Accenture, Deploys

Accenture Deploys $4.2 Billion in OT Cybersecurity Takeovers as New European Rules Reshape Incident Reporting

Veröffentlicht: 09.07.2026 um 14:27 Uhr, Redaktion boerse-global.de

Accenture acquires Dragos, RunZero, NetRise for $4.175B to build OT security platform. Swiss 24-hour reporting and EU NIS2 enforcement drive market to $59B by 2031.

Accenture's $4.2B OT Security Bet as Switzerland and EU Tighten Cyber Rules
Accenture - Accenture Deploys $4.2 Billion in OT Cybersecurity Takeovers as New European Rules Reshape Incident Reporting 09.07.2026 - Bild: über boerse-global.de

While regulators in Switzerland and the European Union race to tighten cyber incident reporting, the market for operational-technology (OT) security is exploding. Accenture has just sealed a multi-billion-dollar bet on the sector, acquiring majority stakes in Dragos, RunZero and NetRise for a combined $4.175 billion. The consulting giant plans to bundle the three firms into an end-to-end protection platform aimed at critical infrastructure operators.

Analysts estimate the global OT cybersecurity market at roughly $27 billion this year, with projections climbing to $59 billion by 2031. That expansion is being fuelled by a wave of new legal obligations that take effect between now and 2026.

Switzerland Enforces 24-Hour Notification for KRITIS Operators

Under the Swiss Information Security Act (ISG), operators of critical infrastructure (KRITIS) must now report security incidents to the Federal Office for Cyber Security (BACS) within 24 hours. The law also mandates specific protective measures: network segmentation, periodic risk assessments, access controls and employee training.

The urgency is backed by data. Cyberattacks on Swiss industrial facilities have doubled since 2022, and around 80 percent of the country’s KRITIS operators have already experienced an OT-related security incident.

EU Pushes Back Against Lagging Member States

Across the border, the European Commission has launched legal proceedings against four EU member states that failed to transpose the NIS2 directive into national law. But some jurisdictions are already sprinting ahead. Saxony-Anhalt unveiled its own cybersecurity strategy yesterday. The Netherlands will require roughly 8,000 organisations and 500 critical entities to meet new registration and reporting duties starting 15 August 2026.

Legacy Systems and Empty Plans Hamper Compliance

Despite the regulatory push, implementation remains patchy. A recent study by cloud provider Plusserver found that only 34 percent of surveyed companies have fully adopted NIS2 requirements. Nearly half of industrial firms (48 percent) say that outdated OT equipment – “legacy” systems hard to integrate into modern zero-trust architectures – is the main roadblock.

Another survey by G DATA, Statista and brand eins indicates that 97 percent of German companies have emergency plans on paper. But depth is lacking: only 51 percent deploy active attack-containment measures, and just one in three firms uses forensic analysis or external incident-response teams. A G DATA expert warns: “Theoretical plans without regular practical drills fall short when a real incident strikes.”

Hardware Moves Fill Gaps in Critical Infrastructure

The scramble for security extends beyond software. In early July, SFC Energy acquired the methanol-reformer technology of insolvent supplier Siqens. The deal, in the upper six-figure euro range, aims to plug performance gaps in power supply for critical infrastructure – particularly in telecoms and public safety.

Countdown to the Cyber Resilience Act

The most consequential deadline lands on 11 September 2026, when the EU’s Cyber Resilience Act (CRA) enters force. Manufacturers of connected products must report actively exploited vulnerabilities within 24 hours (an early warning) and file a detailed notification within 72 hours – both to Germany’s BSI or the CERT-Bund. Experts urge companies to build monitoring structures and coordinated vulnerability-disclosure procedures now.

Disclaimer zu unseren Artikeln: Keine Anlageberatung, keine Kauf oder Verkaufsempfehlung. Angaben zu Kursen, Unternehmen und Märkten ohne Gewähr; Änderungen jederzeit möglich. Börsengeschäfte können zu hohen Verlusten führen. Unsere Beiträge werden ganz oder teilweise automatisiert mit Unterstützung von AI erstellt und geprüft.

en | boerse | 69731915 |