10 Companies Getting Into The Critical Infrastructure Security Market

Big Vendors Investing Big Dollars

One of the big trends predicted by solution providers and security experts alike in 2016 is a rise in critical infrastructure attacks. Those fears have already started to come to fruition, with attacks on a power grid in the Ukraine and a New York dam control system. According to a study by the Enterprise Strategy Group, 68 percent of critical infrastructure organizations said they experienced some form of security incident in the past two years. What's more, 67 percent of security professionals working with critical infrastructure said the threat landscape is more dismal than it was two years ago -- and it's only going to get worse.

To respond to that rising threat, many major security vendors and startups have moved to offer critical infrastructure security solutions. These offerings have brought to the table new technology, services and vendor partnerships with leading critical infrastructure providers.

Take a look at 10 vendors investing big in critical infrastructure security capabilities.


FireEye has been making big moves in the critical infrastructure security market since the beginning of the year, unveiling multiple partnerships with industry leaders and launching a new service. In January, Milpitas, Calif.-based FireEye said it had formed a strategic partnership with Parsons, an engineering services firm that specializes in infrastructure and security, among other things. The partnership brought together Parsons' critical infrastructure solutions with FireEye's lineup of technology, services and threat intelligence. The next month, FireEye revealed an additional partnership, with Belden, to bring together the company's critical infrastructure networking solutions with the security vendor's detection technology, services and threat intelligence. Finally, FireEye itself launched a new Mandiant service, called Mandiant ICS HealthCheck, in February for security assessments around critical infrastructure.

Palo Alto Networks

Palo Alto Networks, Santa Clara, Calif., said in February that it had formed a partnership with Honeywell to provide security solutions control systems used by industrial facilities and critical infrastructure. Morris Plains, N.J.-based Honeywell provides automation control, instrumentation and services for a variety of critical industries, including oil and gas. The partnership brings together Honeywell's Industrial Cyber Security business with Palo Alto's security platform, creating a joint solution for protecting Process Control Networks and other critical operational technology using traffic monitoring and advanced threat protection.

Kaspersky Lab

In April, Kaspersky Lab rolled out a new security solution aimed at the critical infrastructure market. The solution, called Kaspersky Industrial CyberSecurity, provides protections for ICS/SCADA servers, HMI panels, engineering workstations, PLCs and more, the company said. In particular, those protections include anti-malware protection, whitelisting and vulnerability assessment, and threat intelligence. Moscow-based Kaspersky is also now offering specialized cybersecurity services for these critical infrastructure areas, the company said, which include cybersecurity training, assessment and penetration testing.

Intel Security

Intel Security, Santa Clara, Calif., rolled out a new solution for critical infrastructure in April: Intel Security Critical Infrastructure Protection (CIP). The solution, launched in partnership with Wind River, is aimed at the local government and energy markets and works by obscuring operational applications from security management functions, which allows for better security, management and monitoring, the company said. In particular, it offers device identity, malware protection, data protection and resiliency. The solution was developed in partnership with the Department of Energy-funded Discovery Across Texas.

"The risk of cyberattacks on critical infrastructure is no longer theoretical, but building security into the grid is challenging due to the amount of legacy infrastructure and the importance of availability of service," Lorie Wigle, vice president of Internet of Things security solutions, said in a statement at the time. "Traditional security measures such as patching and rebooting are often inappropriate for the grid, so we set out to design something entirely different that could be non-invasive but simultaneously robust."

Optiv Security

It isn't just vendors that are diving into the critical infrastructure market. Denver-based Optiv Security said in March that it was adding a vertical specialty for critical infrastructure, appointing Larry Whiteside to lead the practice as vice president of health care and critical infrastructure. Whiteside joined the security solution provider from electricity company Lower Colorado River Authority (LCRA), where he was chief security officer. In an interview with CRN at the time, Whiteside said specialized critical infrastructure practices are important, because customers need to move beyond a tactical "firefighting" approach to having proactive discussions around their security needs.

"My goal is to help them move away from being tactically driven. Once they can move away from that, they will be able to better show their executive leadership how they will fit into the long-range plan of where the business is going," Whiteside said at the time.


In April, Symantec said it is teaming up with Rockwell Automation, an industrial automation and information company, to launch security solutions for connected industrial systems. Symantec, Mountain View, Calif., said Rockwell had already certified its Symantec Embedded Security: Critical Systems Protection solution for use with some of the company's software products. The partnership builds on a push by Symantec to invest in security solutions for the Internet of Things, including industrial control systems, cars and smart meters.

"The connectivity driving the industrial Internet of Things brings countless advantages for all manner of manufacturing and industrial automation, but requires effective protection to maximize plant uptime and safety," said Sean Doherty, vice president of technology partnerships and alliances, in a statement at the time. "Together, Symantec and Rockwell Automation are securing industrial systems against bad actors targeting critical infrastructure, further demonstrating our commitment to industrial security."


Taking a broader approach than some of the others on this list, Fortinet said in February that it had teamed up with the NATO for better information sharing around threat intelligence. Under the partnership, Sunnyvale, Calif.-based Fortinet will help improve NATO's defense supply chain, improve sharing of threat intelligence, raise cyber risk awareness and help support in the event of an incident, among other things.

"NATO is facing cybersecurity threats across the world that could drastically affect national economies and citizens. To avoid it, NCI Agency strongly believes in early information sharing on threats and vulnerabilities with leading companies worldwide, such as Fortinet," Koen Gijsbers, NATO Communications and Information Agency general manager, said in a statement at the time.

Alert Logic

Security-as-a-Service specialist Alert Logic acquired Click Security in April, a move it said would, in part, help build its capabilities around critical infrastructure security. Click Security provides real-time security analytics for better threat detection and incident response capabilities, which Houston-based Alert Logic said it would integrate with its Cloud Defender Security-as-a-Service platform for enhanced detection, analytics and protection capabilities. This will particularly help protect customers' business critical IT infrastructures, CEO Gray Hall said at the time.

TrapX Security

The youngest company on this list, San Mateo, Calif.-based TrapX Security recently landed a $5 million investment from Strategic Cyber Ventures, money it said it will put in part toward developing its critical infrastructure capabilities. TrapX aims to defend against zero-day attacks and APTs by using its deception technology. Tom Kellermann, CEO of Strategic Cyber Ventures, said in a statement at the time that the venture capital firm was attracted to TrapX's success in the health care space and is hopeful that the startup can extend that triple-digit bookings growth to other spaces.

"We're bullish on TrapX and expect they’ll quickly expand into additional vertical markets including finance and critical infrastructure," Kellermann said.

SANS Institute

Information security training organization the SANS Institute launched a new course in April focusing on training security professionals on critical infrastructure solutions. The training course, called ICS456: Essentials for NERC Critical Infrastructure Protection (CIP), is designed to help professionals build, support and oversee a CIP compliance program. That includes both security and compliance needs of CIP, the Bethesda, Md.-based organization said.