Gartner Blog Network


Microsoft acquires CyberX: Tech Providers Pay Close Attention to Security

by Barika Pace  |  June 23, 2020  |  1 Comment

Analysis

Last year, we predicted that by the end of 2023, 60% of stand-alone IoT and OT security providers would no longer exist as we know them today. Since that time, there has been a rash of mergers and acquisitions in the IoT/OT/CPS security space. So it was no surprise that Microsoft Azure confirmed its intentions to acquire OT security provider CyberX. But what should we be paying attention to with this acquisition?

In case you have missed out on the digital security journey thus far, let me recap. As we think about digital transformation, there are truly two camps; the transformers and the optimizers. Optimizers focus on their current business model: maintain the same model but make it function better, at less cost, while delivering better experiences. The transformer camp pursues net new revenue and business opportunities in the digital space. For each, the security appetite is very different.

Pay Closer Attention to Customers' Digital Ambitions

IOT platform providers, IT security firms, and standalone security providers need to pay closer attention to which camp their customer's fall into.  Yes, IOT platform providers like Microsoft will play a bigger role with security being core differentiation for their products. Traditional IT security firms should pay attention as well, and be ready to make solid progress on their IOT/OT security feature set over the next year. 

For transformers, security rests with the platform and is core to their IP, so the pending CyberX/Microsoft Azure deal is perhaps one of the first real signs that IIoT/IoT platform providers need to focus on security as a strategic product play. 

Finally, perhaps just as important, stand-alone providers must decide which camp they will align with in the near future.

Recommendations

Who should pay attention? What should they do?

Traditional IT Security Provider

  • Urgently evaluate your go-forward options by assessing current and planned capabilities to account for IoT/OT.
  • Look at existing strategic OT/IoT partners for possible M&A options.
  • Center your product roadmap for the optimizers by centering opportunities on integration with SIEM/SOAR solutions.
  • Up your UX game to increase cyber situational awareness

Stand-alone OT/IoT Providers

  • Urgently reevaluate go-forward options by assessing current and planned capabilities and market readiness to add IT security functionality to existing products, partner with large-scale providers, or position the product line for acquisition.
  • Play ball as a microservice or macroservice solution to platform and security providers if you want to stay in the game.

IIoT/IoT Providers

  • Embrace Camp B, the Transformers, and be prepared to double down on security to stay competitive.
  • Consider M&A as a step to leapfrog over the competition. Vendors to look at should include OT/IoT stand-alone providers and embedded trust solution providers.

Recommended Reading

Market Insight: Act Before Convergence Kills Your Stand-Alone OT/IoT Security Product Solution

Product Manager Insight: Improving Situational Awareness for Nonexpert Users With AI

Emerging Technologies: Venture Capital Growth Insights for Cyber-Physical System Security

Focus More on the Realities of Cyber-Physical Systems Security Than on the Concepts of IoT

Additional Resources

View Free, Relevant Gartner Research

Gartner's research helps you cut through the complexity and deliver the knowledge you need to make the right decisions quickly, and with confidence.

Read Free Gartner Research

Category: 

Tags: cyberx  iot  microsoft  security  

Barika Pace
Sr Director I
3 years at Gartner
17 years IT Industry

Barika L Pace does research focused on securing emerging technologies and protecting corporate branding for high-tech enterprises. Her research covers threats and disruptions facing, Internet of Things (IoT), cyberphysical systems (CPS), social media, operational technology (OT), coupled with the realities of regulatory changes, privacy, fraud prevention and risk. In addition, through a product management lens, Ms. Pace helps clients identify top talent requirements. Her work focuses on overcoming recruiting challenges, retention, providing insights into diversity, inclusion and recruiting. Her research recognizes that in today's interconnective world protecting customers and brand reputation requires, an increased focus on multiple channels to conduct fraud detection, address cyberphysical security risk, counter threats, and to meet the challenges of increasing regulatory environment through continuous innovation. Also, Ms. Pace's research focuses on helping clients improve customer experience, through effective messaging, communication, and brand management. She helps clients optimize product strategy, and brand positioning. Finally, Ms. Pace enjoys working with tech CEOs, product leaders, product marketing leadership, CMOs, CISOs, digital manufacturing product innovators, security providers, and various clients on organizational and cultural changes needed to remain agile.Read Full Bio


Thoughts on Microsoft acquires CyberX: Tech Providers Pay Close Attention to Security


  1. Char Newton says:

    Very informative piece and very relevant information especially given the pandemic -times we are in where more and more businesses are doing remote business and are in need of IT security. Very relevant!



Leave a Reply

Your email address will not be published. Required fields are marked *

Comments or opinions expressed on this blog are those of the individual contributors only, and do not necessarily represent the views of Gartner, Inc. or its management. Readers may copy and redistribute blog postings on other blogs, or otherwise for private, non-commercial or journalistic purposes, with attribution to Gartner. This content may not be used for any other purposes in any other formats or media. The content on this blog is provided on an "as-is" basis. Gartner shall not be liable for any damages whatsoever arising out of the content or use of this blog.