For many years, operational technology (OT) security programs have been designed around the concept of a discrete, identifiable set of industrial control systems. Technologies traditionally relied upon, like Programmable Logic Controllers (PLCs), Distributed Control Systems (DCS), and Supervisory Control and Data Acquisition (SCADA) assets, were used to define the perimeter of an organization’s systems, rendering them visible, enumerable, and defensible.
This was reflective of how operational environments worked when the model was developed, but it is not effective in protecting modern OT programs. The recent announcement of industrial cybersecurity company Dragos acquiring extended internet of things (xIoT) security firm Phosphorus is a step toward extending OT security to the full modern environment.
The Environment That Quietly Outgrew the Program
While legacy OT security measures may have been effective for the OT landscape of the time, the makeup and operations of OT have expanded over time to make existing security architecture untenable. Modern environments contain billions of connected devices—IoT sensors, building systems, network-attached equipment—that are woven into critical infrastructure without systematic security consideration. Each of these devices represents a potential point of compromise, and the connectivity often makes it simple for that compromise to spread.
These environments are overwhelmingly not configured and monitored in ways that reflect the reality of the modern technology and threat landscape. Default credentials, unpatched firmware, and unmanaged configurations have been allowed to accumulate across an invisible device layer, creating widespread risk that organizations cannot see or prevent. Adversaries have already been operating across the full extended operational technology (xOT) environment, while defenders have remained anchored to the narrower scope of OT.
The Reckoning: A Gap Too Large to Patch Around
Organizations must recognize the crucial demand for a structural fix to the problems presented by sprawling xOT environments not being properly secured. Security programs are now being forced to confront the reality that connected device sprawl renders traditional OT visibility incomplete by design. Device-layer blindness creates direct, exploitable adjacency to the industrial operations that traditional security programs were built to protect.
The industry’s point-solution era is proving insufficient in protecting modern OT environments, requiring a reframing of how OT security is approached on a broad scale. This problem demands platform-level coverage and concerted efforts to build sophisticated OT security architecture, not incremental tooling. Organizations and the industry at large must make fundamental changes to OT security measures and infrastructure.
Dragos Responds With an Architectural Answer
Seeing the evolution of the modern xOT environment, Dragos has been taking steps to expand its capabilities through deals with other companies. The acquisition of Network Perception in October 2024 established the structural layer, enabling OT network visibility, segmentation validation, and compliance mapping. The integration of Network Perception’s capabilities also helped Dragos to simplify the analysis of firewall rules and router/switch access paths, processes which can often be prohibitively complex.
The Phosphorus acquisition builds on this by adding the device layer, providing comprehensive discovery, automated remediation, and continuous risk reduction across the full landscape of connected devices. These two acquisitions represent two deliberate pieces of an overall strategy, where one maps the network while the other secures everything running on it.
What the Acquisition Demands of Everyone Watching
This acquisition communicates to the industry that Dragos is making moves to establish effective security in modern, growing OT environments. Security leaders now face the same reckoning that Dragos is responding to; the scope of security programs must expand to match the xOT environment and its needs. The estimate of Dragos’s total addressable market opportunity at over $50 billion signals a broad industry recognition that connected device security is no longer optional or separable from OT defense. The organizations that redefine their perimeter now will be positioned to defend it, while those that don't are already operating blind.
