Secure Mobility Platforms
KPIT Moves to Acquire Cybersecurity Specialist Cymotive
As vehicles become more software-defined, cybersecurity becomes not just a protection layer, but a strategic foundation for future mobility platforms.
Adobe stock / keks20034
KPIT is taking a staged route towards full ownership of Cymotive by 2029, strengthening its cybersecurity portfolio as connected, software-defined vehicles turn threat analysis, monitoring and lifecycle protection into strategic requirements.
KPIT Technologies is expanding its automotive
cybersecurity capabilities through an investment in Israeli specialist
Cymotive. The Indian software company is initially investing $10 million, with
the funds set to convert into equity once defined milestones are reached. The
transaction is designed to give KPIT a majority stake first, followed by a full
takeover in two stages by mid-2029.
Why KPIT is investing in automotive cybersecurity
KPIT’s move reflects the growing importance of cybersecurity
in software-defined vehicles. As more vehicle
functions depend on software, connectivity and over-the-air
updates, cyber resilience is becoming a prerequisite for development,
homologation, operation and customer trust.
The planned acquisition also shows how cybersecurity is
shifting from a specialist add-on to a core engineering capability. For OEMs
and suppliers, security now has to be built into vehicle
architectures, software platforms and lifecycle processes from the
beginning. That makes companies with deep automotive cybersecurity expertise
strategically valuable.
KPIT CEO Kishor Patil described cybersecurity as fundamental
to how vehicles are developed, built and ultimately used. For KPIT, Cymotive
therefore fits directly into a long-term strategy focused on software-defined
mobility, platform engineering and secure vehicle operation.
KPIT and Cymotive: key facts at a glance
Deal structure: KPIT is initially investing $10
million, with a staged path towards full acquisition by mid-2029.
Target company: Cymotive is an Israeli automotive
cybersecurity specialist with close links to Volkswagen Group brands.
Strategic focus: The deal strengthens KPIT’s
cybersecurity capabilities for software-defined and connected vehicles.
Portfolio fit: Cymotive’s solutions are expected to
complement KPIT’s Beacon platform and wider vehicle software portfolio.
Business potential: KPIT sees opportunities to generate product and licence revenues beyond its traditional engineering services business.
Industry relevance: The transaction reflects the growing importance of cybersecurity as a lifecycle requirement for future vehicle platforms.
How the takeover is structured
KPIT will initially invest $10 million in Cymotive. If
defined milestones are achieved, this investment will be converted into equity,
giving KPIT a majority stake in the company.
The full acquisition is planned in two further tranches and
depends on Cymotive reaching agreed revenue and earnings targets. According to
KPIT, the total transaction value could range between $60 million and $120
million. Completion is expected by mid-2029.
This staged structure gives KPIT a path to full ownership
while tying the final valuation to Cymotive’s commercial performance. It also
allows Cymotive to continue operating with its existing management and customer
base while gaining access to KPIT’s global delivery network and OEM
relationships.
What Cymotive adds to KPIT’s portfolio
Cymotive was founded more than a decade ago together with Volkswagen’s software subsidiary Cariad and works
closely with brands in the Volkswagen Group. The company covers the automotive
cybersecurity chain from architecture and threat analysis to monitoring and
homologation.
KPIT plans to integrate Cymotive’s solutions into its own
portfolio, particularly in combination with its Beacon platform. The aim is to
create an end-to-end approach in which cybersecurity functions are embedded in
software platforms across the entire vehicle lifecycle.
That lifecycle perspective is becoming increasingly
important. Connected vehicles cannot be secured only at launch. They need continuous monitoring, threat response, update governance and
compliance support throughout their years in operation. Cymotive’s
expertise could therefore help KPIT strengthen both engineering services and
software-based security offerings.
Why cybersecurity can become a revenue platform
The transaction is not only about adding engineering
expertise. KPIT also sees the potential for new product and licence revenues
from integrated cybersecurity solutions. That points to a broader shift in the
market, where security is becoming part of repeatable software platforms rather
than only project-based consulting.
For KPIT, this could open up new business models around
secure software development, monitoring, compliance and lifecycle protection.
For Cymotive, the partnership offers a way to scale its solutions globally
through KPIT’s customer access and delivery capacity.
Cariad CFO Andre Stoffels said the partnership could help
accelerate the development of practical cybersecurity solutions that carmakers
need today. Cymotive Chairman Yuval Diskin also positioned the deal as a way to
scale cybersecurity solutions globally and address rising mobility security
requirements.
The message is clear: as vehicles become more
software-defined, cybersecurity becomes not just a protection layer, but a
strategic foundation for future mobility platforms.
