Cybersecurity company Phished receives €7.5 million in backing from Welvaartsfonds

The Leuven-based cybersecurity company Phished will have access to an additional €7.5 million over the next 4 years thanks to a convertible bond provided by the Flemish investment fund Welvaartsfonds. Phished, conceived by CTO Arnout Van de Meulebroucke and led by serial entrepreneur Jo Vandebergh, is in the final stretch to achieve its first major business goal – an annual recurring revenue (ARR) of €12 million.

"Our new goal is to grow Phished to an ARR of €20 million by 2027. The capital injection from Welvaartsfonds will provide an extra boost and allow us to further scale our sales & marketing," says Phished CEO Jo Vandebergh. Phished will also use the bond obtained to accelerate its international growth and continues to invest significantly in cyber research.

The story of the Leuven-based cybersecurity company Phished began in 2019 when Arnout Van de Meulebroucke came up with the idea of using AI-driven simulations to raise employee awareness about phishing emails. He presented the idea to his boss at Bringme, Jo Vandebergh, who immediately invested €1 million to launch the startup. Over the past 4 years, Phished has grown into a team of 50 employees and has received further financial support from Vandebergh, who incrementally invested an additional €8 million in phases.

In just 48 months, Phished has grown into a holistic training platform with a mapped out curriculum that strengthens employees' cyber resilience. Unlike its competitors, Phished focuses not only on employee awareness but primarily on behavioral change. The training platform combines simulations and short training sessions, teaches users cyber hygiene for maintaining their apps and devices, and provides concrete threat alerts that inform users about the latest techniques hackers use. Employees and teams can earn certificates through learning sessions and checkpoints, and the Behavioral Risk Score^TM predicts the likelihood of an organization being hacked due to human error.

In 2022, at the request of founder Van de Meulebroucke, Vandebergh took over the role of CEO to scale the company, allowing Van de Meulebroucke to focus on the further development of the platform. Vandebergh gave the employees one simple business goal: to build an ARR of €12 million within 60 months. With 2500 business customers and 200 MSP partners spread across APAC, Europe, and North America, the company will reach this milestone by the end of the year.

"Phished has developed a holistic training platform in just a few years that helps companies achieve a zero-cyber-incident rate by changing the digital behavior of employees. Both SMEs and large renowned institutions such as Acerta, Essers, and Proximus use our platform. Now that the first major goal is within reach, we are setting the bar even higher for ourselves. The ambition is to achieve an ARR of more than €20 million by 2027, and the convertible bond that Welvaartsfonds will provide us will give us the necessary backing to realize this." - Jo Vandebergh, CEO of Phished

"Cybersecurity is a strategic issue for every company. The defense is only as strong as its weakest link, and that remains the human to this day. Despite advances in technology, many companies remain vulnerable to cybercrime due to a lack of awareness and training among their employees. Investing in cybersecurity is not just about strengthening systems; it is about providing employees with the knowledge and skills to recognize and block cyber threats. Thanks to Phished's technology, companies will be able to make great progress in an era where accelerated digitalization and the growth of cybercrime go hand in hand." - Roald Borré, Portfolio Manager at Welvaartsfonds