Cybersecurity dealmaking is expected to accelerate over the next year, driven largely by the rise of artificial intelligence-powered threats, advisors and investors say. But it might take a while to get going.

While the second half of 2024 saw a surge in global cybersecurity M&A thanks to resurgent private equity activity in Israel and the UK in particular, transactions in North America were more muted.

Mastercard’s [NYSE:M] purchase of Recorded Future for USD 2.65bn in December, and CyberArk’s [NASDAQ:CYBO] acquisition of Venafi for USD 1.54bn in October had given dealmakers hope that a revival was underway.

But concerns over tariffs, persistent inflation, and the Federal Reserve’s slow pace of interest rate cuts are causing businesses to reassess the market and dampening enthusiasm for big-ticket deals, said one banker.

“Some companies initially tested the waters late last year but ultimately, they are still waiting for better conditions,” said Keith Skirbe, a managing director in Houlihan Lokey‘s technology group who specializes in cybersecurity.

Strategic buyers remain active, targeting tuck-ins as well as mid-sized acquisitions, particularly in the USD 100m–USD 300m deal range, where transactions are less affected by rising borrowing costs, he noted.

Even as broader market uncertainty lingers, companies are prioritizing expanding their product offerings and shifting toward platform-based solutions rather than point products, Skirbe added.

According to Mergermarket data, there were 209 M&A transactions across the continent in 2024 totalling USD 23.3bn compared to 219 deals totalling USD 54.2bn in 2023, a year buoyed by Cisco Systems’ [NASDAQ:CSCO] USD 28bn purchase of Splunk.

AI’s deep impact

Cheap, open-sourced AI models exemplified by China’s DeepSeek are lowering the barriers for bad actors to spread their malicious attacks wider and more quickly.

“Unfortunately, we’re going to see some dramatically negative results from AI being used by attackers. It is already happening and it’s pretty widespread,” said Mark Kraynak, founding partner at Acrew Capital, a San Francisco-based venture capital firm specializing in cybersecurity.

Major breaches can be a deal catalyst, he said. “There is a lot of work to do for the security industry to adjust.”

Escalating risks will prompt cybersecurity firms to respond through AI integration, talent acquisition and strategic M&A, said Marcus Wolter, a partner and global director of corporate M&A at Caldwell Law.

Those AI-powered threats, combined with sector consolidation and possible rate cuts should lead to an uptick in M&A activity in the coming months, Wolter said. Private equity firms also have returned as active buyers, supported by ample dry powder and a perception that cybersecurity is a high-growth resilient sector, he added.

But AI also benefits cybersecurity providers through faster detection and response, said Manish Thakur, managing partner at New York-based Option3, a cybersecurity-focused private equity firm.

Many pre-revenue startups with innovative technologies are struggling to raise capital to scale and get their products to market, making them prime targets for larger consolidators. “It is a buyer’s market,” said Thakur, whose firm pivoted three years ago from early-stage venture to mid-market PE investments.

Large cybersecurity vendors are also likely to merge with big AI platforms because cybersecurity is currently easier to monetize than AI, which suffers from long sales cycles typical of technology in the early stages of adoption, said Louis Lehot, a partner at Foley & Lardner.

Cloud infrastructure providers such as  Alphabet [NASDAQ:GOOG],  Amazon [NASDAQ:AMZN],  Microsoft [NASDAQ:MSFT] and Oracle [NYSE:ORCL] are increasingly looking to add their own software capabilities on top of their platforms, rather than reselling third-party solutions. That “absolutely” could push them to acquire AI-native security solutions to enhance their offerings, said Lehot.

Small is big

While Cisco has a track record of acquiring larger publicly traded companies to spur growth and modernize its offerings, many pure-play cybersecurity players have taken a different tack.

Palo Alto Networks [NASDAQ:PANW] targets smaller-scale acquisitions to add products to its distribution channels, which has been an effective strategy, according to Kraynak.

The company has completed more than two dozen acquisitions over the last five years or so, all of them for under USD 1bn, according to Mergermarket’s database. Palo Alto bought IBM‘s [NYSE:IBM] QRadar network security assets for USD 500m in September, after which CEO Nikesh Arora told this news service it primarily seeks tuck-ins that can advance its AI and security automation efforts.

Crowdstrike [NASDAQ:CRWD] similarly has a penchant for small to medium-sized deals, Kraynak noted. It agreed to pay USD 300m for Adaptive Shield last November and made another five deals in 2024 ranging from USD 30m to USD 200m.

Zscaler [NASDAQ:ZS] also actively shops for AI tuck-ins, CEO Jay Chaudhry said last fall, and Fortinet [NASDAQ:FTNT] prefers deals between USD 10m and USD 50m, CFO Keith Jensen said.

Sector investors are keeping close tabs on venture-backed cybersecurity unicorns such as Aqua Security, Arctic Wolf, Claroty, Cyera, Huntress, Island, Orca Security, Persona, Silverfort, Snyk, Vanta and Wiz.

The companies that don’t make it to the public markets will likely be acquired, noted Kraynak.