French startup Riot recently raised $30 million in a Series B funding round after reaching $10 million in annual revenue in 2024. The round, led by Left Lane Capital, also saw participation from existing investors such as Y Combinator, Base10, and FundersClub. Following this investment, Riot’s post-money valuation surpassed $170 million. Originally, Riot focused on educating employees about cybersecurity risks but is now taking an advanced approach by working to minimize their attack surfaces and better protect their organizations from cyber threats.
Riot initially gained attention for its simulated phishing campaigns, where employees received fake phishing emails designed to trick them into clicking on malicious links or entering sensitive information.
These exercises were aimed at making employees more cautious about suspicious emails. Over time, Riot added more educational tools, including a security chatbot called Albert, which can be accessed through platforms like Slack and Microsoft Teams. The chatbot provides ongoing education and real-time responses to help users understand and mitigate security risks.
As cyber incidents continue to rise globally, Riot’s approach has gained traction. The company now serves around 1 million employees across 1,500 companies, including well-known brands like L’Occitane, Deel, Intercom, and Le Monde. Riot’s ability to scale rapidly, from 100,000 employees to its current reach, showcases the growing need for effective cybersecurity training programs. With the new investment, Riot plans to expand further and provide more advanced security awareness tools to its clients.
Despite Riot’s progress, cyber threats remain a persistent problem, as evidenced by incidents like the Change Healthcare breach, which affected 190 million Americans. This breach occurred when an employee reused the same password for both their personal account and their workplace Citrix portal, which lacked multifactor authentication. Riot’s increased focus on reducing the attack surface and encouraging proactive cybersecurity behaviors reflects the ongoing challenges that organizations face in protecting their systems and data.