”

How Can Ordr Help?

Ordr SCE can arm organisations with a powerful platform  to gain visibility into their network-connected devices, automatically expose potential risk, and automatically enforce policies for rapid mitigation during cyber attacks or segment high-risk devices to only “allowed” communications, passively and without agents. Ordr is already working with the University Hospital Southampton NHS Foundation Trust (UHS) and the University Hospitals of North Midlands NHS Trust (UHNM Trust) to tackle these challenges, and to improve healthcare cybersecurity and patient safety.

Some of the key criteria that Ordr can help healthcare organisations with are: Personal Confidential Data, Managing Data Access, Responding to Incidents, Continuity Planning,

Unsupported Operating Systems and IT Protection.

The Ordr system has the following key functionality to help meet the above criteria:

  • Real-time Asset Inventory: Ordr brings together a unique combination of traffic analysis and AI to automatically discover and classify every device on the network. This includes high-fidelity information such as make, classification, location, and application/port usage.
  • Vulnerability Management: Ordr delivers a variety of unique capabilities in the area of vulnerability management. The platform includes a built-in vulnerability scanner to identify devices affected by a variety of industry-specific security alerts or recalls.
  • Behaviour and Risk Profiling: Ordr includes a built-in IDS engine to detect threats and devices that are under active attack. Ordr also automatically learns every device’s unique communication patterns, known as its Ordr Flow Genome. This provides a baseline that can be used to find suspicious and anomalous behaviours that could be the sign of an unknown threat.
  • Automated Response: Ordr can can automate the creation of NGFW policies, ACL blocks, quarantine VLAN assignment, port shutdown, or session termination with one click of a button– enforced on existing switches, wireless controllers, and firewalls, or via NAC platforms—to mitigate risks. By baselining device behaviour, Ordr can also dynamically create segmentation policies such as firewall rules that provide devices with necessary access while limiting unnecessary exposure.

Prepare today

The Data Security and Protection Toolkit is an annual self-assessment. The deadline for the 2021-22 publication is 30 June 2022. For more information on how Ordr maps to the “Data Security And Protection Toolkit (DSPT)”, please visit https://resources.ordr.net/healthcare-uk/how-ordr-maps-to-the-data-security-and-protection-toolkit-dspt-solutions-brief.