Mitsubishi Electric’s definitive agreement to acquire Nozomi Networks: what it means and why it matters

Mitsubishi Electric has signed a definitive agreement to acquire Nozomi Networks, a specialist in OT/IoT cybersecurity. When the transaction closes, targeted for the fourth calendar quarter of 2025, pending regulatory approvals, Nozomi will become a wholly owned subsidiary but continue to operate independently. The companies state that Nozomi will keep its headquarters in San Francisco and its R&D hub in Mendrisio, Switzerland, and will continue supporting “heterogeneous” (multi-vendor) customer environments.

Why this makes for an interesting acquisition

The deal formalizes a relationship that has been developing for years. Mitsubishi Electric invested in Nozomi’s $100M Series E in March 2024, and the two companies co-developed Arc Embedded, which is described as the first security sensor to operate inside industrial controllers, initially on Mitsubishi Electric PLCs. For a market that traditionally depended on passive network monitoring outside the controller, shifting security logic onto the device itself represents a significant change in visibility and depth.

The buyer also receives a cloud-first OT security platform, Vantage in the cloud, Guardian sensors on the network, and Arc on endpoints, which Mitsubishi can align with its automation portfolio and services. This strengthens the connection between device telemetry and analytics while maintaining Nozomi’s commitment to vendor-agnostic deployments, a must in mixed-vendor plants.

Implications for the OT security market

Consolidation has been reshaping OT security for several years (Tenable–Indegy; Cisco–Sentryo; Rockwell–Oylo; Honeywell–SCADAfence). Mitsubishi Electric’s move expands the trend from IT/OT integrations to OEM-embedded security, bringing protection closer to PLCs, RTUs, and drives. Buyers can expect quicker value from pre-integrated stacks and easier comparisons between OEM-bundled platforms.

Regulation acts as a strong tailwind. In the EU, the NIS2 Directive sets a minimal security and reporting baseline across critical sectors, explicitly including operators that manage OT. In the U.S., TSA security directives for pipelines and rail are continuously renewed and refined, maintaining demand for ongoing monitoring, incident response, and evidence collection. Vendors that readily align controls with these frameworks will have a distinct advantage.

What it means for Mitsubishi Electric

Strategically, Mitsubishi Electric introduces a mature OT-security platform into its industrial technology portfolio, strengthening a “secure-by-design” approach for new projects and retrofits. The official reason highlights a comprehensive OT-security solution and the integration of device-level data with AI-driven analytics, areas where a closely connected OEM–security partnership can stand out. Commercially, the acquisition opens up opportunities to bundle software subscriptions, services, and lifecycle support around Mitsubishi Electric equipment, while continuing to sell into multi-vendor environments through Nozomi’s channel. The main challenge in execution is to maintain Nozomi’s neutrality and openness even as deeper native integrations are implemented.

What it means for Nozomi Networks

Nozomi gains capital, global distribution, and privileged access to device internals, accelerants for roadmap items like embedded defenses and AI-assisted analytics, without sacrificing its brand, leadership, or routes to market. The company reaffirms that its operations and partnerships remain intact and that its platform will continue to support diverse environments. Evidence of this commitment is the recent extension of Arc Embedded to Schneider Electric RTUs, signaling that Nozomi plans to stay multi-OEM despite the new ownership. The main risks are perceptions of vendor lock-in and the challenge of maintaining extensive third-party integrations while focusing on stronger ties with Mitsubishi Electric hardware.

What it means for customers

Customers will see the change of ownership as a new opportunity to review and analyze their technology dependencies on a different vendor’s ecosystem. Mitsubishi represents a whole ecosystem that could pose some risk of vendor lock-in and reduced freedom of choice for customers. Major industries are accustomed to these dependency considerations and analyses.

For asset owners and operators, the short-term benefit is earlier, more accurate detection, down to controller logic changes and Level 0/1 process signals, through embedded sensors like Arc working alongside network sensors and cloud analytics. This can shorten the time to identify issues and improve incident response in complex, safety-critical settings. At the same time, customers should consider data residency options for cloud analytics, ensure support consistency across multi-vendor sites, and review pricing and licensing carefully as OEM-bundled offers evolve. The commitment to independence and diversity is encouraging; governance mechanisms such as roadmap transparency, public APIs, and integration certifications will determine how well that promise is fulfilled in practice.

Impact on the broader industry

This deal will encourage competitors to adopt more embedded OT security, on-device telemetry, and analytics rather than relying solely on out-of-band monitoring, while also speeding up “platform + services” packaging. Systems integrators and OEMs are likely to strengthen their partnerships around managed detection and response for OT. For policymakers and regulators, increased OEM involvement in security could make it easier to implement mandated controls and reporting, especially when directives specify testing, incident reporting, and program governance requirements. Over the next 12–18 months, it will become clear whether OEM-embedded approaches truly enhance threat detection and operational resilience without compromising openness and multi-vendor interoperability.

Bottom line

A large industrial OEM is bringing a leading pure-play OT-security platform in-house without (on paper) isolating it from the broader ecosystem. If Mitsubishi Electric and Nozomi follow through on the independence pledge while providing better device-level visibility and easier compliance, customers will benefit from stronger, more integrated defenses. The outcome will influence how cybersecurity becomes a core part of industrial automation rather than a separate add-on, marking a key turning point for the entire OT-security market.

Share via ...