A wave of private-sector acquisitions targeting critical infrastructure assets is reshaping the boundary between corporate enterprise and national security, prompting new regulatory frameworks and raising fundamental questions about who controls the systems that underpin modern society.
In the first half of 2026 alone, private equity firms and defense contractors completed or announced acquisitions valued at more than $47 billion involving assets classified as critical infrastructure by the Department of Homeland Security. The targets span a widening spectrum: port terminal operations, satellite communications networks, water treatment facilities, electrical grid management systems, and cybersecurity platforms that protect government networks.
“We are witnessing a structural realignment,” said Dr. Natasha Gorin, senior fellow for defense economics at the Center for Strategic and International Studies. “The private sector is not just contracting with the government anymore. It is acquiring the infrastructure itself, and that creates an entirely different set of obligations, risks, and oversight requirements.”
The trend has been accelerating since 2024, when several high-profile transactions signaled that institutional investors viewed critical infrastructure as a stable, long-duration asset class. Blackstone’s $6.2 billion acquisition of a portfolio of regional water utilities in 2024 was followed by KKR’s purchase of a satellite ground station network from a European consortium in early 2025. This year, the pace has intensified. In March, Northrop Grumman completed its $9.4 billion acquisition of CyberVault Systems, a firm that provides intrusion detection and threat monitoring for 23 federal agencies. In May, a consortium led by Carlyle Group finalized the purchase of three Gulf Coast port terminal operations from a municipal authority for $4.1 billion.
The acquisitions are drawing scrutiny from lawmakers on both sides of the aisle. The Committee on Foreign Investment in the United States, known as CFIUS, has seen its caseload increase by 38 percent year over year, driven in part by the complexity of evaluating transactions where the acquirer is a domestic entity but the infrastructure in question has national security implications.
“CFIUS was designed primarily to evaluate foreign acquisitions,” said James Harrelson, a partner specializing in national security law at Covington and Burling. “The current framework is being stretched to accommodate transactions that involve domestic buyers but raise similar concerns about concentration of control, continuity of service, and access to classified systems.”
In response, the Biden administration proposed in April the Critical Infrastructure Ownership Transparency Act, which would require any private acquirer of designated critical infrastructure to submit to ongoing security audits, maintain minimum operational standards, and accept government board observer rights in certain cases. The legislation is currently in committee and has drawn support from defense hawks and progressive lawmakers alike, though industry groups have raised concerns about its potential to deter investment.
Defense sector consolidation is a particularly sensitive area. The acquisition of cybersecurity firms by traditional defense contractors has created entities with unprecedented access to both offensive and defensive capabilities. Analysts note that this vertical integration, while potentially efficient, raises questions about conflicts of interest and the concentration of sensitive capabilities within a small number of corporate entities.
“When a single company builds the missile defense system and also monitors the networks that control it, the oversight challenges multiply,” said Gorin. “The government needs to maintain visibility into these operations in a way that existing procurement regulations were never designed to provide.”
Proponents of private infrastructure ownership argue that private capital brings operational efficiency, technological innovation, and investment capacity that cash-strapped municipal and federal agencies cannot match. They point to measurable improvements in service reliability and cybersecurity posture at several privately acquired utilities as evidence that the model works.
“The choice is not between public and private ownership in the abstract,” said Catherine Dempsey, managing director of infrastructure investments at Apollo Global Management. “The choice is between aging systems that governments cannot afford to maintain and modernized systems backed by private capital with appropriate regulatory guardrails. The infrastructure needs the investment regardless of who signs the checks.”
As the debate continues, the pace of acquisitions shows no sign of slowing. With interest rates stabilizing and infrastructure assets offering predictable long-term returns, private capital is expected to remain an aggressive buyer. The challenge for policymakers will be constructing oversight frameworks that protect national security interests without discouraging the investment that critical systems urgently require.




