What’s Driving Transformation in IoT Security? Top Trends Among Customers, Products, and the Market
The way we talk about the “Internet of Things,” or “IoT,” has evolved substantially since the term was first introduced 20 years ago. Initially, IoT represented the proliferation of connected home devices, such as thermostats and cameras. However, while residential use cases remain relevant and widespread, the broader industrial markets will represent the majority of the nearly 43 billion connected devices expected globally in 2022.
Enabled by the miniaturization of technology and the proliferation of WiFi- or 5G-capable networks, industrial companies are utilizing sensors and controls to monitor critical assets. Just as healthcare firms now need to manage access and operations of their MRI machines, operators of power plants, refineries, and pharmaceutical production lines are monitoring and managing their assets through an array of newly available sensors. In an industry with increasingly distributed computing and controls, the market is demanding next-generation cybersecurity to strengthen these networks.
I recently had the pleasure of moderating a panel hosted by The Hive during which subject matter experts representing Claroty, Rockwell Automation, Zingbox Security and Xage Security explored emerging trends in IoT security. We focused on trends at the customer, product and market level; following are the key takeaways from our discussion:
- Increased Awareness: Customers are more aware of the need for IoT security, resulting in more RFPs amongst the Chief Information Security Officer community.
- Centralized Budgets: Security budgets across OT and IT are becoming more consolidated as the two departments converge. Additionally, network visibility and security are often sold together because better security results in better controls lending to improved operations.
- Fluid Pricing: Pricing by the asset is difficult when asset values and operational complexity are so varied between customers and use cases.
- Sales Driven by Timing and Channel Partners: Sales opportunities are greatest during periods of change, such as the introduction of a new asset or capex investing cycle. In addition, channel partners can accelerate the sales cycle and account size given that large customers with integration partners are interested in long-term, co-owned services deals. Still, big sales require a visionary internal champion.
- Immediacy Valued Over Delivery Method: Customers demand zero downtime and expect installation, set-up and training support in less than a week. Most are comfortable with appliances or virtual deployment.
- Co-Development is Possible, But Rare: It’s important to find an executive that comes from a more traditional IT background.
- Flexibility is Key: Managing security in remote locations requires limiting bandwidth, so products need to be able to function without connectivity. Additionally, architecture needs to be flexible to enable integration with assets of various ages and operating systems.
- Passive to Active: Passive networks are generally preferred, but customers are getting more comfortable with active engagement in select arenas such as identity and access, communications, and low-value operating assets.
- Plateau in Funding: Investment activity is steadying near 10-year highs.
- Flurry of M&A Activity: Large public companies have been highly active in M&A of IoT security startups over the past 12 months. Examples include:
- Sentryo acquired by Cisco
- SecurityMatters acquired by ForeScout
- ZingBox acquired by Palo Alto Networks
- Indegy acquired by Tenable
- Armis acquired by Insight Venture Partners
- Premium Price Tag: IoT/ industrial technology companies valued at a premium. Some examples:
- Series A: $29M pre-valuation at $11M deal size
- Series B: $76M pre-valuation at $20M deal size
- Series C: $148M pre-valuation at $28M deal size