Billion Dollar M&A Activity Driving Market Consolidation in Industrial Cybersecurity

On September 9, Mitsubishi Electric announced its intention to acquire Nozomi Networks in a deal valued at US$1 billion, one of the largest, to date, in the Operational Technology (OT) security market. Nozomi will become a wholly incorporated, but independently operating subsidiary of Mitsubishi, meaning it will continue business as usual in terms of its engagement with partners and clients. Nozomi will be able to take advantage of Mitsubishi’s deep, global reach in industrial markets, and Mitsubishi will be able to extend its cybersecurity capabilities through a dedicated security arm with extensive experience in the OT space. 

Industrial automation companies have been investing in cybersecurity for some time, either through extended partnerships with security companies, funding rounds in startups, or by developing dedicated OT security solutions. But the aggressive incursion of traditional pure-play Information Technology (IT) cybersecurity vendors into the OT security market in recent years, led by Palo Alto Networks, Fortinet, Cisco, Tenable, Forescout, and Armis, among others, has driven rapid scaling and innovation of solutions and platforms tailored for industrial environments.

In part, this is due to a growing body of regulations (with the European Union (EU) Cyber Resilience Act (CRA) and NIS2, but also the U.S.-based Cyber Incident Reporting for Critical Infrastructure Act (CIRCIA) rules and the Transportation Security Administration (TSA) Pipeline) pushing a broader OT-agenda market that operates beyond critical infrastructure to look for security solutions that can help them with compliance. Pure-play cybersecurity vendors are leveraging the brand trust they have built up over decades in the IT space to expand into the OT market, and the marketing spending directed at gaining traction with clients and prospects is considerable.

As market interest turns toward these pure-play cybersecurity vendors, industrial automation companies are keen to ensure they are also viewed as more than capable of meeting OT security demands and have been ramping up efforts to provide comprehensive cybersecurity solutions, from software to platforms to managed services, either developed in-house, but most often in partnership with security vendors.  

For those cybersecurity vendors whose DNA is rooted in OT (such as Nozomi, Dragos, Claroty, SCADAfence, OTORIO, Radiflow, Verve Industrial Protection, etc.), this demand and market visibility has been a boon—driving not just greater sales engagement and industrial partnerships, but also acquisition interest. Case in point, Armis acquired OTORIO earlier this year, Radiflow is currently being acquired by the Sabanci Group, Rockwell Automation acquired Verve in 2024, and Honeywell acquired SCADAfence in 2023. The Mergers and Acquisitions (M&A) activity has intensified significantly in the last few years, with larger deal sizes and deeper integration alignment.

The demand for OT cybersecurity is rooted first and foremost in the need to comply with standard and regulatory requirements, in part driven by the surge in paralyzing cyberattacks against industrial environments in recent years. Key to any OT security solution today is conveying how it can help organizations meet their compliance goals, whether they are operating in the energy sector, chipset manufacturing, or healthcare sector. Beyond that, successful pundits will have to make sure they hammer home their expertise in OT environments (with deep Industrial Control System (ICS) protocol awareness and specific end-market knowledge). The best security technologies won’t work if they don’t understand OT. Any security tool that slows or adversely affects operating environments will not be considered—context is everything. Finally, industrial companies will want (and need) comprehensive coverage: from sensor to cloud, across all segmented network islands. Technology integrations, orchestration, and effective governance will go a long way in providing attractive solutions that can cater to the broadest needs of user needs. The OT security market is finally picking up the pace, even if it’s driven by the regulatory stick.