BMW i invests in cybersecurity firm known for protecting software without disruption
By onTechnology
BMW i Ventures announced Tuesday an investment in a cybersecurity firm specializing in software immunization.
The $12 million Series B funding round for RunSafe Security was led by Critical Ventures and SineWave Venture Partners, a press release from BMW i Ventures says. It also included Working Lab Capital, Lockheed Martin Ventures, HyperLink Ventures, Iron Gate Ventures, Alsop Loui Partners, and NextGen Venture Partners.
RunSafe Security is known for protecting software from cyberattacks without disrupting developer operations, according to the release. It says the company’s solutions have been adopted by industry leaders across various sectors including aerospace, defense, and energy.
According to the release, RunSafe code uses a patented process called load-time function randomization that dynamically relocates software functions in memory every time the software is loaded, making it extremely difficult for attackers to predict the location of specific functions.
“Memory attacks pose an increasing threat to embedded systems within connected devices. RunSafe’s cybersecurity technology immunizes memory-based systems from unknown vulnerabilities and future attacks,” said Kasper Sage, BMWi managing partner, in the release. “BMW i Ventures is committed to advancing safety and security measures across the automotive supply chain and beyond and is excited to partner with Joe [Saunders, RunSafe CEO] and the RunSafe team to support their mission.”
Saunders says in the release that the investment round will allow the company to accelerate its efforts in providing solutions that protect software from cyber attacks.
“RunSafe’s products have been adopted by industry leaders such as Vertiv, Schneider Electric, and GE Aviation, as well as esteemed branches of the U.S. military, including the Army, Navy, and Air Force,” said Saunders, in the release. “With the expansion of the RunSafe Security Platform, we solidified our position as cybersecurity crusaders, offering automated solutions for SBOM generation, vulnerability identification, and exploit prevention and remediation for embedded software deployed throughout critical infrastructure.”
Security Info Watch recently published an article exploring the need for more cybersecurity in the auto industry.
“The stakes are high for organizations that don’t adequately handle cybersecurity, with each cyberattack costing companies an average of $4.45 million per incident; proving the more technology a company adopts, the more vulnerable it becomes,” the article says. “In many cases, organizations take a reactive vs. proactive approach to cyber risk, often due to a misunderstanding of cybersecurity or an underestimation of the threat landscape.”
A 2024 report from Upstream found that the automotive and mobility industry cyber incidents with a “high” or “massive” impact doubled from 2022 to 2023 with 295 attacks in 2023.
The report says there was one cybersecurity event that impacted one vehicle in 2015 while millions of vehicles were impacted by cybersecurity events in 2023.
The report notes that frequent over the air (OTA) updates mean the software is constantly evolving. It says the risk profiles are also continuously changing.
“The growing reliance on backend systems highlights the urgent need for OEMs to safeguard both the software components and sensitive data,” the report says.
Images
Feature and embedded photo courtesy of BMWi.