Microsoft Corp. is taking its cloud-based security offerings up a notch, expanding beyond the enterprise level to industrial, as the growing number of smart factories exposes large organizations to new risks.
The U.S. tech giant recently acquired CyberX, an Israel-based startup. The CyberX platform works to stop security breaches on internet of things networks and in large organizations that utilize unmanned machines, such as major energy utilities, telecom carriers and chemical plants. According to analysts, the deal underscores the growing importance of unified security offerings that address connected devices spread across both industrial and IT environments.
The acquisition aligns with Microsoft's strategy on three closely related fronts: enterprise, IoT security and the Azure cloud computing business, said Johan Vermij, an IoT analyst at S&P Global Market Intelligence's 451 Research unit.
Microsoft will integrate CyberX's IoT cybersecurity technology within its cloud-based security platform Azure Sentinel.
"Azure already provides IoT security monitoring, but was limited in giving customers insight into which assets were already connected to the network," Vermij said. "With CyberX, Microsoft significantly steps up its industrial security capabilities and finds itself at the frontline of industrial control system (ICS) security with some of the largest organizations in energy and utilities, as well as oil and gas."
Microsoft and CyberX already had a relationship prior to the acquisition, which had been rumored since February. The companies in March announced a deal to integrate Microsoft's Azure cloud platform into CyberX's cybersecurity system.
While Microsoft did not disclose terms of the acquisition, an earlier report by Israeli financial news provider Globes indicated the deal was worth about $165 million.
Robyn Westervelt, a research director within IDC's cybersecurity and trust group, said Microsoft paid a premium if the rumored $165 million price tag is accurate. However, she thinks the acquisition makes sense because CyberX had the most capabilities in the cybersecurity space compared to competing vendors.
"While some of the other players — such as Dragos, Waterfall Security and Darktrace — are more focused on specific cybersecurity use cases, CyberX provides more of a generalist solution that is much more flexible," Westervelt said. "It also happened to have much more momentum behind it, so I could see this being an attractive buy for Microsoft, regardless the cost."
Westervelt explained that cybersecurity for operational technology, or OT, environments, which include industrial equipment such as machinery in factories and power plants, is a very niche space that requires very specific solutions. However, as those machines become more connected to the internet via wireless or the cloud, they become more susceptible to cyberattacks that typically target traditional IT environments.
"For many years there has been a net gap between the IT environment and the OT environment, and that has served industrial systems very well as it protected them from most common cyberattacks," Westervelt said. "With the proliferation of IoT, that gap has closed and now industrial machinery is more vulnerable to run-of-the-mill cyberattacks, such as ransomware."
Westervelt pointed out that the availability of next-generation 5G wireless technology will further drive adoption for IoT devices, as more manufacturers will add sensors in their respective machinery to increase efficiency through better data. The more the machines get connected, the more security risks will continue to emerge, which in turn will require more robust security solutions that not only prevent cyberattacks, but also predict attacks to keep critical operations online.
"AI and machine learning will be crucial for IoT cybersecurity solutions to predict and prevent new threats," Westervelt said. "Manufacturing firms don't want their operations slowed down or even halted whenever a new potential threat pops up, especially if it turns out to be a false positive."
Microsoft in 2018 pledged to invest $5 billion in IoT technologies over four years, and the CyberX acquisition represents the first major deal on the security side of things. However, as more industries continue to embrace IoT, Westervelt thinks more acquisitions in this space are absolutely possible.
"The biggest challenge for most OT environments is that they have typically had a very passive approach to security and are extremely lacking in terms of network infrastructure," Westervelt said. "As they become more connected and modernized, more cybersecurity solutions will be required. I can see Microsoft or even any other tech companies looking to tap the industrial IoT market buying up more security startups to bolster their existing products."
451's Vermij added that numerous traditional IT firms have already been on a recent shopping spree to offer consolidated IT and OT security solutions to address these changing cybersecurity demands. These include Cisco Systems Inc.'s acquisition of Sentryo as well as Palo Alto Networks Inc.'s purchase of Zingbox, both in 2019.
"In IoT, 451 Research's 2019 IoT Market Monitor expects the number of enterprise operational and industrial devices to nearly double by 2024," Vermij said.