Critical Infrastructure Security , Endpoint Security , Governance & Risk Management

Dragos Boosts OT Defense with Network Perception Acquisition

Network Configuration Startup Adds Visualization Expertise to Dragos’ OT Platform
Dragos Boosts OT Defense with Network Perception Acquisition
From left, Network Perception co-founder and CEO Robin Berthier and Dragos Field CTO Phil Tonkin (Images: Dragos)

Dragos purchased a network configuration startup founded by a University of Illinois research scientist to offer more robust protection for critical infrastructure by improving visibility.

See Also: OnDemand Panel | Strengthening OT Security with HCLTech and Microsoft

The Baltimore-area OT cybersecurity stalwart said its acquisition of Chicago-based Network Perception will give clients visibility into possible risks based on network configurations, said Field Chief Technology Officer Phil Tonkin. Merging Dragos’ real-time network traffic monitoring with Network Perception’s configuration visualization will give organizations a more complete security solution, he said.

"While the Dragos toolset to date has given people visibility of what's happening within their networks, we've not been able to tell people what their networks are capable of doing," Tonkin told Information Security Media Group. "We didn't have the ability to take the configurations of the network and see what he was potentially capable of doing, where there may be flaws within that network configuration."

How Dragos, Network Perception Will Come Together

Network Perception, founded in 2014, employs 27 people and closed a $13 million Series A funding round in 2022 led by The Westly Group. The firm has been led by Robin Berthier, who was designing and developing specification-based intrusion detection systems for smart energy delivery systems. All of Network Perception's employees joined Dragos, with Berthier becoming vice president of user research and design (see: Effective Operational Technology Security? Embrace Response).

Dragos has excelled at visualizing real-time communication on OT networks, while Network Perception analyzes network configurations and access policies to determine what the network is capable of doing, Tonkin said. When combined, Dragos and Network Perception will provide a more complete view of both current network activity as well as potential vulnerabilities based on network configurations.

"When you combine those two things together, if you detect suspicious activity, you can also predict which room the adversary could get into based on the access points that you might force," Berthier told Information Security Media Group.

The integration of Network Perception's capabilities with Dragos' platform will offer enhanced visibility into potential network vulnerabilities by combining real-time network monitoring with detailed configuration analysis, Tonkin said. The combined capability will offer better context on both actual and potential network activity and offer a seamless user experience to customers already using both tools.

"It's about building out the most robust potential attack path adversaries may take so that the asset owner can take actions in advance, rather than just in response to what's happening," he said. "It really will help them to get to a much more defensible architecture by building out a robust response to those vulnerabilities and how the network is configured, rather than waiting for those threats to manifest."

Network Perception Looks Outside the US for Growth

Network Perception focuses on the U.S. electric sector and will benefit from Dragos' international reach, enabling expansion into other sectors such as manufacturing, gas and water, Tonkin said. The acquisition will help Dragos offer a more holistic solution to customers, particularly in sectors like manufacturing that are just starting to build out a defensible architecture, according to Tonkin.

"We started to see an opportunity to expand beyond the electric industry and beyond North America," Berthier said. "As soon as we saw how much aligned our missions were between Dragos and Network Perception, it became very organically natural to join forces."

Dragos aims to bring Network Perception's technology to international markets where the company has an established presence including in the United Kingdom, Germany, Saudi Arabia, Singapore and Australia, Tonkin said. The company has offices, people and routes to market in those regions, and Tonkin said that's going to be a multiplier for getting Network Perception's technology out there.

"The real strength of Network Perception in the market has been the U.S. electric sector," he said. "And while we want to maintain that and continue to grow it to the maximum of its potential, the greatest amount of growth is in other industries. It's taking that technology and growing it and showing people that as they build out defensible architecture, which is something the electric sector didn't have to do."

While mergers and acquisitions are not Dragos' primary growth strategy, Tonkin said the company remains open to future opportunities that align with the company's mission and culture. Network Perception is Dragos' first acquisition since March 2019, when the firm bought industrial control systems visibility technology provider NexDefense. Dragos last year closed a $74 million Series D extension round (see: Dragos Raises $74M to Advance OT Protection in Europe, Asia)

"It's not just about acquiring new logos or new go-to-market opportunities," Tonkin said. "It's about bringing together teams that are going to reflect the values and opportunities that Dragos brings to its customers in our mission to civilization."


About the Author

Michael Novinson

Michael Novinson

Managing Editor, Business, ISMG

Novinson is responsible for covering the vendor and technology landscape. Prior to joining ISMG, he spent four and a half years covering all the major cybersecurity vendors at CRN, with a focus on their programs and offerings for IT service providers. He was recognized for his breaking news coverage of the August 2019 coordinated ransomware attack against local governments in Texas as well as for his continued reporting around the SolarWinds hack in late 2020 and early 2021.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.asia, you agree to our use of cookies.