DNV, the independent assurance and risk management provider has announced plans to acquire industrial cyber security specialist Applied Risk, DNV said on Nov. 24. The two companies will join forces with the aim to build the world’s largest industrial cyber security practice, defending critical infrastructure against emergent cyber threats.

Threats to industrial cyber security are becoming more common, complex and creative. In 2020, nine in ten companies in the manufacturing, energy and utilities, healthcare and transportation sectors suffered an attack on the computing systems managing their industrial operations. Recovery from an attack can cost organizations hundreds of millions of dollars and companies face are facing increasing pressure to comply with tighter regulation.

Attacks are also becoming increasingly dangerous: Gartner forecasts that cyber criminals will go beyond making attacks for financial gain this decade, and progressively weaponize industrial control systems to cause harm to human life. According to Forrester Research, 63% of organizations within industrial sectors said the safety of their employees was highly or critically impacted by cyber security breaches.

“Industrial assets such as windfarms, oil and gas infrastructure, ships, manufacturing facilities and medical equipment, are now at higher risk of new forms of cyber-attack as their control systems become increasingly connected," said Remi Eriksen, group president and CEO of DNV.

"By joining forces with Applied Risk, we aim to build an industrial cyber security powerhouse to support our customers in managing these emerging risks," he said.

Established in 2012, Applied Risk is a thought leader in next generation cyber security solutions for industrial sectors. Applied Risk’s experts will join forces with DNV’s cyber security specialists, who work with governments, corporations and industrial operators to keep projects and operations secure. DNV provides real-world cyber security expertise to some of the world’s most complex infrastructure projects, helping customers identify their cyber risks, build a powerful force of defense against threats, recover from attacks and win stakeholder trust and support.

Both companies will operate together under the DNV brand. A combined leadership team from both companies will be tasked with scaling a merged cyber security business with ambitions for significant growth by the end of 2025.