Mergers and acquisitions hit record pace as ransomware and nation-state threats fuel demand for security
This audio is generated automatically. Please let us know if you have any comments.
An unprecedented increase in ransomware, software vulnerabilities, and malicious cyber activity against the private sector and critical infrastructure has led to a flurry of private equity investment and merger activity in the cybersecurity industry.
Information technology vendors were looking to create secure environments for customers. Enterprise customers have also demanded end-to-end security solutions that can track down sophisticated malware, detect software vulnerabilities, and protect sensitive employee data.
In the first quarter alone, the cybersecurity industry saw 108 mergers and acquisitions, with a combined deal volume of $29 billion, according to Progress Partnersa merchant bank with offices in Boston and New York.
“Cybersecurity is a unique segment where technology must constantly evolve to combat new adversaries and attack methods,” said Eric Bell, managing director of Progress Partners via email. “It doesn’t follow a typical technology maturity cycle.”
M&A activity in the sector is expected to hit a record pace for the second straight year, after hitting $70.4 billion in 2021, according to a market report from Progress Partners.
Cybersecurity market data shows strong investor demand, with $5.4 billion raised across 249 deals in the sector.
Some of the country’s leading IT and cloud service providers have led much of the M&A activity. They have invested heavily in acquiring smaller competitors and in new capabilities for their internal security departments, in part to protect the integrity of their software platforms and cloud service customers.
“Our mission continues to be focused on helping customers defend their growing digital estate against increasing cyber threats,” a Microsoft spokesperson said by email. “The acquisitions have helped provide Microsoft with broader security visibility by helping to reduce risk, prevent security breaches, and ensure compliance.
Microsoft said the acquisitions helped provide a more comprehensive view of threats targeting their business and a better understanding of vulnerable assets exposed to the Internet.
Alphabet CEO Sundar Pichai, speaking on Alphabet’s quarterly conference call with analysts on Tuesday, said cybersecurity was a particular priority for the company.
The company has been on a major acquisition spree in recent months, starting with the $500 million deal in January to acquire Siemplify, a provider of security orchestration, automation and response Technology. Siemplify’s SOAR technology had long been a missing piece of Chronicle, which serves as the primary threat detection and response platform for Google Cloud’s security business, according to Forrester Analyst Allie Mellen.
When reported negotiations between Mandiant and rival Microsoft failed, it left an opening for Google to fill its incident response portfolio shortfall.
“We are obviously delighted with our purchase of Mandiant, which I believe will also help us better serve our customers,” Pichai said on the call.
Congress and federal regulators have exercised additional scrutiny over the IT sector in recent years amid concerns about the growing power of the industry’s biggest tech companies.
Earlier this month, the DOJ sent Mandiant and Google a request for additional documents related to their agreement, according to deposits
Microsoft has embraced its ability to offer a comprehensive security platform as one of its key selling points to enterprise customers in recent years. During the company’s second fiscal quarter earnings call in January, CEO Satya Nadella said security-related revenue rose 45% to $15 billion from a year earlier.
Microsoft has 785,000 security customers, up 50% year over year, Nadella said during the fiscal third quarter call Tuesday. He said companies such as Citrix, Domino’s Pizza, Heineken and others use Microsoft to protect their multicloud infrastructure.
Gaps to be filled
Security acquisitions have been the focus of many IT companies in recent months.
IBM in November agreed to buy ReaQta, an initiative to expand its threat detection and response capabilities. As part of the agreement, IBM has extended its extensive detection and response capabilities through its QRadar XDR suite.
In February, the The Wall Street Journal reported Cisco had bid more than $20 billion for Splunk, a provider of data surveillance and security software. A Splunk spokesperson said the company does not comment on rumors or speculation, and Cisco did not respond to a request for comment on the talks.
SentinelOne has reached an agreement in March to buy Attivo Networks in a deal valued at $616.5 million in cash and stock. The acquisition will combine Attivo Networks identity protection and response technology, which focuses on credential theft and lateral movement, with Sentinel One’s autonomous XDR Platform.
“I think the biggest issue these days is that combining multiple solutions into security platforms can help customers,” said Peter Firstbrook, research vice president at Gartner. “There is a growing demand from buyers of enterprise security solutions for consolidated products that are integrated and work well together.
Firstbrook cites data showing that 70% of enterprise security buyers attempt to consolidate the number of vendors and products they purchase.
Venture capital investment in cloud security has accelerated in recent years, reaching $6.2 billion in 2021, from $2.6 billion in 2020, according to Gartner data.
Cloud-native application protection platforms have become a top growth area in terms of venture capital spending. The United States has 97 separate cloud security companies, according to Gartner, but Israel and China lead with 25 and 12 cloud security companies, respectively.
“Public companies buy innovative companies that fill gaps in their current offerings to [provide] innovative solutions”, Alberto Yepez, co-founder and managing director of Forgepoint Capital.
Customers are looking to add new security features to existing product suites, such as Secure Service Edge (SSE) or XDR, according to Brendan Burke, senior emerging technology analyst at Pitchbook.
“Recent waves of customer-driven acquisitions include secure software-defined wide area networking, XDR log ingestion, and privileged access control of employee desktops,” Burke said. “Leading vendors compete to acquire the most outstanding technology assets in these categories and, in some cases, pay significant premiums to win.”