NCC Group acquires Matasano Security

I've long respected the folks at Matasano Security. They've done a lot of great work in recent years and the people who work there have always been friendly and accessible when I've come knocking. I've also observed from a distance that the company has been working, as someone on Facebook put it, "so hard and so lean" for so many years. This morning comes word that the company has been acquired by NCC Group for £8.4m ($13.0m) in cash.

NCC Group CEO Rob Cotton said in a press release:

"Matasano is a highly respected industry player and this acquisition is a key strategic development for us. It substantially increases our presence and profile in the US, particularly within the important east coast market, considerably widening our capabilities and industry IP and bringing a number of leading blue chip technology customers.

"We are delighted that the very experienced and successful management team is staying with the Group.  We are confident that they will continue to enhance their reputation as well as Matasano's excellent financial track record of growth, supported by our Group resources and the wider international client base."

Matasano's Thomas Ptacek announced the sale on his Facebook page, saying, "Yes, that happened: our company (Matasano) got acquired by NCC Group; we join friends and west-coast rivals iSEC Partners, along with Manchester's NGS Secure. We continue on as Matasano, operating independently, just like iSEC does."

NCC Group's announcement delved into its larger strategy:

The purchase of Matasano is the Group's eighth in the network testing and software security space and the second in North America.  The acquisition will substantially strengthen and complement the Group's position in New York as well as providing a good opportunity to further expand the service offerings in Chicago.

The earnings enhancing acquisition will enable NCC Group to offer a wider geographical coverage in the US, as well as a broader range of information security assurance services as Matasano complements the Group's existing capabilities. 

The folks at Matasano have a rich history in the information security community. Dave Goldsmith is one of the co-founders of @stake, a company that included such industry legends as Dan Geer, Mudge, Dave Litchfield, Chris Wysopal, Mike Schiffman, Dildog and Mark Kriegsman. Jeremy Rauch was an original member of the ISS X-Force and a co-founder of SecurityFocus.

On Ptacek's Facebook page, Wysopal wrote, "Congratulations Tom, Dave, and Jeremy. Looks like some very nice numbers. Lots of my @stake friends all sort of back in one place 10 years later."

Matasano was established in 2005 by the current management team, is headquartered in New York and employs 29 employees, most of whom are testers and also has offices in Chicago and Mountain View, California. 

Its clients include numerous blue chip organizations and 95 percent of its revenue is derived from the provision of services to the software, information technology, internet, banking and insurance sectors. The business will be managed autonomously within the Group's Assurance Division by the existing Matasano management team and will trade as Matasano, an NCC Group company.

Congrats to everyone involved.

Copyright © 2012 IDG Communications, Inc.

7 hot cybersecurity trends (and 2 going cold)