Risk Ledger

High-Level Overview

Risk Ledger is a London-based cybersecurity startup founded in 2018 that builds a third-party risk management (TPRM) platform modeled as a secure social network.[1][2][3][4] The platform centralizes supplier security profiles, automates risk scoring, visualizes supply chain risks in real-time, and connects organizations into a collaborative network for threat detection, response, and prevention.[1][2][3] It serves sectors like public sector, critical national infrastructure, financial services, insurance, and technology, solving the problem of fragmented supplier due diligence by enabling instant access to thousands of pre-assessed suppliers, reducing manual verification, and providing adaptive insights into emerging threats and concentration risks.[1][3]

With strong growth momentum, Risk Ledger has raised $10.6M in total funding, including a £6.25M ($7.7M) Series A in 2023 led by Mercia Ventures, alongside Seedcamp, Firstminute Capital, Episode 1, Village Global, and Lifeline Ventures—bringing cumulative funding to £9.8M.[4] The company employs around 34 people, generates under $5M in revenue, and was named one of the "most loved companies" in 2024 for its workplace culture, signaling robust team expansion and market traction.[4][5]

Origin Story

Risk Ledger was founded in 2018 by Haydn Brooks and Daniel Saul in London, UK, with a mission to transform how organizations manage cybersecurity and risk in supply chains.[1][2] The idea emerged from recognizing the limitations of traditional, siloed TPRM approaches, leading to the creation of a global network where connected organizations could "defend-as-one" against cyber threats in real-time.[2][3] Early traction came from building a dynamic platform that offered unmatched visibility into supplier security, which gained recognition as an innovative, game-changing model and attracted initial investors like Seedcamp.[2][4] Pivotal moments include the 2023 Series A funding round, which accelerated platform development and team growth in London.[4]

Core Differentiators

• Network-Based Model: Unlike static tools, Risk Ledger functions as a secure social network that onboards entire supply chains into an active, interconnected ecosystem, providing instant access to thousands of suppliers with up-to-date security data and reducing manual onboarding time.[2][3][4]
• Real-Time Risk Insights: Automates risk scoring, visualizes concentration risks and emerging threats (e.g., cyber attacks, regulatory changes), and delivers proactive alerts on supply chain impacts, enabling faster mitigation.[1][3]
• Adaptive Framework: Regularly updates assessments to align with evolving threats and standards, ensuring compliance and resilience without constant manual intervention.[3]
• Collaborative Efficiency: Streamlines reporting, monitoring, and supplier collaboration, consolidating risk data in one place for comprehensive TPRM programs—praised for ease of use in identifying and managing organizational risks.[1][3]

Role in the Broader Tech Landscape

Risk Ledger rides the surging demand for supply chain cybersecurity amid rising third-party breaches, ransomware, and regulations like DORA in Europe and CISA directives in the US, where 60%+ of attacks now exploit vendor weaknesses.[1][3] Timing is ideal post high-profile incidents like SolarWinds and MOVEit, amplifying market forces favoring automated, network-driven TPRM over legacy spreadsheets or point solutions.[2][3] By fostering a "defend-as-one" ecosystem, it influences the tech landscape through enhanced collective resilience, similar to how platforms like Sayari or RepRisk tackle adjacent risks, but with a unique real-time supplier collaboration edge that could standardize secure supply chains in critical sectors.[1]

Quick Take & Future Outlook

Risk Ledger is poised for accelerated expansion with its recent funding fueling platform enhancements, global network growth, and hires to capture the booming TPRM market projected to exceed $20B by 2030.[4] Trends like AI-driven threat prediction, zero-trust supply chains, and mandatory ESG/cyber disclosures will shape its trajectory, potentially positioning it as a category leader if it scales its supplier network aggressively.[3][5] Its influence may evolve from innovative startup to ecosystem orchestrator, empowering organizations to preempt cascading risks—echoing its founding vision of revolutionizing supply chain security through connected defense.[2]