Perspectives on the Biggest Cyber Security Deals of 2019
Updated: Mar 21, 2020
2019 was a very active year for cyber security industry for M&As and PE takeovers with more than 100 deals closed during the year. Here are our observations of the top 10 cyber deals.
1. Broadcom + Symantec's enterprise security business
The deal has less strategic angle (as there is no visible product synergy) and has more financial angle. Which means optimizing the operation of Symantec enterprise security business by reducing costs is the only play that comes to mind.
Security landscape is changing due to workloads moving to cloud and IoT security is going to complicate the landscape even further. Will be interesting to see how Broadcom creates a long term business by essentially taking over a discarded business from Symantec (Symantec kept the consumer facing security business - Norton and LifeLock).
2. Thales + Gemalto
This combination creates a world-class leader with an unrivaled portfolio of digital identity and security solutions based on technologies such as biometry, data protection, and, more broadly, cyber security.
We believe Thales has acquired a set of highly complementary technologies and competencies that enables Thales to cover the entire critical decision chain in an increasingly interconnected and vulnerable world, with capabilities spanning software development, data processing, real-time decision support, connectivity and end-to-end network management.
3. Francisco Partners + LogMeIn
LogMeIn has a compelling product portfolio and leadership in the Remote Access, Unified Communications and Collaboration, Identity, and Digital Engagement markets. It owns brands such as LastPass, GoToMeeting, GoToWebinar, OpenVoice and Join.me. But the unified communications and collaboration (UCC) market has a number of innovative players, like Zoom, BlueJeans and Highfive.
The acquisition is a shock given LogMeIn’s recent market activities as a clear path to creating a strong UCC offering. Recently, LogMeIn introduced a new GoToMeeting experience, dubbing it the “next step” in its UCC journey. This move followed on the “GoTo” UCC portfolio rebranding announced in March at Enterprise Connect 2019, along with the launch of GoToConnect and GoToRoom offerings.
The sudden change could be value destructive to what LogMeIn had built so far.
4. Thoma Bravo + Sophos
Following a buying spree in 2018 of $4.75B on Imperva, Barracuda Networks and Veracode, Thoma Bravo acquired UK-based Sophos for $3.9B in 2019. Sophos itself had been busy in 2019, snapping up San Francisco based cloud security startup Avid Secure, endpoint security platform DarkBytes, and MDR provider Rook Security.
Sophos was founded way back in 1985, and raised over $500 million before going public in 2015. Products include Managed Threat Response, XG Firewall and Intercept X Endpoint. Sophos hopes its new owner can help the company continue to modernize the platform.
As for the buyer, it sees a company with a strong set of channel partners that it can access to generate more revenue moving forward. Thoma Bravo acquired McAfee in 2017. In 2018, it acquired Barracuda Networks, a company noted for its network and cloud security prowess.
5. VMware + Carbon Black
Over the last few years, VMware has been slowly increasing its security product portfolio. With the $2.1B acquisition of cloud-based endpoint protection provider Carbon Black, the company is slowly becoming a top security provider competing against Cisco and other players.
Carbon Black provides a cloud-based endpoint security platform that uses big data and behavioral analytics to provide several capabilities such as threat hunting, incident response, antivirus and endpoint detection, and real-time endpoint query and remediation.
Microsegmentation is a top use case for VMWare NSX network virtualization platform. VMware can embed Carbon Black technology into NSX suite. VMware bought Intrinsic, a San Francisco-based security start-up focusing on Serverless computing just days before Carbon Black deal.
6. OpenText + Carbonite
Carbonite is among the largest cloud backup vendors, with a focus on the SMB and prosumer markets. Cloud platforms and secured, smart end-points are essential information management technologies as businesses undergo digital transformation. Carbonite has had a good run and a lot of its growth in the end point security and backup space.
OpenText is adding Carbonite to its portfolio to cover for backup and recovery space. This deal could enable OpenText to leverage Carbonite's existing offerings and GTM. OpenText could integrate data backup and endpoint-protection capabilities into its existing security offering that have not seen tremendous success in recent times.
7. F5 + Shape Security
Faced with increasing competition from virtualized appliances in its core application delivery controller (ADC) market and experiencing little top-line growth, F5 Networks turned to the security space for expansion. We believe there’s plenty of growth potential in anti-fraud protection. The vast majority of cyber attacks are aimed at applications or identities associated with applications and attackers now using tools and automation capabilities to commit fraud at scale. Cyber criminals are increasingly using botnets for targeted application attacks.
Shape Security protects against automated attacks, botnets and targeted fraud. Shape provides a number of solutions around application security and fraud prevention. Shape Security’s platform evaluates data flow from the user into the application, leveraging AI/ML supported by cloud-based analytics, to separate good traffic from bad.
Shape’s AI/ML powered capabilities could scale and extend F5’s broad portfolio of application services. F5 provides an optimal insertion point for Shape Security’s service because of its location within the data flow of traffic in more than 80% of Fortune 500 application infrastructures.
8. Jacobs Engineering + KeyW
Technical professional services firm acquired KeyW, a professional engineering services provider. KeyW’s cyber-services includes offensive cyber operations, risk assessment, penetration testing, network hardening and training courses. KeyW has long been a significant force in Intelligence, Surveillance and Reconnaissance (ISR), and its capabilities in this area have included rapid development of highly specialized sensor-based products, which the company has customized and deployed to support air, land, sea and space missions.
Jacobs’ global reach and proven track record executing large complex enterprise contracts provide a powerful platform to unleash KeyW’s complementary rapid technology development. Jacobs would extend its reach into government cybersecurity contracting by purchasing KeyW and increase its role in the ISR sector, a growing large market.
9. Insight Partners + Recorded Future
Insight Venture Partners bought threat intelligence provider Recorded Future. Insight has more than $20 billion of assets under management, and has cumulatively invested in over 300 companies worldwide.
Recorded Future offers vulnerability management services, dark web monitoring and tailored threat briefs, among other services. Recorded generates information to help customers better understand the external cyber threats they are facing. The company deconstructs strains of malicious SW obtained from cyber criminal forums and share the details with clients, helping the security team fend off attacks before they begin.
Insight previously made a Series E minority investment in Recorded Futures. We believe it could be a great investment outcome as Recorded is hyper-focused to provides clients with the threat intelligence needed to understand their environments, manage risk, and combat malicious actors.
10. Orange + SecureLink
Following AT&T’s acquisition of AlienVault for around $600M last year, 2019 saw another telco making major moves into the security consulting space with Orange buying Dutch managed security services provider SecureLink. Telcos have been diversifying beyond core ISP business for a while, especially Orange which has had a string of business services acquisitions recently.
SecureLink offers consultancy services, maintenance, and managed detection and response (MDR) solutions. Cybersecurity is a growing priority for companies of all sizes, and we believe two important success factors of any solution are scale and proximity. Scale because today’s threats are global, complex, and require matching protection capabilities. Proximity because in the global IT world, you want a trusted local partner to secure your most strategic assets.
With the acquisition of SecureLink, Orange has the highest scale to anticipate and fend off attacks, as well as local defense teams in all the main European markets, positioning the combined organization as the go-to defense specialist.
Comments