Decoding the world of cybersecurity

Accenture builds OT security platform

Accenture’s planned Dragos, runZero, and NetRise deals point to consolidation around OT security, asset visibility, firmware risk, and critical infrastructure procurement.

Accenture builds OT security platform
Summary
  • Accenture has agreed deals involving Dragos, runZero, and NetRise at a combined enterprise value of about $4.175 billion.
  • The company plans to combine OT threat detection, exposure management, asset discovery, firmware visibility, and software supply chain data.
  • The move is relevant to industrial operators, critical infrastructure security, procurement, vendor concentration, and resilience budgets.

Accenture has agreed a set of cyber security deals centred on Dragos, runZero, and NetRise, signalling a major push to combine operational technology security, asset discovery, firmware visibility, and software supply chain risk into a broader critical infrastructure platform.

The company said it will acquire a majority stake in Dragos, alongside acquisitions of runZero and NetRise, at a combined enterprise value of about $4.175 billion. The transactions remain subject to customary closing conditions and regulatory approvals, with expected closing in August or September 2026.

Dragos is one of the best-known operational technology security companies, focused on industrial control system visibility, threat detection, and response. runZero provides asset discovery and exposure management across IT, OT, internet-of-things, and cloud environments. NetRise focuses on firmware and software supply chain visibility, including risks inside connected devices and embedded systems.

Accenture has published details of the planned transactions, saying the combination is intended to give industrial and critical infrastructure operators a more unified view of OT assets, what is running on them, and what is attacking them.

The move reflects the direction of enterprise and critical infrastructure security spending. Operators in energy, manufacturing, transport, water, healthcare, logistics, and telecoms are being pushed to understand assets they did not previously inventory well, monitor environments that were not designed for modern threat activity, and account for software and firmware risk in equipment with long operational lifecycles.

OT security has historically been fragmented. Many organisations separated engineering networks from corporate IT, relied on vendor-specific maintenance models, and treated industrial environments as stable systems where availability outweighed rapid change. That model is harder to defend as remote access, cloud-connected monitoring, industrial IoT, digital twins, predictive maintenance, and third-party support expand the attack surface.

Asset visibility is the starting point, but it is not the end state. Operators need to know which devices exist, which protocols are in use, which systems are vulnerable, which firmware components are present, which suppliers are involved, and how changes could affect safety, production, or service continuity. A single inventory tool rarely answers all of those points across brownfield industrial estates.

The NetRise element is particularly relevant to product and supply chain security. Firmware risk has often been opaque because operators buy devices, appliances, controllers, sensors, and equipment without full visibility into embedded components. As the EU Cyber Resilience Act and other product-security regimes increase expectations around vulnerability handling and software transparency, firmware and embedded software intelligence may become more important in procurement and assurance.

The consolidation may reduce integration burden for operators that lack internal OT security capacity. It may also increase dependence on a major consulting and managed services provider. Critical infrastructure buyers will need to examine data ownership, deployment models, interoperability, service lock-in, independence of threat intelligence, and how the platform works with existing engineering and safety processes.

The deal reflects a wider shift in cyber security markets from point products towards integrated exposure, detection, and response platforms. In OT, that shift has higher stakes because the protected systems may control physical processes, production lines, transport environments, energy assets, or public services. Security tooling must improve visibility without creating operational fragility.

Accenture’s move places industrial cyber security more firmly inside mainstream enterprise risk and transformation budgets. The commercial bet is that critical infrastructure operators will want fewer gaps between OT visibility, asset discovery, firmware analysis, threat intelligence, and response. The procurement challenge is to gain that capability without losing architectural control over systems whose failure would have public and economic consequences.

×