What happened
Italian embedded cybersecurity firm Exein announced it has raised €100 million in new funding, bringing its total capital raised in 2025 to €170 million, including earlier rounds. The financing package, led by Blue Cloud Ventures with participation from HV Capital, Intrepid Growth Partners, Geodesic Capital, and J.P. Morgan, combines equity and a financing facility to support product development, expansion, and acquisitions. Exein aims to advance its next‑generation embedded runtime security technology, which it describes as a “digital immune system” for connected devices, and plans to unveil key innovations at RSAC 2026.
Who is affected
Exein’s embedded cybersecurity platform already protects more than 1.5 billion connected devices across critical sectors, including energy, healthcare, automotive, aerospace, industrial automation, semiconductors, and robotics. The company expects coverage to exceed 2 billion devices by early 2026 as deployments increase and regulatory focus on device‑level security intensifies.
Why CISOs should care
The Exein funding underscores a strategic shift in cybersecurity toward securing devices at the firmware and runtime level rather than relying primarily on perimeter defenses. This trend reflects how cyberattacks increasingly exploit vulnerabilities in connected devices, often affecting physical infrastructure and supply chains. Embedded security technologies like Exein’s are gaining prominence as organisations face stricter regulatory requirements, including the EU Cyber Resilience Act and the US Cyber Trust Mark, and as edge devices become prime targets for adversaries.
3 practical actions for CISOs
- Assess device‑level exposure: Inventory all connected and embedded devices in your environment to identify unmanaged or high‑risk endpoints that may lack firmware‑level protections.
- Align with emerging standards: Ensure security roadmaps incorporate compliance with device‑centric regulations, such as the EU Cyber Resilience Act and the US Cyber Trust Mark, and prioritise solutions that offer runtime threat detection.
- Evaluate embedded security tools: Pilot or evaluate embedded cybersecurity technologies, including runtime and AI‑driven protection, to complement traditional network and endpoint defences and improve resilience across distributed infrastructures.