A service of

Pandemic hack: Cybersecurity M&A breaches record

Mergers and acquisitions in the sector have reached USD 42.7bn in North America year to date – already, that’s 60% more than the previous record of USD 26.7bn set in 2019 and almost five times the USD 9bn done in a pandemic-interrupted 2020.

A handful of mega deals has inflated deal value, to be sure, but the number of deals done so far show 2021 will obliterate past records.

The biggest transaction was email security company Proofpoint’s USD 12.4bn sale to Thoma Bravo in April, followed by Auth0’s USD 6.5bn sale to identity management company Okta [NASDAQ:OKTA] in May and McAfee Enterprise’s USD 4bn sale to Symphony Technology Group (STG) in March.

Old school’s cool

Many of those deals may not have happened without the pandemic, which forced employees to work from home and collaborate remotely. That brought to the fore the need for ‘old school’ technologies such as Proofpoint’s email security, notes Ubaid Dhiyan, a director at Union Square Advisors. Often maligned as passé, email remains the dominant form of work collaboration. Proofpoint peer Mimecast [NASDAQ:MIME] could consider a similar path into private equity’s hands, speculates another dealmaker. 

Another ‘old school’ technology active in M&A is anti-virus software, needed more than ever to protect the home networks and devices of remote employees. In that field, NortonLifeLock [NASDAQ:NLOK] acquired the Czech Republic’s Avast for USD 8bn in August and McAfee [NASDAQ:MCFE], like Symantec before it in 2019, split its enterprise from its consumer business.

Identity mischief managed

The pandemic also pushed the need for better identity management, which spurred Okta’s Auth0 acquisition, and could bring into play others such as One Identity, OneLogin, Centrify, Ping Identity [NYSE:PING] or ForgeRock. A corollary to that is identity verification and fraud prevention, which Dhiyan notes has seen a lot of activity led by TransUnion’s [NYSE:TRU] USD 3.1bn Neustar acquisition this week. Others in that space include AuthenticID, Acuant, Onfido, Jumio and Socure

Securing clouds 

As companies’ workloads have increasingly moved to the cloud – a shift accelerated by the pandemic – the need to secure it has increased. On the back of that, startups like Netskope and Lacework have raised big rounds, and Zscaler [NASDAQ:ZS] has made acquisitions. Security for ‘containers’ – a computing environment software developers use to create applications in the cloud – is also drawing attention. Startups in container security that could be the subject of a financing or M&A transaction include Aqua Security Software and NeuVector

Meanwhile, Cisco Systems [NASDAQ:CSCO] and Palo Alto Networks [NYSE:PANW] – which have made sizable acquisitions of security companies in prior years – have been quieter than usual this year, notes Dhiyan. How soon before that changes?

[widget id="11232" widget_title=" 10 cybersecurity companies that could come into play"]