マイクロソフト、IoTセキュリティスタートアップCyberXを買収

マイクロソフトは、2022年までに50億ドルをIoTに投資するという公約の一環として、IoTセキュリティの新興企業であるCyberXを買収したことを確認しました。Microsoft confirmed it acquired IoT security startup CyberX as part of its pledge to invest $5 billion in IoT by 2022. The tech giant didn’t disclose the purchase price, but earlier reports put a $170 million price tag on CyberX. The startup, based in Waltham, Massachusetts, was founded in 2013, and raised $47 million. It developed agentless software that continuously monitors and provides visibility into unmanaged IoT and industrial control system devices across IT and operational technology (OT) environments. In a blog post about the acquisition, Microsoft CTO of Cloud and AI Security Michal Braverman-Blumenstyk and Sam George, CVP of cloud and AI Azure IoT, said the acquisition will complement existing Azure IoT security capabilities. It will also give customers visibility into IoT devices that are already connected to their networks and manage security on existing IoT devices. “With CyberX, customers can see a digital map of thousands of devices across a factory floor or within a building and gather information about their asset profile and vulnerabilities,” they wrote. “Gaining this visibility is not only critical for understanding where security risks may exist and then mitigating those risks but it is also a fundamental step to securely enable smart manufacturing, smart grid, and other digitization use cases across production facilities and the supply chain.” This is Microsoft’s second IoT-related acquisition this year. In April, it bought Express Logic, a real-time operating system provider for IoT and devices at the edge powered by microcontroller units. Microsoft has been building out its IoT security arsenal over the past couple years, and earlier this year made available a threat hunting service that works across customers’ clouds, data centers, endpoints, and IoT devices. At the time it also rolled out Azure Security Center for IoT, which connects Azure cloud security, visibility, and analysis tools with the company’s Azure IoT Hub. CyberX will bolster both of these IoT security services. “For example, in conjunction with Azure Sentinel … SecOps personnel will be able to identify threats that span operational technology- and IT-converged networks that were previously challenging to detect,” Braverman-Blumenstyk and George wrote. The acquisition comes as the number of connected devices explodes — Gartner expects 25 billion of these by next year. They represent the fastest-growing attack landscape for organizations globally, according to F-Secure. Because of this, IoT security startups have become hot acquisition targets for larger vendors and private equity firms alike as organizations look to converge their IT and OT security. Last summer Cisco bought a small IoT security startup called Sentryo and used that company’s technology for its IoT security architecture. In the fall, Palo Alto Networks acquired IoT security startup Zingbox for $75 million, and used that technology to launch its first IoT security service this month. And earlier this year Insight Partners bought IoT security startup Armis for $1.1 billion in the largest-ever enterprise IoT security software acquisition.