October 26, 2023 at 04:02PM
Industrial automation and control system manufacturers are acquiring cybersecurity firms to enhance protection for factories and facilities. Rockwell Automation is acquiring Verve Industrial Protection, while Honeywell and Siemens have also made similar moves. The motive behind these acquisitions is not only to address cybersecurity weaknesses but also to create new sales channels. The threat landscape has seen an increase in attacks targeting industrial control systems, making asset-centric security crucial. However, the industrial automation industry still needs to establish trust regarding their commitment to security. The details of Rockwell Automation’s acquisition of Verve have not been disclosed.
The meeting notes discuss the recent acquisition of Verve Industrial Protection by Rockwell Automation, a manufacturer of industrial automation and control systems. Verve Industrial Protection is a cybersecurity software and services firm that will become part of Rockwell’s Lifecycle Services division. This acquisition follows similar moves by other manufacturers in the industry, such as Honeywell’s purchase of SCADAfence and Siemens’ partnership with Tenable.
The motive behind these acquisitions is twofold. First, the manufacturers aim to provide their customers with enhanced cybersecurity measures to protect their factories and facilities. Second, they see these acquisitions as an opportunity to create additional sales channels for cybersecurity products and services.
The need for improved cybersecurity in the industrial control systems (ICS) and industrial Internet of Things (IIoT) sectors is becoming increasingly critical. Recent attacks on companies like Colonial Pipeline have highlighted the vulnerabilities in these systems. According to a report by Rockwell Automation, 77% of attacks on critical infrastructure come from state-affiliated actors and organized criminal groups. The energy sector is the most targeted, followed by critical manufacturing, transportation, and nuclear sectors.
In order to address these threats, industrial system operators need better visibility into their networks to identify vulnerable devices and apply patches. The industry is also looking to shift from a network-centric view of security to an asset-centric approach. However, the complex nature of industrial automation, with long lifecycles for equipment and short lifecycles for software, poses challenges.
While the recent acquisitions by manufacturers like Rockwell Automation are steps toward improving security, they still need to earn customer confidence in prioritizing security over profits. There is uncertainty regarding whether asset owners will trust the manufacturers to be transparent about risks. The success of these manufacturers as channels for ICS security products and services is yet to be proven.
The details of Rockwell Automation’s purchase agreement with Verve Industrial Protection have not been disclosed. The acquisition is subject to regulatory approval and is expected to close in the first quarter of Rockwell’s fiscal year in 2024.