“Our energy and water systems, manufacturing plants, data centers and other operational environments need cybersecurity built from the ground up for xOT and designed to keep pace as threats evolve. The consequences of getting it wrong become societal threats,” Robert M. Lee said in a release.
Accenture’s $4.18 billion move into operational technology security
Accenture announced it will acquire a majority stake in industrial cybersecurity firm Dragos for $3.25 billion and buy two smaller Austin, Texas–based companies outright, runZero and NetRise, bringing the total transaction value to $4.18 billion. The transactions are expected to close in August or September, pending customary regulatory approvals. Accenture and Dragos say the deal represents a strategic pivot toward operational technology (OT) security and, crucially, into OT cybersecurity software at scale — a market the consulting giant had not previously entered at this breadth.
Accenture’s prior OT activity has been acquisitive but smaller in scope: the company previously acquired Cimation in 2015 and Revolutionary Security in 2020, among other OT-focused firms. Thursday’s set of deals, by contrast, centers on embedding software capabilities — combined as an independent business under Accenture’s ownership — rather than only expanding services.
Dragos: industrial threat intelligence and an operational foothold
Dragos, founded in 2016 by former intelligence specialists and based in Hanover, Maryland, is presented in industry terms as a leader in detecting threats in OT environments. The company’s proprietary dataset of industrial threat intelligence has been characterized as a key asset and a reason it has become a trusted partner to critical infrastructure operators globally.
Under the announced terms, Robert M. Lee will continue to lead the combined entity as CEO and the business will operate independently within Accenture’s ownership structure.
runZero and NetRise: asset mapping, firmware visibility, and supply-chain scrutiny
Accenture’s purchases of runZero and NetRise bring distinct technical capabilities into the combined platform. runZero specializes in asset discovery and attack-surface intelligence — mapping what is connected to a network and identifying where it is exposed. NetRise focuses on firmware-level visibility and software supply chain security, areas the announcement notes have drawn increased scrutiny since high-profile incidents demonstrated how embedded vulnerabilities can propagate through industrial device ecosystems.
The CEOs of runZero and NetRise, HD Moore and Tom Pace respectively, along with NetRise’s chief technology officer Michael Scott, will join Dragos as senior executives, signaling an intention to fold those capabilities into a single, end-to-end offering.
Market context: xOT, AI, and the expanding attack surface
Accenture and Dragos describe the expanding environment that encompasses Internet of Things devices, cloud-connected sensors and related IT infrastructure as “xOT.” The companies framed the problem this way: as AI is integrated into industrial decision-making, the attack surface grows; at the same time, adversaries are using AI to shorten the window between compromising an IT network and pivoting to the OT systems underneath it. Despite that convergence, the release notes, most cybersecurity budgets remain concentrated on traditional IT, leaving critical infrastructure comparatively exposed.
The announcement cites market figures to justify the bet: the OT cybersecurity services market is estimated at roughly $7 billion in 2026, while the broader OT cybersecurity market — including software — is estimated at $27 billion this year and projected to reach nearly $59 billion by 2031, growing at approximately 16% annually.
What this means for technologists, policymakers, and critical infrastructure operators
- Technologists and security teams: The companies position the resulting Dragos Platform as an end-to-end product that combines industrial threat intelligence, asset discovery and firmware-level visibility. Teams will be watching integration paths and whether a consolidated platform can replace a “patchwork of software and services,” as Lee described organizations’ current state.
- Policymakers and regulators: The transactions are subject to customary regulatory approvals and are slated to close in August or September. Regulators will therefore have the immediate task of reviewing a large consolidation in a sensitive area noted in the release as capable of producing “societal threats” if mismanaged.
- Critical infrastructure operators and procurement leaders: Accenture promises to bring “decades of trusted relationships and deep expertise to help us scale and secure more critical infrastructure and physical operations globally.” Operators assessing procurement may now weigh a single-vendor, platform-oriented offering against the existing mosaic of point products and services.
Accenture’s purchase of Dragos and the outright buys of runZero and NetRise mark a clear strategic shift: from building OT services through acquisitions to owning a software-led platform aimed at the junction of IT, OT and AI-driven decision systems. The companies have set a timetable tied to regulatory review and have cast the upgrade of industrial defenses as not merely a competitive market opportunity but a societal imperative — leaving the coming months to determine whether a consolidated platform can reshape how critical infrastructure is defended.
