Our critical industries are moving into a modern era. Across manufacturing facilities, power generation sites, and the electrical grid, we're seeing a wave of digitization redefining the landscape of essential assets. The number of connected devices is expected to grow to over 40 billion before 2030, meaning that every solar panel, EV charger, or electrical tower can now benefit from advanced software and remote communication that didn't exist even ten years ago. This is monumental for monitoring, maintenance, and uptime. But it also ushers in a new chapter for IT complexity and cybersecurity risk.
Malicious activity, whether state-sponsored or criminal, is proliferating, and attackers are increasingly targeting energy, industrial, and supply chain operators because of their outsized impact on economies. In 2024, the average breach within industrial, technology, and energy sectors each exceeded $5 million, falling only below healthcare and financial firms as the costliest industries for cybersecurity risk1. Last March, it was revealed that Volt Typhoon hackers had infiltrated U.S. electric infrastructure for almost a year, while last April, Russian hackers took control of and opened the floodgate of a Norwegian dam. These attacks echo one of the most high-profile attacks in recent years, the Colonial pipeline ransomware attack, which led to a six-day shutdown across thousands of miles of pipeline.
While these cybersecurity threats mount, the landscape for solutions is responding: new players are attempting to unify security technologies across the OT and IT gap, redefine context-aware data security, bolster human defenses in high-risk environments, and augment security teams’ ability to tackle a growing workload. Buyers are evolving, too, with many IT decision makers ranking cybersecurity above general AI tools, data, or automation as a top priority. Cybersecurity budgets have grown by over 155% since 2020, and spending patterns reflect not only larger contracts, but a wider variety of use cases2. Furthermore, advances in AI have enabled greater efficiency in the defense of cyber systems, driving anticipated 26% YoY growth in the market for AI-supported cybersecurity products3.
These forces show that cybersecurity can no longer be relegated to a back-office function, but must be elevated to a central boardroom focus. At Energize, we’ve long seen secure critical systems as foundational to ensuring resilient and reliable energy and industrial systems. For nearly a decade, we have invested at this intersection of critical infrastructure and digital enablement, backing companies like Nozomi Networks (recently acquired by Mitsubishi Electric), Finite State, Awake Security, and SparkCognition (acquired by Avathon). Each of these companies has tangibly supported asset uptime, operational resilience, and system reliability. In tandem, we have grown our broad network of operators, customers, and partners across the cyber landscape to continue to bolster our visibility into the challenges and solutions across the market.
Since our first investments, we have seen the attack surface for energy, climate, and industrial technology evolve. As industrial environments increasingly adopt cloud analytics, remote access, AI-driven automation, and enterprise data platforms, we have witnessed the boundary between OT and IT solutions blurring. As sensors, controllers, networks, users, and data increasingly operate as a single, interdependent system, new vulnerabilities have emerged, demanding integrated solutions. Below, we explore this diversifying landscape, diving into OT visibility and security, human risk and cyberawareness, SOC augmentation and automation, and data security for enterprises grappling with rapid change.
Will you be in San Francisco this March? Join us for Energize Connect: Cybersecurity, an invite-only panel and networking session bringing together operators, investors, and corporates to examine how cybersecurity decisions are actually made and executed inside complex operating environments. Space is limited. Request an invitation here.
Challenge: Industrial control systems and operational technology (OT) are the backbone of energy and manufacturing. But their legacy designs were never built with cybersecurity in mind. Today, hyperconnectivity is exposing every turbine, substation, and sensor to potential intrusion. Distributed energy resources add resiliency at the grid level, yet every new endpoint becomes a new attack vector.
Solution: A new generation of platforms offers enhanced visibility, access, and security across fragmented operational environments, bridging the gap between legacy systems and the demands of a digitized system. There are innovators solving problems across real-time asset inventory (Insane Cyber, Solitude Labs), network segmentation (Elisity, Portnox), vulnerability detection (Finite State, Exein, Frenos), secure remote access (Cyolo, Dispel), and cyber risk quantification (DeNexus). For renewable and distributed energy operators, continuous monitoring is becoming as critical as generation capacity itself, ensuring that assets remain both available and secure. Leaders like Nozomi Networks exemplify how continuous visibility can reduce downtime, prevent cascading outages, and build trust in connected infrastructure.
We are still at the beginning of the journey in industrial and energy software. In a matter of time, we’ll see a full transformation happen. Mitsubishi announced its intention to acquire Nozomi not only because of our market leadership and current cyber capabilities, but also because of our ability to continue to build AI-driven software and lead with innovation in the market. Companies now understand the need for these solutions, and that awareness is creating space for the next wave of innovation. – Andrea Carcano, Co-Founder and CPO of Nozomi Networks
Challenge: Despite billions spent annually on cybersecurity, humans remain the weakest link. Verizon estimates that 68% of breaches involve a human element. Attackers now deploy AI-generated emails, deepfake-enabled “vishing,” and voice agents that dramatically increase believability. Static training programs and awareness modules are failing to keep pace.
Solution: The answer lies in dynamic, context-aware training powered by AI and LLMs. New platforms simulate phishing attempts that mirror the latest adversary tactics and coach employees in real time with a high degree of personalization. Innovators like Anagram, Dune, Fable, Hoxhunt, StrongestLayer, and more are redefining cyberawareness solutions. For energy and industrial operators, where even a single compromised account can disrupt grid operations or production, securing the human layer is as critical as ever. By turning awareness from a compliance checkbox into an adaptive defense, organizations fortify the “human perimeter” that underpins grid reliability, industrial safety, and the continuity of the energy transition.
Challenge: The rise of enterprise LLM adoption has unlocked new productivity but also introduced profound data risks. Employees may inadvertently paste proprietary information into external models or reach data through sanctioned AI systems that they were not supposed to have access to. Traditional Data Loss Prevention (DLP) and Data Security Posture Management (DSPM) systems may fall short in cloud-native, AI-driven workflows. Sensitive IP, customer records, and trade secrets are at risk of exposure.
Solution: Next-generation data security solutions are emerging to address this gap. Tools like Harmonic, BOLD, MIND, Orion, Sentra, Teleskope, among others, classify and monitor sensitive data in real time, enforce policies across distributed environments, or prevent leakage into external AI systems. For energy and industrial enterprises, protecting proprietary models, grid data, and end-user information is essential to system resilience. Companies deploying secure-by-design or private LLMs – augmented with these protective layers – can safely apply generative AI to myriad use cases from grid optimization to renewable project management without compromising operational security. By safeguarding intellectual property and critical data flows, these solutions don’t just reduce cyber risk. They protect the digital backbone of the decarbonized energy economy.
"Every enterprise wants to move fast on AI, but many are holding back because they can’t see or control how sensitive data is used or shared with these models. Secure adoption depends on understanding both the intent behind AI use and the sensitivity of data in real time. At Harmonic, we’re building the missing governance and control layer for employee use of AI—all powered by our small language models that coach employees at the point of data loss." – Alastair Paterson, CEO and Co-Founder of Harmonic
Challenge: Security Operations Centers (SOCs) face a deluge of alerts, with false positives overwhelming analysts. Most detection platforms struggle to separate anomalous activity from truly malicious threats, creating noise that delays incident response. Even smarter systems may not provide sufficient context to expedite security teams’ work. As attack velocity increases, manual triage is no longer sustainable.
Solution: Incorporating agentic AI to augment and empower SOC teams promises a step-change in resilience. By automating or simplifying lower level analyst tasks – such as alert triage, enrichment, and summarization – automation solutions can help reduce noise and accelerate time-to-response. Leading companies building the latest solutions include Exaforce, AirMDR, Conifers, Dropzone AI, Prophet, Qevlar AI, among others. In the energy sector, where downtime in a grid operator’s network or an asset’s control system can cascade across entire regions, faster detection and remediation directly equate to operational stability and financial performance. The result is a unified, adaptive defense layer capable of protecting both electrons, data, and production.
“The shift from reactive alert chasing to proactive, context-driven defense is essential for securing sectors like critical energy and industrial infrastructure. SOC teams need AI that transforms the operating model, not just speeds up triage. Exaforce’s agentic SOC platform already enables customers like Commonwealth Fusion Systems to resolve more alerts and protect a larger technology surface. With better data preparation and AI that goes beyond LLMs, analysts can escape the noise and routine tasks and stay ahead of adversaries who are weaponizing automation against vital infrastructure.” – Ankur Singla, Founder & CEO of Exaforce
Today, infrastructure resilience is inseparable from cybersecurity. As energy and industrials become more data-driven, decentralized, and AI enabled, their operations will hinge on innovative solutions that can defend against a growing field of malicious actors. From OT visibility and human-layer defense to AI model security and automated SOC operations, solutions are stepping in to reduce vulnerabilities and reinforce critical industries. The companies that endure will be those that treat security not as a brake on innovation, but as a prerequisite for operating at scale. As electrification and digitization reshape the economy, cybersecurity will play a decisive role in how quickly, and how safely, that transition moves forward.
1 IBM
2 Energize Analysis of IANS Research
3 Energize Analysis of data from Markets&Markets, Allied, Markets.us, GrandView Research, AcumenResearch
