Microsoft today announced its intention to acquire CyberX, a startup developing a platform designed to protect industrial control systems. The terms weren’t disclosed, but TechCrunch reports that it’s in the range of $165 million.
The deal shores up Microsoft’s strategic positioning in the autonomous systems market, which it entered in 2018 with its acquisition of Bonsai (now Project Bonsai). The Project Bonsai team applies AI to industrial control systems across markets, and CyberX’s technology promises to shield those control systems from cyberattacks.
“CyberX will complement the existing Azure IoT security capabilities, and extends to existing devices including those used in industrial IoT, operational technology, and infrastructure scenarios” said Microsoft’s Michal Braverman-Blumenstyk, CVP of cloud and AI security, and Sam George, CVP of cloud and AI Azure IoT, in a blog post. “With CyberX, customers can discover their existing IoT assets, and both manage and improve the security posture of those devices.”
Connected control systems help to manage everything from electrical substations to fleets of robots, but they’re largely unprotected. According to a survey by Kaspersky, only 23% of respondents said their infrastructure was compliant with regulations, and 2017 saw a 29% uptick in industrial control system vulnerabilities.
UpWest Labs graduate CyberX, which was cofounded in 2012 by Omer Schneider and Nir Giller (both veterans of the Israeli Defense Forces’ elite cyber unit), aims to put a stop to attacks with a platform that continuously monitors any control system. The company employs tech it calls industrial finite state modeling (IFSM) to identify deviations from normal behavior, in part through a deterministic, sequential view of system states and transitions. In this way, CyberX is able to spotlight protocol violations that might indicate active exploitation of a vulnerability, and to recognize signs of both generic and targeted malware.
CyberX also employs heuristics to suss out atypical machine-to-machine communications, and to flag problems like the intermittent connectivity that precedes equipment failure. The company’s solution supports a range of control systems and protocols from vendors such as Rockwell Automation, Schneider Electric, Siemens, and GE, and it doesn’t lean on rules or prior knowledge of environments. Moreover, it can be deployed as either a virtual or physical appliance; it doesn’t directly impact the networks over which it’s deployed; and it integrates with existing IT security stacks like those supplied by Splunk, IBM Security, Palo Alto Networks, Cisco, RSA NetWitness, and ServiceNow.
CyberX claims it takes less than an hour on average to deliver insights. Prior to the acquisition, its clients included two of the top five U.S. energy providers, a top five global pharmaceutical company, a top five U.S. chemical company, and national electric and gas utilities across Europe and Asia-Pacific.
“Nir and I founded CyberX with the goal of delivering a scalable solution that would be easy to deploy and reduce risk for enterprises worldwide,” said CyberX cofounder and CEO Omer Schneider in a blog post announcing the deal. “We’re thankful to our loyal customers and partners as well as to our dedicated employees whose innovation and hard work made it possible for us to reach this important milestone, and also to our investors for their ongoing support.”
CyberX cofounder and CTO Nir Giller added: “By joining forces with Microsoft, we will rapidly scale our business and technology to securely enable digital transformation for many more organizations. Together, CyberX and Microsoft provide an unbeatable solution for gaining visibility and a holistic understanding of risk for all IoT and OT devices in your enterprise.”
Waltham, Massachusetts- based CyberX employs 164 people, and it raised $48 million in venture capital prior to the acquisition. That includes $18 million secured in a strategic funding round led by Qualcomm Ventures and Inven Capital.
Microsoft’s purchase of CyberX follows a number of other cybersecurity buys in recent years. In June 2017, the company snatched up security orchestration and automation provider Hexadite for a reported $100 million. In September 2015, Microsoft bought Adallom, a cloud access security broker, for over $320 million. And in November 2014, the tech giant acquired hybrid cloud security startup Aorato for an estimated $200 million.
Broadly speaking, in spite of the economic downturn, internet of things cybersecurity has been a popular acquisition target this year. In February, Advent International agreed to purchase Forescout for $1.9 billion less than two years after the firm’s initial public offering. And in January, Insight Partners purchased unmanaged device security startup Armis for a $1.1 billion valuation.