Subscribe to receive Urgent Communications Newsletters
Catch up on the latest tech, media, and telecoms news from across the critical communications community
Rockwell’s Verve buy enlivens critical-infrastructure security
2 Min Read
Manufacturers of industrial automation and control systems continue to scoop up industrial cybersecurity firms to provide customers with more protection for their factories and facilities.
This week, Rockwell Automation agreed to acquire Verve Industrial Protection, a cybersecurity software and services firm, which will become part of Rockwell’s Lifecycle Services division. The acquisition follows the July commitment by Honeywell to buy SCADAfence, an operational technology and IoT security firm, as a way to acquire asset discovery and threat detection capabilities. And just last week, technology firm Siemens announced an all-in-one testing suite for industrial networks — partnering with Tenable on the initial testing tools, but committing to including more third parties in the future.
The large manufacturers are trying to catch up with attackers and fix their cybersecurity shortcomings, says Katell Thielemann, distinguished vice president analyst at business intelligence firm Gartner.
“OEMs are on a bit of a redemption journey,” she says. “Their end-user clients are starting to be vocal about buying multimillion-dollar assets that contain vulnerabilities and misconfigurations, and then having to pay million-dollar support services contracts that allow fixes downstream.”
An additional impetus for Honeywell, Siemens, and Rockwell to acquire cybersecurity services comes from the desire to create additional channels for sales, says Dale Peterson, CEO and founder of Digital Bond, an ICS consultancy.
“What we are seeing is the large ICS vendors are developing practices to sell cybersecurity products and services — sometimes through acquisition … and sometimes through partnerships,” he says. “It’s unclear if this will be successful or how committed they will be to this in tough times.”
Target Threats Tailored to ICS
The acquisition announced comes as attackers are increasingly targeting industrial control systems (ICS) and the industrial Internet of Things (IIoT). In May 2021, an attack on Colonial Pipeline’s information systems resulted in the company shutting down pipelines, causing a fuel shortage along the East Coast of the United States.
Overall, 77% of attacks on critical infrastructure came from state-affiliated actors and organized criminal groups, according to an analysis of 122 public incidents published by Rockwell Automation last month. The largest share of attacks (39%) hit the energy sector, with critical manufacturing, transportation, and nuclear sectors each accounting for another tenth of attacks, according to the report.
To read the complete article, visit Dark Reading.
