Siemens and Leonardo Join Forces, Aim for Bigger Industrial Cybersecurity Market Share

Leonardo, an Italian company specializing in defense, aerospace, and cybersecurity solutions, will partner with Siemens to develop a new digital security platform specifically designed for industrial infrastructure. In a joint statement last week (April 6), the two organizations declared the partnership will concern resilience against cyberattacks, especially regarding automation and connectivity systems that monitor and supervise critical infrastructure assets.

“The main area of intervention will concern the resilience against accidents and cyber attacks [on] automation and connectivity systems that monitor and supervise assets, equipment and processes of critical infrastructures,” the joint statement announced. Leonardo’s Chief Executive Officer (CEO) Alessandro Profumo stated that the partnership would allow for “jointly developing solutions capable of responding more effectively to the growing cybernetic challenges in the industrial and energy sector.” Head of Siemens Digital Industries Giuliano Busetto maintained that the partnership allows Siemens to benefit from Leonardo’s system integration capabilities, while Leonardo benefits from Siemens’ technology command, leading to “a unique synergy and proposal to the market.”

A major highlight of the agreement relates to mutual efforts in Operational Technology (OT) cybersecurity training, including a catalogue of courses enabling access to Leonardo's Cyber & Security Academy. The effort could set precedent for future OT training curricula, setting the stage for a more unified approach toward OT cybersecurity training. Currently, various standards and guidelines for OT cybersecurity training are being used, including NIST SP 800-82, ISA/IEC 62443, and the SANS ICS Security Training. The partnership could consolidate various methods, leading to more unified approaches to workforce training.

The partnership highlights the importance of securing Information Technology (IT)/OT infrastructure that is the core of industrial units with dedicated hardware and software devices. The collaboration between two major industrial organizations alludes to the fact that industrial cybersecurity, especially in the OT, is no longer a niche market segment, but that high levels of investment and expertise are required to offer OT security solutions. Many Industrial Control Systems (ICSs) were not designed for an increasingly connected industrial environment and usually lack rudimentary security features. Coupled with increasingly advanced attacks against ICS, this means resilience against cyberattacks will be at the center stage of industrial organizations’ security policies, leading to market opportunities for OT solution providers. A general thrust toward connected industrial infrastructure and IT/OT integration among industrial organizations will further boost the market for advanced cybersecurity solutions for IT and OT technologies. Other companies will adopt the collaboration model if the partnership leads to a larger market share in the industrial cybersecurity sector. Leonardo views the alliance as a means to boost its industrial cybersecurity presence, while also contributing to Italy’s role as a relevant player in the digital transformation market.

ABI Research has noted in past reports that partnerships are the future of industrial cybersecurity, particularly OT and ICS security. A comprehensive and successful industrial cybersecurity strategy involves different layers, including network, end-point, and connection protocol security. But this does not mean that industrial organizations will seek multiple vendors to meet their cybersecurity demands. On the contrary, an increasingly complicated industrial cybersecurity environment, and the rise in sophisticated attacks will result in a market with an increasing number of organizations seeking a one-stop solution for their cybersecurity needs. On the other hand, given the complexity of a holistic cybersecurity approach toward modern Industrial Internet of Things (IIoT) and ICSs, no individual vendor can provide adequate security solutions at the software, hardware, end-device, and network level on its own. This means partnerships between cybersecurity providers, network providers, and integrators are increasing and will be the future model of ICS security. Cybersecurity vendors, service providers, and software companies will have to seek collaboration with specialized vendors to be able to provide holistic solutions to OT cyberthreats. This means partnerships are inevitable, while laggards will fail to secure their spots with prominent players in the market.

Security vendors should also bear in mind that their prospective clients will not simply choose to forego their legacy equipment, a good portion of which were designed for more than 20 years of life expectancy. This is not a hindrance to the industrial cybersecurity market, but rather an important market opportunity. This means an opportunity exists for software developers, hardware developers, cybersecurity providers, and system integrators to secure these systems. The market for ICS solutions is still relatively undeveloped, indicating significant opportunities for growth and expansion.