The Rise of Cybersecurity M&A Activity
From a dealmaking perspective, Bundy Group is seeing aggressive buyers and financial sponsors acquiring security companies. These acquirers recognize the cybersecurity market’s continued growth in a challenging macro environment.
Strategic buyers and financial sponsors seek stability, profitability, growth and scale in a company, and the cybersecurity sector delivers those fundamentals.
1. Perimeter 81 and Thales
The cybersecurity industry has seen a steady rise in M&A activity, particularly among incumbents that are acquiring startups to stay competitive. This is largely driven by the need to invest in emerging technologies like AI-driven threat detection and response, data security, Zero Trust, and OT/IoT security.
In August, network security giant Check Point Software acquired Perimeter 81 for $490 million. Perimeter 81, which launched in 2018, runs a converged network and security platform that manages remote users and devices. Its products include Secure Access Service Edge, firewall as a service and Zero Trust Network Access solutions.
The deal is expected to boost Check Point’s unified security services and accelerate its deployment time. Moreover, the acquisition will enable it to build stronger capabilities for digital identity lifecycle management and provide better customer support. Currently, the company has strong market presence in Europe and the US. It is also working on expanding its offerings in Asia, with the recent purchase of OneWelcome.
Cybercriminals’ tactics change all the time, but what they’re after doesn’t: data and apps. Imperva helps enterprises defend those assets, with its flagship web application firewall (WAF) and API protection solution. It has a solid recurring revenue business model, and a diverse customer base that includes 35% of Fortune 100 companies. The company has a number of different delivery models, including as a virtual appliance and cloud-based managed service, which can be set up in minutes.
The acquisition of Imperva marks Thales’ move into the app security space, and will boost its cybersecurity portfolio. But, John Grady, an analyst with TechTarget’s Enterprise Security Group, notes that the company will have to work hard to see any go-to-market synergies. That’s because the buyers for data and application security tend to be different, he says. And Thales already has a strong presence in the data and analytics area.
3. Check Point Software
The cybersecurity firm has acquired several startups to boost its cloud security portfolio. Its latest deal, with Avanan, is aimed at identifying advanced attacks that may evade traditional email security tools. The company also provides a multi-layer defense for popular collaboration software, including G-Suite, Office 365 and Slack.
The tech giant’s strategy is focused on driving revenue growth by delivering a prevention-first approach that leverages collaborative cyber security, where multiple products work in concert to protect against the most advanced threats. Its unified cyber security platform helps organizations to prevent attacks on network, endpoint and cloud.
Its solutions include Check Point Infinity, providing cloud network security and posture management; Check Point Harmony that delivers endpoint and secure connectivity for remote users; and Check Point Identity Manager, which provides identity and access management and CASB for web applications. It also offers technical customer support programs and plans, as well as design planning and security implementation services.
Fortinet FTNT is a top cybersecurity vendor with a portfolio that includes endpoint detection and response (EDR), security information and event management (SIEM) and security orchestration, automation and response (SOAR). The company has a global partner network and offers its own channel program. Tech giants with a wider IT focus, such as Hewlett Packard Enterprise (HPE) and Cisco, have also announced acquisition deals to bolster their cybersecurity offerings.
MSSP Alert has tracked numerous mergers and acquisitions in the cybersecurity space, as a number of factors drive M&A activity. These include the growing threat landscape and a skills shortage, which often prompts smaller MSSPs to merge for scale and expertise. Here are some of the key deals from Q1: