Automakers Confront Cyber Risk as Lema Raises $24 Million

A $24M raise spotlights rising supply chain cyber threats, pushing automakers to tighten oversight as vehicles grow more connected

9 Feb 2026

A funding round for a little-known cybersecurity start-up is drawing attention to a growing concern among carmakers: the vulnerability of the digital supply chains that underpin modern vehicles.

Lema, which focuses on identifying cyber risks in third-party software and technology partners, has emerged from stealth with $24m in funding led by venture capital group Team8. The investment comes as vehicles increasingly rely on external software, cloud services and data links, widening the range of potential attack points beyond the car itself.

Automakers have spent years strengthening protections for onboard systems. But as vehicles shift towards software-defined architectures, risks are often embedded upstream, through suppliers that provide code, updates and connectivity services. Managing those risks has become harder as manufacturers juggle hundreds of vendors and millions of lines of software.

Lema’s approach reflects a broader change in industry thinking. Rather than focusing only on responding to breaches, companies are seeking earlier detection of weaknesses, particularly within supplier networks. That preventative focus is gaining traction as cars come to resemble mobile data centres, constantly exchanging information with external systems.

Regulators have added to the pressure. Frameworks such as UN/ECE WP.29 and ISO/SAE 21434 require manufacturers to manage cybersecurity risks across the full vehicle lifecycle, including those linked to partners and suppliers. Compliance has pushed cybersecurity higher up the list of board-level concerns.

Nadav Zafrir, co-founder of Team8, has said many companies struggle to maintain visibility over expanding partner ecosystems. In the automotive sector, where software complexity has grown faster than traditional oversight models, that problem is particularly acute.

Spending on automotive cybersecurity is expected to rise sharply over the next decade, driven by tighter regulation, greater connectivity and growing consumer sensitivity to safety and data protection. Investors are increasingly betting that securing the supply chain will be central to that growth.

Obstacles remain. Carmakers depend on long-established suppliers, and closing security gaps often requires coordination across multiple organisations. Identifying risks does not always lead to swift remediation.

Even so, the direction of travel is clear. Lema’s funding points to a shift towards treating cybersecurity as a core element of vehicle design and procurement, rather than a technical add-on. As cars become ever more connected, securing the ecosystem around them is becoming as important as securing the vehicle itself.