Jul 2, 2020
| 3 min read
Validating the Importance of IoT Security
Microsoft announced plans to acquire IoT security vendor CyberX for an undisclosed amount (according to TechCruch the deal is valued at approximately $165mn). Microsoft plans to integrate the CyberX portfolio of products and technologies with its existing IoT security products. The deal is a prominent validation of the importance of security for connected devices, and represents one of the most significant acquisitions of an IoT security to date.
CyberX brings expertise in threat monitoring to the domain of industrial devices. The company was founded in Israel in 2013 and initially focused on working with large network carriers such as Deutsche Telekom, then expanded its footprint in the US to industrial, chemical and other manufacturers. CyberX technology employs scanning and monitoring capabilities to enable businesses to enable asset discovery, vulnerability management, and continuous threat monitoring across thousands of devices that may be deployed in factories, buildings.
The agent-less technology gathers both IoT and OT-based data about asset profiles, risks and potential vulnerabilities. The technology to understand baseline behavior of assets is used to for identifying variances that could indicate security threats or exploits with zero impact on performance due to the passive Network Traffic Analysis (NTA) approach. The company’s domain-specific expertise has benefited from application of AI-based behavioral analytics that continuously monitor network activity and detect anomalies that could indicate breaches.
Microsoft Investing Big in IoT
IoT has been a key area of focus for Microsoft. In 2018 the company announced that it would invest $5 billion into IoT, bolstering capabilities in Azure, analytics and Edge computing. The rationale behind the CyberX deal is to complement existing Azure IoT security capabilities, and extend capabilities to devices used in industrial IoT, Operational Technology and critical infrastructure. A key area for integration focus will be around Azure Sentinel, the company’s security information and event management (SIEM)/security orchestration, automation and response (SOAR) offering. The addition of data from CyberX’s platform monitoring capabilities will be to enable businesses to better identify threats that span both Operational Technology and IT networks that were previously challenging to detect. CyberX provides the IoT/OT discovery and monitoring capabilities that will feed into Azure Sentinel, and provide a comprehensive view of traffic, activity and potential threats.
Why this is important
Security is a critical prerequisite to enable Digital Industry solutions such as smart manufacturing, smart grid, connected spaces, and other use cases in production and supply chain. Visibility is the essential capability to enable detection of potential threats – the application of sophisticated analytics and AI-enhanced detection techniques can uncover correlations and identify covert attacks such as Advanced Persistent Threats (APTs). In particular, this type of threat protection will be necessary to secure critical infrastructure against cyber attacks. The Stuxnet worm that damaged the Iranian nuclear program is the best known example of an engineered threat against industrial machinery (in the case of Stuxnet, taking advantage of a zero-day Windows vulnerability to damage Italian-made centrifuges). Since the advent of Stuxnet raised awareness of industrial cyber attacks, the risks of cyber attacks from potential state actors as well as extortion rings has continued to grow. Solutions like CyberX help enhance baseline protections for manufacturing, utilities and other critical infrastructure (telecom in particular).
Unlock the Power of Digital - Momenta Partners encompasses leading Strategic Advisory, Talent, and Ventures practices for Digital Industry. Connect with us to more about our three practices.