December 8, 2020

Original blog post published here

As digital transformation initiatives accelerate globally, industrial organizations and enterprises that depend upon industrial processes to propel their core business collectively stand at a cyber risk crossroads.

In the digital era, CEOs and boards demand that their organizations not just ensure the profitability of their industrial facilities, but also use technology to increase worker productivity and safety. However, the digital advancement and hyperconnectivity of operational technology (OT) required to achieve those aims opens the door to new cyber risks and exacerbates existing ones. To move forward safely and minimize risk exposure to core business functions and operational processes, organizations are now actively on the hunt for partners to help them synchronize cybersecurity with OT innovation.

Today’s announcement of Dragos’s Series C funding round proves these trends out. The remarkable element to this $110 million round is that it was driven by a coalition of industrial and manufacturing companies as well as investors. It’s a who’s who list of firms that don’t just believe in Dragos as a business but who also stand to reap the benefits of improved OT cybersecurity technology in their daily operations.

Some of the major stakeholders in this round include National Grid Partners, the independent investment and innovation arm of National Grid plc, one of the world’s largest investor-owned energy companies, Saudi Aramco Energy Ventures (SAEV), a fund of Aramco Ventures, the $1.5 billion venture capital program of Aramco, as well as Koch Disruptive Technologies, the investment arm of Koch Industries, one of the world’s largest technology companies and manufacturers, which invests in emerging and transformative high-growth technologies. Also on the roster is HPE Pathfinder, the investment arm of Hewlett Packard Enterprise (NASDAQ: HPE), the global edge-to-cloud platform-as-a-service company. HPE has an interest in Dragos both as a partnering IT security vendor and as a major manufacturer that must secure its own OT infrastructure.

"OT infrastructure and equipment are some of the most valuable assets manufacturing and industrial companies own, but these same pieces of machinery are also some of the most vulnerable to cyber attacks." Todd H. Poole, Principal, Hewlett Packard Pathfinder

The events of 2020 have accelerated plans for digital transformation, with 80% of CEOs reporting to KPMG that the pandemic sped up their timetables. Their most immediate advances are planned for digital operations. While the convergence of IT and OT network assets may have happened a long time ago, it’s the business importance of that hyperconnectivity that is now blowing up.

Companies that rely on operational technology increasingly depend on these connections to create new lines of business, new revenue streams, and new industrial processes. They stand at the heart of efforts to profit from service-oriented business models, to glean business and operational insight from industrial IoT (IIoT) networks, to streamline operations with more automation and AI, and generally gain a competitive edge in the market. All of this increases the risk to not only OT infrastructure, but also the potential impact of industrial cyber incidents.

"Manufacturing and assembly lines, oil and gas refineries, power stations, electric grids, dams, railways, traffic control systems — these critical pieces of public and private infrastructure are the lifeblood of large enterprises and utilities and the mitochondrial powerhouses of national economies." Todd H. Poole, Principal, Hewlett Packard Pathfinder

Interest by investors like HPE in the Dragos mission shows that industrial leaders are moving beyond the awareness stage about OT cybersecurity. Markets are waking up to the cybersecurity realities wrought by digital transformation and are seeking the means to improve their risk management capability for future innovation.