articles

Supply chain security firm scales activities with infrastructure clients

Security software specialist Risk Ledger has secured over £9 million in investment and quadrupled its annual revenues since completing the HS2 Innovation Accelerator.

April 24, 2026

Staying one step ahead of security threats is no longer a task to be handled alone. In this connected world of infrastructure delivery, supply chain partners must work together to combat malicious actors says Haydn Brooks of software supplier Risk Ledger.

Previously, a client might have assessed the risks of supplier data breaches in isolation. But if one supplier works with two of your other suppliers, an attack is deemed a ‘concentration risk’ as, he explains, “it could bring down all three of them at once”.

Threats for the construction sector could include losing confidential BIM models detailing planned infrastructure, an attack on payroll systems, or state actors trying to plant bugs within critical infrastructure.

“To combat these threats is where our network of suppliers comes in,” adds Haydn, whereby connected organisations work together to identify, prevent, detect and respond to cyber attacks.

“When an attack happens, we can see where it took place and who else may be affected by it, so we can contact all of the security teams at risk to tell them what they need to do to minimise the impact of an attack.”

Haydn Brooks, Risk Ledger

Risk Ledger took part in the HS2 Innovation Accelerator, delivered by Connected Places Catapult in 2022 to develop and trial its system. The company went on to secure a contract with the infrastructure client off the back of the programme, to help improve their understanding of cyber security risks and those of its supply chain partners.

The following year, Risk Ledger secured Series A funding of £6.25 million from a consortium led by Mercia Ventures, and last autumn received a further £2.79 million from its investors.

Over the last three years, the company has trebled its headcount to around 75 staff and in that time annual revenues have grown 80% year on year.

Haydn says the HS2 Innovation Accelerator allowed the company to gain a foothold in the transport market. “It can be notoriously difficult to get in front of security teams, so it definitely helped us get speak to the right people at HS2 which ended up with us securing a contract,” he says.

Funding to expand the company

Risk Ledger decided to raise additional funding to allow the continued expansion of its software platform in the UK, to dedicate resources to entering the American market, and further develop the software platform in order to reduce the time taken to detect and respond to active incidents. This is an evolution of third party risk management, which Risk Ledger describes as ‘Active Supply Chain Security’

Adam Lovell from the company’s investor Merica Ventures says that security software is a growing market, and that Risk Ledger represents “the sort of business we want to be backing”.

He says that accelerator programmes such as those offered by Connected Places Catapult “add credibility to what a company is doing” and demonstrates cohort members have “gone through due diligence to get there”.

Adam adds that there is significant investment capital available for businesses like Risk Ledger looking to scale. “Frankly we're looking for more Risk Ledgers. There’s no shortage of money sat with investors; it’s about finding the right businesses to put it behind.”