Microsoft Acquires IoT/OT Security Leader CyberX

The news in brief: CyberX’s IoT/OT-aware behavioral analytics platform integrates with Azure security to deliver end-to-end security across managed and unmanaged IoT devices

Everyone has discussed Industrial Control Systems (ICS) cyber risks almost to the point of nausea for several years. Startups in the OT cybersecurity space began popping like dandelions in spring. For a couple of years their display spaces at the ARC Industry Forum paid for the room and then some.

While I like all these companies, I couldn’t see how any could make it long as a standalone company. Sure enough, CyberX has agreed to be acquired by Microsoft.

Here is the justification: As enterprises implement digital transformation and Industry 4.0 for greater efficiency and productivity, boards and management teams are increasingly concerned about the financial and liability risk resulting from the deployment of massive numbers of connected IoT and OT devices. Adversaries targeting this expanded attack surface can cause substantial corporate impact including safety and environmental incidents, costly production downtime, and theft of sensitive intellectual property.

By integrating the CyberX platform with the Azure IoT stack, Azure Security Center for IoT, and Azure Sentinel, the first SIEM with native IoT support, Microsoft will now provide a simpler approach to unified security governance across both IT and industrial networks, as well as end-to-end security across managed and unmanaged IoT devices, enabling organizations to quickly detect and respond to advanced threats in converged networks.

“CyberX’s technology and team are a great addition to Microsoft,” said Michal Braverman-Blumenstyk, Corporate Vice President, Cloud & AI Security CTO, and Israel R&D Center GM. “With CyberX’s expertise and innovative platform, together with Microsoft’s exciting security products, Microsoft is offering a powerful and scalable solution that accelerates digitalization for enterprises at all phases of their IoT/OT journey.”

Founded in 2013, CyberX achieved tremendous growth with the world’s largest enterprises adopting its IoT/OT security platform to secure their facilities worldwide. Leveraging patented, IoT/OT-aware behavioral analytics, CyberX’s agentless technology deploys in minutes to deliver deep visibility into IoT/OT risk — including asset discovery, vulnerability management, and continuous threat monitoring — with zero impact due to its passive Network Traffic Analysis (NTA) approach.

“Nir and I founded CyberX with the goal of delivering a scalable solution that would be easy to deploy and reduce risk for enterprises worldwide,” said Omer Schneider, co-founder and CEO of CyberX. “We’re thankful to our loyal customers and partners as well as to our dedicated employees whose innovation and hard work made it possible for us to reach this important milestone, and also to our investors for their ongoing support.”

“By joining forces with Microsoft, we will rapidly scale our business and technology to securely enable digital transformation for many more organizations,” said Nir Giller, co-founder, GM International, and CTO of CyberX. “Together, CyberX and Microsoft provide an unbeatable solution for gaining visibility and a holistic understanding of risk for all IoT and OT devices in your enterprise.”

CyberX’s founders will join Microsoft and the platform will continue to be enhanced and supported by CyberX personnel. In addition, Microsoft is committed to the channel and will continue working with CyberX’s strategic reseller and technology partners worldwide. The CyberX platform will continue to be available in a hybrid model supporting both cloud-connected and air-gapped networks.

From the Microsoft point of view—Two years ago, Microsoft announced a $5 billion investment in IoT and with this acquisition, the company is eager to continue solving these challenges. Some specifics:

• With CyberX, customers can discover their existing IoT assets, and both manage and improve the security posture of those devices. For example, customers can, often for the first time, see a digital map of thousands of devices across a factory floor or within a building and gather information about their security state and connectivity.

• CyberX’s further integration with Microsoft’s broad portfolio will allow Microsoft to continue to deliver more value to customers. For example, in conjunction with Azure Sentinel, SecOps personnel will be able to identify threats that span OT and IT converged networks that were previously challenging to detect.

• Microsoft appreciates that some customers need help improving the security of their existing IoT environment and is excited that CyberX’s technology and team will be an incredible addition to the company’s commitment to both IoT security and innovation as customers work to digitally transform their businesses.

HPE Shows Company’s Investment In People, Environment, and Doing Business the Right Way

This recap of Hewlett Packard Enterprise’s (HPE) annual Living Progress Report for 2019 wraps up thoughts and coverage of all the many virtual conferences I experienced in June. The communications teams from all the companies worked hard and had to experiment in real time to bring out the best alternative to just completely shutting down.

These thoughts center on ethics—something given my experience in business I thought I’d never be writing about. If there were two institutions within which I worked where ethics was merely a word in the dictionary, they were business and church.

Thankfully that situation is changing, and this report from HPE is encouraging. I’ve met many people within the company. I don’t think this is superficial marketing-speak.

The report demonstrates HPE’s ongoing commitment to being a force for good by equipping customers with sustainable technology solutions, upholding HPE’s own high Environmental, Social and Governance (ESG) standards across its value chain, and prioritizing company culture to fuel business outcomes by unlocking the innovation of team members.

“Our team members’ passion, ingenuity and resilience enable us to create technology solutions to tackle the many pressing challenges facing society today,” said HPE President and CEO Antonio Neri. “Current discussions around systemic racism, inclusion, and diversity demonstrate the importance of taking bold actions to create a more equitable and sustainable future. We are proud of our progress and committed to do more as a company and in partnership with our peers, customers, and partners.”

In 2019, HPE intensified its strategic focus on culture and launched the “Work That Fits Your Life” program to support a more inclusive workplace that values team members’ experience inside and outside of the workplace. New benefits include six months of paid parental leave for mothers and fathers, career reskilling and transition support, and a company-wide shortened work day once a month on “Wellness Friday”.

From the release:

HPE is investing in human capital because it wants to be a place where people can learn, develop skills and do career-defining work. HPE’s Executive Committee developed the “Work that Fits your Life” program in partnership with its Board of Directors, 54% of whom identify with one or more diverse groups. One of the key goals of the program was to drive inclusion in the workplace. And, the company began tying diversity metrics to executive compensation to further embed inclusion and diversity into the organization.

In 2019, HPE’s employee engagement score rose 10 percent and has risen an unprecedented 18 percent since 2017, and its team members clocked their one millionth hour of company-supported volunteer time since 2016. In addition, HPE offered opportunities to engage with more social impact activities through the inaugural HPE Accelerating Impact initiative.

This year’s Living Progress Report also, for the first time, details racial diversity statistics of its team member population, an important step in being transparent and addressing systemic bias and inequality in our society.

HPE announced that it would make its entire portfolio available as-a-service by 2022, a consumption model that can bring significant energy efficiency gains and cost savings to its customers by eliminating overprovisioning and allowing customers to pay for only what they use. In addition, service-based models allow HPE to maintain chain of custody over equipment to ensure recovery and refurbishment, reducing physical waste and the need to source substances of concern. In 2019, 88% of the nearly four million assets returned to HPE’s Technology Renewal Centers were given a new life, but shifting to more consumption-based solutions is predicted to dramatically reduce the consumption of unnecessary IT assets.

HPE remained on track to meet all of its 2025 climate targets, having reduced its carbon footprint by 47% in just four years. The company also introduced a new emissions reduction target for its transportation logistics footprint – aiming to reduce the footprint by 35% by 2025. It also continued to see opportunity to help customers thrive in a carbon constrained world – with efficient IT products and services representing nearly USD $7.7 billion in revenue in 2019.

HPE continued to hold suppliers to high environmental, social and ethical standards. In 2019, HPE’s supply chain audit and assurance improvement program touched over 133,000 workers and the company guided 51% of its suppliers on how to set their own science-based climate targets. In addition, HPE sought to promote inclusion and diversity through its supply chain by spending approximately USD $1 billion with small enterprises and minority, women and veteran-owned businesses in the United States.

CII and MIMOSA Join Forces to move Interoperability Forward for Capital Projects

CII and MIMOSA sign Memorandum of Understanding (MOU) to use the Open Industrial Interoperability Ecosystem (OIIE) as the interoperability framework for CII best practices.

I’m a believer based upon long experience that standards and interoperability drive industries (and society) forward. Just look, for example, at standard gauge railroad tracks or standard shipping containers or Internet protocols. I should also note that I worked on the development of the OIIE several years ago, but they got to the point where I could not contribute for a while. As I wrote recently, things are coming together in this effort for interoperable data flow from engineering design through construction to operations & maintenance throughout the lifecycle of a large capital project.

Here is the latest, and very important, news.

CII (The Construction Institute) and MIMOSA announce their collaboration to adopt and progress the standards for an open, vendor neutral digital ecosystem supporting data and systems interoperability in capital projects, operations and maintenance enabling digital transformation of the full asset lifecycle. The MOU establishes the basis for a CII/MIMOSA Joint Working Group to develop best practices for standards based interoperability in capital projects leveraging the organizations combined strengths.

It will develop formal OIIE Use Cases for capital projects based on Industry Functional Requirements developed by CII, starting with those associated with Advanced Work Packaging (AWP). These OIIE Use Cases will be validated in the OIIE Oil and Gas Interoperability (OGI) Pilot before they are published and licensed for use on a world-wide royalty free basis. Once the jointly developed OIIE Use Cases are validated in the pilot, CII and MIMOSA intend to submit them to ISO TC 184/WG 6 for inclusion in future parts of ISO 18101.

The OIIE is an outgrowth of collaboration between multiple industry-level Standards Developing Organizations, where MIMOSA plays a key leadership role and has led the workstreams for digitalization and interoperability in support of asset life-cycle management. The OIIE OGI Pilot includes standard use cases for asset intensive industries, currently featuring an example oil and gas industry process unit.

Active collaboration has begun, by sharing the existing OIIE Use Case Architecture and asset lifecycle management OIIE Use Cases previously developed by MIMOSA and validated in the OIIE OGI Pilot. CII has shared the AWP data requirements that are under development by CII.

Next steps will begin to include CII AWP best practices in applicable, OIIE Use Cases for capital projects, including jointly enhancing existing use cases and the joint development of new ones. CII and MIMOSA encourage interested organizations to join and participate in each association to fully support this important industry-led effort.

Organizations that participate have the potential to benefit in many ways including:

  • System of Systems interoperability results in less reliance on expensive, fragile, custom integration between systems, reducing IT costs while increasing agility and sustainability.
  • Education and training to a common set of industry practices and standards, provides a more flexible and efficient digital economy work force, benefitting industry and workers alike with reduced loss of knowledge and expertise.
  • Investment in future proofed, vendor neutral, interoperable data, enables industry to create, capture, manage and reuse digital information, as a strategic asset throughout the entire physical asset lifecycle, deriving significantly more business value from capital projects.
  • Owners identified the opportunity to cut CAPEX spend by 15-20% through better information sharing with improved schedules and productivity due to far less time wasted looking for information, and much more time on tools.

CII, based at The University of Texas at Austin, is a consortium of more than 140 leading owner, engineering- contractor, and supplier firms from both the public and private arenas. These organizations have joined together to enhance the business effectiveness and sustainability of the capital facility life cycle through CII research, related initiatives, and industry alliances.

MIMOSA is a 501 (c) 6 not-for-profit industry trade association dedicated to developing and encouraging the adoption of open, supplier-neutral IT and IM standards enabling physical asset lifecycle management spanning manufacturing, fleet and facilities environments. MIMOSA standards and collaboratively developed specifications enable Digital Twins to be defined and maintained on a supplier-neutral basis, while also using Digital Twins to provide Context for Big Data (IIOT and other sensor-related data) and Analytics.

National Instruments Rebrands, Acquires Data Analytics Company

I debated for most of the day about using my energy to work on this blog post about NI (formerly known as National Instruments). It has long been one of my favorite companies. Its user conference, NI Week, overflowed with energy and bright engineers with big ideas. The founders were brilliant, yet humble, men. And I met some of the nicest people in the industry there.

Their marketing and PR people identified me with automation and control, for obvious reasons. Beginning in about 2010 or 2011, they seemed to become more distant until by the 2011 and 2012 NI Weeks, they didn’t talk to me about a single interview. I met with marketing people through 2014, and then all was quiet.

But I’m a keen observer. I noticed that industrial automation and even IoT were being rapidly de-emphasized in favor of the test market. That’s where the company started and remains the core competency. I also noticed that by 2012 the keynotes were no longer about “gee whiz” technology but rather about big engineering ideas—none of which were in industrial control and automation.

And they began emphasizing “NI” rather than the entire name more than 10 years ago.

Therefore, the big splash about rebranding and new directions were not entirely a surprise to me. Well, the green color scheme was. And I have a pet peeve about senior executives explaining what the logo means. I believe that a logo should be self-evident. But as for a new direction, everything they talked about were things I’ve seen them doing for years—solving big engineering problems, community contributions, diversity, sustainability. It’s almost like internally they realized what they had become. But I knew it. No longer the company of the small sale where the average order was $1,000, but now the company of solving big engineering problems.

Which is all good.

Even so, I am interested in data—data acquisition, analytics, and data used for problem solving.

Therefore, the acquisition. This should be a great move. I’m a possibility thinker, so I see these moves and see all the possibilities for good that can happen with a strong merger.

The news in short:

The acquisition strengthens data analytics software capability to provide enterprise-level value.

NI has entered into a definitive agreement to acquire OptimalPlus Ltd., a global leader in data analytics software for the semiconductor, automotive, and electronics industries. The acquisition will expand NI’s enterprise software capabilities to provide customers with business-critical insights through advanced product analytics across their product development flow and supply chain.

NI and OptimalPlus serve highly complementary positions in the semiconductor, automotive, and electronics industries. NI test systems are used in semiconductor manufacturing with OptimalPlus serving as a leading supplier of semiconductor manufacturing data analytics. Similarly, the NI automotive and electronics production test offerings are complementary to OptimalPlus’ growing automotive and electronics analytics business. Combining the strength of NI’s software-centric approach with OptimalPlus’ enterprise-level analytics software is expected to dramatically increase the value of test and manufacturing data, enabling product insights that will improve quality, efficiency and time to market for both NI and OptimalPlus customers.

“The addition of OptimalPlus’ data analytics capabilities will enable us to accelerate our growth strategy by increasing enterprise-level value for shared customers in the semiconductor and automotive industries.” said Eric Starkloff, NI President and CEO. “During this age of digital transformation, we remain committed to delivering innovative software and systems that leverage a robust data platform to address our customers’ business challenges. I welcome the employees of OptimalPlus and look forward to collectively accelerating our long-term growth ambitions.”

“OptimalPlus is excited to join the NI team. We are confident NI is the ideal partner to accelerate our innovation and increase sales opportunities through advanced product analytics,” said Dan Glotter, OptimalPlus Founder and CEO. “It is evident we share the unique commitment to high-quality software tools and need for world-class customer experience. The acquisition by a technology leader like NI is testament to the leading-edge innovation delivered by our R&D, Product and Data Science teams in Israel and to the great dedication and commitment of our employees across the world. Together with NI, we will provide enterprise-level analytics to enable customers to achieve their digital transformation objectives while expanding our customer reach.”

The acquisition is subject to customary closing conditions, including regulatory approval. The transaction is valued at $365 million and expected to close in early Q3 2020. OptimalPlus had 2019 revenue of $51 million and employs approximately 240 employees. Due to the highly complementary nature of the companies, there will be minimal cost synergies from this transaction. NI plans to fund the transaction through a combination of cash on hand and debt.

About OptimalPlus

OptimalPlus develops analytic solutions based on its big data platform technology which combines machine-learning with a global data infrastructure to provide real-time product analytics and to extract insights from data across the entire supply chain. Serving tier-1 suppliers and OEMs, in the market of semiconductor, automotive and electronic industries. The company provides technology to enhance key manufacturing metrics such as yield and efficiency, improve product quality and reliability and provide full supply chain visibility. OptimalPlus headquarters and R&D are in Israel with offices in Asia, Europe, and the United States.

Consulting Firm Makes Open Source Acquisition

In brief: Arthur D. Little acquires Cutter Consortium and Presans to expand open consulting capabilities

Arthur D. Little (ADL) today announced the acquisitions of Cutter Consortium, a business technology research company based in the US, and Presans, a leading player in industrial open innovation based in France. By combining its own expertise with an existing community of independent experts, ADL expands its consulting ecosystem to establish a next-generation value proposition powered by open consulting and open problem solving.

Now, at first, I suffered from a bit of cognitive dissonance. It’s difficult to imagine these large consulting firms who make a living from charging high prices for custom coding. Then I remembered what a friend with experience at this level told me–open source is good for the community, but the large companies benefit, too. You see, they get in return thousands of hours of free software development by the community. I guess you could say it’s a “win-win-win” situation.

Acquired companies described 

Cutter Consortium helps organizations navigate digital disruption of business models and leverage emerging technologies for competitive advantage and mission success. Through its research, consulting, training, and executive education – all delivered by globally recognized thought leaders – Cutter delivers innovative solutions to its thousands of clients worldwide. Cutter’s experts have done the ground-breaking work in areas ranging from digital architectures to digital tech, enterprise agility to data analytics, and digital leadership to sustainable innovation. At the heart of its business is a membership service that gives clients valuable access to its experts and their insight. 

Presans is a leading data-driven platform dedicated to industrial open innovation and open problem solving. Thanks to cutting-edge technology based on big data and artificial intelligence, as well as a team of fellows (former research and innovation executives) with in-depth knowledge in innovation, Presans leverages a network of over 6 million experts worldwide. Presans provides a variety of high-end open innovation services, contributing to the acceleration of decision-making and removal of scientific and technological roadblocks. Presans has worked for 50+ international industrial groups and delivered more than 100 innovation projects in Europe, the US and the Middle East.

Supporting quotes

“Arthur D. Little applies an ‘open consulting’ and ‘open problem solving’ approach and brings the best global experts to every assignment to complement its internal strengths,” comments Ignacio García Alves, Chairman and CEO of Arthur D. Little. “We believe the future is open consulting. With the double acquisition of Cutter and Presans, we are able to expand our open consulting ecosystem and open problem solving capabilities, offering access to experts, premium insight and a differentiated experience for our clients, in a seamless way.”

“The Cutter team felt an instant synergy with our colleagues at ADL. We share a focus on innovation, which, in ADL’s case, goes back to its roots, and an emphasis on providing custom, leading-edge solutions. Moreover, ADL’s more than 40 offices in 30 countries has given Cutter an enhanced ability to assist its clients worldwide,” says Karen Coburn, CEO of Cutter Consortium

“Since its inception at the École Polytechnique’s start-up incubator, Presans has always engaged with the best experts in the world, mainly to help its customers solve complex technical problems,” says Albert Meige, Founder of Presans. “Presans now addresses more and more problems at the crossroads of strategy consulting and scientific & technical expertise. The time had therefore come for Presans to strengthen itself by joining forces with Arthur D Little.”

Benefits

Together with Cutter and Presans, ADL reinforces its position on digital and information technologies, as well as industrial innovation, particularly in breakthrough innovation and convergence problem solving. In addition, through the acquisition of the technological platform of Presans, ADL is accelerating its investments in artificial intelligence and machine learning to develop state-of-the-art offerings for its clients.

Cutter Consortium and Presans will continue to operate under their current brands with the same management teams, while benefiting from ADL’s capabilities, investment, and global exposure.

EdgeX Foundry Hits Milestone Downloads and Simplified Deployment

I have followed the Development of EdgeX Foundry since right after its inception talking with many of the founders at Hannover Messe three years ago. That’s when Dell (now Dell EMC) was developing an IoT and Edge Computing group—since disbanded. Dell was leading the charge for an open source platform as a way to build an ecosystem for providing value to customers and selling product.

EdgeX has come a long way. Here is the latest information in brief:

  • EdgeX’s sixth release (Geneva) offers more scalable and secure solutions to move more data faster from multiple edge devices to cloud, enterprise and on-premises applications.
  • As one of LF Edge’s Stage 3 Projects, EdgeX Foundry is seeing increased community growth and adoption and deployments.
  • New LF Edge project Open Horizon is building an integration project that will demonstrate automated delivery and lifecycle management of EdgeX Foundry as a containerized application.

EdgeX Foundry, a project under the LF Edge umbrella organization within the Linux Foundation that aims to establish an open, interoperable framework for IoT edge computing independent of connectivity protocol, hardware, operating system, applications or cloud, today announced a major milestone of hitting 5 million container downloads and the availability of its “Geneva” release. This release offers more robust security, optimized analytics, and secure connectivity for multiple devices.

“EdgeX Foundry is committed to developing an open IoT platform for edge-related applications and shows no signs of slowing down the momentum,” said Arpit Joshipura, general manager, Networking, Edge and IoT, the Linux Foundation. “As one of the Stage 3 projects under LF Edge, EdgeX Foundry is a clear example of how member collaboration and diversity are the keys to creating an interoperable open source framework across IoT, Enterprise, Cloud and Telco Edge.”

Launched in April 2017, and now part of the LF Edge umbrella, EdgeX Foundry is an open source, loosely-coupled microservices framework that provides the choice to plug and play from a growing ecosystem of available third-party offerings or to augment proprietary innovations. With a focus on the IoT Edge, EdgeX simplifies the process to design, develop and deploy solutions across industrial, enterprise, and consumer applications.

Currently, there are more than 170 unique contributors to the project and EdgeX Foundry averages one million container downloads a month, with a total of 5 million reached last month, and rising.

“The massive volume of devices coming online represents a huge opportunity for innovation and is making edge computing a necessity,” said Keith Steele, EdgeX Foundry Chair of the Technical Steering Committee. “With at least 50% of data being stored, processed and analyzed at the edge we need an open, cloud-native edge ecosystem enabled by EdgeX to minimize reinvention and facilitate building and deploying distributed, interoperable applications from the edge to the cloud. In 3 short years, EdgeX has achieved incredible global momentum and is now being designed into IOT systems and product roadmaps.”

The Geneva Release

As the sixth release in the EdgeX Foundry roadmap, Geneva offers simplified deployment, optimized analytics, secure connectivity for multiple devices and more robust security. Key features include:

  • Automate on-boarding: simplify, scale and quicken connection of devices by allowing automatic provisioning of devices
  • Improved Performance: A new rules engine that is written in Go for faster performance, a smaller footprint and more memory
  • Connectivity: Improved bandwidth utilization and efficiency through use of new batch and send capabilities provided in the App Functions SDK
  • Secure Authentication: Store and use/authenticate secrets to connect with cloud providers
  • Testing: New integration and backward compatibility testing along with enhanced security and blackbox testing

EdgeX Foundry works closely with several of the other LF Edge projects such as Akraino Edge Stack and new project Open Horizon. During this release cycle, EdgeX was made to work under the Akraino Edge Lightweight IOT (ELIOT) Blueprint and tested under the Akraino Community Lab.

Launched last month, Open Horizon is a platform for managing the service software lifecycle of containerized workloads and related machine learning assets. Open Horizon is building an integration project that will demonstrate delivery and management of EdgeX Foundry as a containerized solution in stages, beginning with a single deployable unit and then progressing to a more modular set of services and alternate delivery targets.

Support from Contributing Members and Users of EdgeX Foundry:

“To further enhance use in production environments, EdgeX Foundry’s Geneva release brings simplified deployments and improved security,” said Tony Espy, Technical Architect at Canonical. “With EdgeX available as a snap, this aligns to the fundamentals of snaps’ core principles which allow developers to benefit from confinement and transactional updates to ensure deployments are secure and with minimal need for manual intervention. As the EdgeX ecosystem continues to see strong traction, we look forward to continuing our contribution to building an open, interoperable framework for edge computing.”

“EdgeX Foundry’s middleware solution is an important component of an open, vendor-neutral pipeline connecting IoT devices and their data to analytics and data management at the on-premise edge,” said Joe Pearson, Engineering Strategy & Innovation Leader, Edge Computing, IBM. “This latest release underscores the importance of working within LF Edge to encourage interoperability as we build a comprehensive open edge computing framework, beginning with Open Horizon.”

“With the evolution of IoT and edge computing, there is a growing realization to deploy and run compute engines near the data source in a truly globally distributed manner. This architecture requires running intelligent AI-based functionality at the edge while processing a significant amount of data at high-throughput and low latency on small form-factor devices,” said Yiftach Shoolman, CTO and co-founder at Redis Labs. “EdgeX Foundry with Redis as the primary data store provides an open-source data platform to meet these expectations by combining in-memory data processing with modern data-models, and can be extended with a serverless engine and AI-serving platform.”

About the Linux Foundation

Founded in 2000, the Linux Foundation is supported by more than 1,000 members and is the world’s leading home for collaboration on open source software, open standards, open data, and open hardware. Linux Foundation’s projects are critical to the world’s infrastructure including Linux, Kubernetes, Node.js, and more. The Linux Foundation’s methodology focuses on leveraging best practices and addressing the needs of contributors, users and solution providers to create sustainable models for open collaboration.