by Jared Weiner | 09/10/2024
Over the years, several high-profile breaches have drawn attention to the consequences of inadequately secured OT networks and systems. Though attacks explicitly targeting OT networks remain relatively rare, the steadily increasing connectivity between OT, IT, and other external networks has led to an increased frequency of such attacks. Stuxnet remains particularly infamous due to the mainstream notoriety it received, while more recently, threats such as Pipedream and Volt Typhoon have caught the attention of the industrial cybersecurity community. Collectively, these threats influence regulatory and compliance guidelines, shape insurance requirements, drive government policy, and generate significant business for providers of OT cybersecurity software and services.
OT cybersecurity software solutions help protect industrial organizations from these threats by delivering functionality such as asset management, asset and network visibility, compliance management, and endpoint protection. The energy and utilities sector remained the leading source of OT cybersecurity software revenue in 2023 (as shown in the exhibit below), with cybersecurity investments by organizations in this industry prompted by attacks targeting critical infrastructure facilities and by compliance requirements such as NERC CIP in North America and now NIS 2 in Europe . Despite its already significant size, growth within this sector will be among the highest in the broader OT cybersecurity market as evolving industry dynamics create new opportunities for vendors.
Global Share of OT Cybersecurity Software Revenue by Vertical Market, 2023
(Percentage of Revenue)
While threats to critical infrastructure and compliance requirements will remain foundational revenue drivers for OT cybersecurity vendors serving this industry, energy transition initiatives have emerged as a critical growth vector within this space. Concerns about climate change have propelled a global transition from fossil fuels to natural gas and renewable energy sources such as hydroelectric, solar, and wind. As energy providers around the world replace coal-fired power plants with low- or zero-carbon alternatives, cybersecurity vendors will be instrumental in ensuring these new facilities and systems are architected to withstand modern cybersecurity threats.
However, these new facilities will also introduce new challenges, with microgrids and other decentralized architectures significantly expanding operators’ attack surfaces and thus requiring sophisticated strategies to ensure cyber resilience. This phenomenon will drive OT cybersecurity revenue within the energy and utilities sector, with Dragos, Schneider Electric, and Verve Industrial among those best positioned to capitalize on this trend due to their vast experience working with customers in this industry. That said, the relative immaturity of the renewable energy sector is such that many other vendors may also find success by identifying and addressing cybersecurity considerations that are unique to this burgeoning industry.
How is the convergence of OT, IT, and IoT shaping this market? How do OT cybersecurity vendors help customers address compliance requirements? Which regulatory bodies are most influential in developing industry standards? How have SaaS-based solutions affected this market? VDC’s recently published study explains.
This program includes detailed analyses of both the supply side and the demand side of this market.
Please contact us for more information.