Cybersecurity Venture

Mergers & Money: Industrial Cybersecurity Investment Makes Comeback As Infrastructure Threats Make Headlines 

Editor’s note: Mergers & Money is a monthly column by Senior Reporter Chris Metinko that covers dealmaking and the flow of venture capital in the enterprise tech space.


It wasn’t that long ago when investors and even strategics seemed to all have their eyes turned to industrial cybersecurity—the promise of securing older industrial control systems that were designed decades ago, long before cyberattacks were a reality.

Subscribe to the Crunchbase Daily

However, after a flurry of activity a couple of years ago, a lot of the noise seemed to die down and dealmaking and financing became more of a trickle.

That noise seems to have come back in a big way this year—perhaps punctuated earlier this week when New York-based Claroty closed a $400 million Series E co-led by new investor SoftBank Vision Fund 2, as well as existing investors Bessemer Venture Partners and Schneider Electric. Claroty had just raised a $140 million Series D in June.

“We see a lot more excitement from the investor community—both VC and private equity,” said Claroty CEO Yaniv Vardi. “I would say the level of excitement is 5x or 10x from what it was a year or two ago.”

Claroty’s raise is far from the only large funding round the industrial security—also called operational technology (OT) security—space has seen recently. Just late last month, Palo Alto, California-based Armis Security, an IoT and OT security provider, closed a $300 million private equity round—nine months after it raised $150 million—at a $3.4 billion valuation. In late October, Hanover, Maryland-based Dragos raised a $200 million Series D funding at a valuation of $1.7 billion.

Before that, in August, San Francisco-based Nozomi Networks closed a $100 million round.

The reason for the new interest is simple, Vardi believes.

“It’s the number of attacks you are seeing in the market,” he said.

A new era

OT security space became a buzzword around 2018-19. In those two years, Armis, Claroty, Dragos and Nozomi Networks alone were able to raise nearly a quarter of a billion dollars, according to Crunchbase data.

A plethora of M&A also occurred during that time frame, including ForeScout Technologies acquisition of IoT and OT security company SecurityMatters for $133 million. That deal was followed by Dragos acquiring NexDefense; a provider of industrial control systems technology; Palo Alto Networks acquiring IoT security developer ZingBox for $75 million; and Tenable buying Indegy for $78 million in cash.

But 2020 proved a quieter year for the space. In the first days of 2020, Insight Partners acquired Armis at a $1.1 billion valuation, and Dragos secured a new $110 million round, but dealmaking, in general, seemed to quiet down.

One reason may have been the large amount of consolidation OT security had just witnessed, said Vardi, who himself had been approached by suitors at that time wanting to buy Claroty.

However, with the uptick of news reports about the susceptibility of critical infrastructure to ransomware and other cyberattacks, and the passage of the $1.2 trillion U.S. infrastructure bill to safeguard some of those systems, many companies in the space seem to be basking in investor’s love once again.

In May, the shutdown of the Colonial Pipeline—a 5,500-mile pipeline from Texas to New York that transports just less than 50 percent of  the East Coast’s fuel supplies—by a ransomware attack brought industrial and OT security under the spotlight. Stories of attacks on hospitals—something many OT security companies also look to protect—grabbed headlines earlier this year.

The infrastructure bill, which was signed last month, includes about $2 billion for cybersecurity initiatives. Much of that money is expected to go toward upgrades to critical infrastructure like water and energy, operational technology, and industrial control security.

“This market is going crazy right now,” Vardi said. “It’s not (chief information security officers) that are realizing this is a problem. It’s the board of directors that are realizing this is a problem.”

Looking ahead

Despite the increased amount of dollars coming into the sector, some questions about the space remain.

Matthew Goldstein, a managing director at M12 who invests in cybersecurity, said because every industrial operation differs and there is no consistency, putting such such security in place can be time-consuming and costly.

“I’m a bit of a skeptic,” he said. “Just with no consistent environment maintenance and (operating expenses are) so high.

“It can be just so hard to deploy,” he added.

That was true two years ago, however, OT security solutions have become easier to install, Vardi said. Claroty’s product needs no configuration and no network changes, for instance, he said.

“We are more advanced now,” he added.

Nevertheless, the question still remains about the sector’s ability to produce a large, independent—even public—company one day.

Goldstein said with large automation, manufacturing and OT companies like ABB and Honeywell selling more software now, there could be a logical marriage down the line. On the other side, Vardi thinks Claroty could be a public company in two to three years, as large automation companies and service providers likely will stay away from the software side.

Regardless of what happens in the future, it seems like OT security companies could be in for another active cycle—in terms of both fundraising and M&A—as the government and utilities race to stop ransomware.

Illustration: Dom Guzman

Stay up to date with recent funding rounds, acquisitions, and more with the Crunchbase Daily.

Copy link