Welcome to Viakoo’s daily OT/ICS/IoT cybersecurity briefing for June 18, 2026. Today’s update highlights major industry moves, critical vulnerability patches, regulatory changes, and emerging threat trends shaping the operational technology landscape.
Accenture Acquires Dragos, runZero, and NetRise to Build End-to-End OT Cybersecurity Platform
Accenture announced it is acquiring a majority stake in Dragos along with full ownership of runZero and NetRise for a combined enterprise value of approximately $4.175 billion. This acquisition will create a unified ‘xOT’ security platform that spans industrial control systems, IoT sensors, and cloud-connected OT devices across critical infrastructure sectors. The deal is expected to close by late summer 2026, with the new entity operating independently under the Dragos brand within Accenture.
Source: Accenture Newsroom
Rockwell Automation Patches Critical ICS Vulnerabilities in Logix Controllers, FactoryTalk, and RSLinx
Rockwell Automation issued extensive security updates addressing multiple critical and high-severity vulnerabilities across its ICS product suite, including Logix controllers and FactoryTalk software. The flaws could allow unauthenticated attackers to bypass authentication, cause denial-of-service, alter device credentials, and gain full administrative access. CISA has distributed advisories, highlighting active exploitation of an older vulnerability dating back to 2021.
Source: News4Hackers
Senator Warner Warns CISA Staffing Cuts Leave Critical Infrastructure Cyber Defense Dangerously Weakened
Senator Mark Warner expressed serious concerns over CISA losing nearly one-third of its workforce since early 2025 amid proposed budget cuts that threaten key security programs. The defunding of MS-ISAC has disrupted free cybersecurity monitoring for thousands of state and local entities. Warner has introduced legislation to restore funding and demanded transparency from CISA on staffing and operational gaps by June 26.
Source: GBlock
Australia’s CISC Unveils Enhanced CIRMP Rules Targeting AI, Legacy Systems, and Supply Chain Risks in Critical Infrastructure
The Cyber and Infrastructure Security Centre published updated Critical Infrastructure Risk Management Program rules requiring operators to address cybersecurity risks from AI, legacy systems, and supply chain threats. Key mandates include phishing-resistant multi-factor authentication and system segregation across energy, water, gas, and other vital sectors. These measures are supported by a significant government investment and will take full effect starting in 2027.
Source: Industrial Cyber
S4x26 Research Reveals Harmonic Swarm Attacks, Hardware Trojans, and Compliance Pressure Reshaping OT Threat Landscape
At the S4x26 conference, experts highlighted emerging OT threats including harmonic swarm attacks that target transformers with high-frequency signals, hardware trojans carrying cyber-kinetic payloads, and the rise of Industrial Control Lifecycle Management as an OT-specific resilience approach. New EU regulations impose steep penalties for non-compliance, underscoring the financial risks of cyber failures over probabilistic incident costs.
Source: IIoT World
Thank you for reading today’s briefing. Stay vigilant and proactive in securing your OT and IoT environments to mitigate evolving risks.
