Damage to critical infrastructure and industrial processes is the holy grail of cyber researchers. Malicious entities targeting the company attack surface can create a lot of damage, including safety and environmental incidents in some core industries. This can cost not just production downtime, but also damage to the life of citizens and basic services.
To manage such scenarios, Microsoft has acquired CyberX, an Israeli cybersecurity startup. The startup provides IoT/OT cybersecurity platform built by blue-team experts with a track record of defending critical national infrastructure of Israel, a country which is a hotbed of cybersecurity innovation.
On the enterprise side, Microsoft has been acquiring companies, with the most recent ones prior to CyberX being Softomotive, a UK based Robotic Process Automation (RPA) company in May 2020 and ADMR Software, a data modelling startup in June. The startups add value to the Azure portfolio in various technology segments. Similarly, Microsoft’s Azure cloud platform will be connected into the CyberX ecosystem which will then be used to serve enterprise clients around the world.
What Is CyberX?
Founded in 2013, CyberX has gained tremendous customer growth with the leading companies using its IoT/OT security platform to protect their web facilities. CyberX raised about $48 million since its inception in 2013. This is Microsoft’s eighth acquisition in Israel in the last decade. The purchase amount as part of the acquisition is estimated to be between $150-180 million.
The startup owns a patented, IoT/OT-aware behavioural analytics, CyberX’s agentless technology which can be deployed in minutes to give deep visibility into IoT/OT networks and include asset tracking, vulnerability management, and continuous threat monitoring.
CyberX has developed a system that provides protection for networks in factories and industrial control systems by analysing current operations and identifying anomalies, through machine learning. The company’s customers belong to a variety of sectors where there is industrial and critical infrastructure, including gas companies, power plants and energy companies, water facilities, and pharmaceutical companies. The integration of CyberX’s solution with Microsoft’s cloud is probably the basis of the acquisition deal.
How Can Microsoft Utilise CyberX Capabilities?
The field differs in many ways from the field of computer and network protection, which is well known to Microsoft. These are other protocols, on other computers, a different network structure and professionals other than IT professionals. The field of industrial cybersecurity is considered a relatively young industry, which is growing at the same time as the penetration of IoT technologies (the Internet of Things) into manufacturing processes in industrial companies. Gaining the wider industrial IoT networks visibility is critical for being able to identify vulnerabilities and respond in real-time.
According to experts, we may see Microsoft connecting the CyberX platform with the Azure IoT stack, Azure Security Center for IoT, and Azure Sentinel, which is the first security information and event management (SIEM) with inbuilt IoT support. With the acquisition, Microsoft may have a simpler approach to unified cybersecurity governance in both IT and industrial systems to bring end-to-end security across managed and unmanaged IoT devices, which can help companies to swiftly detect and respond to advanced threats in increasingly converged networks.
Overall, Microsoft has invested $5 billion into IoT under Azure stack for solutions as part of supporting its thousands of enterprise users and business clients. IoT plays a vital role in collecting valuable sensor data across a number of industries, but cybersecurity has always been an issue in protecting that data.
Security researchers keep finding vulnerabilities in IoT devices, which can provide hackers access to sensitive data, and entire corporate networks. IoT devices can be scaled securely using CyberX capabilities of real-time advanced threat analytics on the network data. By leveraging behavioural analytics and other AI-based techniques, it can help constantly monitor network activity and identify anomalies that could indicate breaches.
Israel Is A Cybersecurity Hub, and Microsoft Has Shown Interest
Over the years, Israel has produced state-of-the-art innovation in cybersecurity and defence technologies. Microsoft’s R&D centre in Israel has about 1,500 employees, about half of whom are in the cyber industry, according to a report. When it comes to Israeli cybersecurity startups acquired by Microsoft, there are quite a few.
There was Aorato, an enterprise security and machine learning startup which was acquired in 2014. In 2015, Microsoft again acquired two Israeli cybersecurity firms – Adallom, a Cloud security company acquired for a whopping $320 million and data protection company Secure Islands Technologies. Then again in 2017, Microsoft made another Israeli security startup purchase when it bought Hexadite for $100 million, raising its total acquisition to $1 billion.
Overall, Israel continues to be the hotspot for startup innovation, as evident from the latest acquisitions. For example, recently Intel also acquired Moovit, another Israeli startup that analyses urban traffic patterns and provides transportation recommendations with a specific focus on public transit.