Top 9 cybersecurity M&A deals of 2018 and 2019 (so far)

2018 was a busy year for mergers and acquisitions in the cybersecurity industry. Here's why the M&A market is so hot and what to expect in 2019.

As the market for cybersecurity products and services grows, so does the value of the companies that provide them. This is reflected in the number of mergers and acquisitions of cybersecurity firms that took place in 2018. Technology M&A advisory firm Hampleton Partners reports that more than 140 cybersecurity deals occurred in 2018, and at least nine of them were worth $500 million or more. Four deals were worth more than a billion dollars.

“Cybersecurity basically is everywhere in the tech industry today,” says Hampleton Partners Director Axel Brill. “Everything is connected today, it really cries for more security in those in all areas.”

Identity and access management (IAM), network security and financial/transaction cybersecurity were the three largest areas of activity. “IAM is gaining increasing attention as we move more and more towards a zero-trust world and the notion of perimeters continues to fade,” says Dino Boukouris, director at cybersecurity M&A advisory firm Momentum Cyber. “Cloud infrastructure security heated up significantly as the lift and shift to hybrid cloud infrastructure rapidly accelerated.”

Here are the nine largest cybersecurity M&A deals from 2018 and an early look at what to expect in 2019.

1. Cisco buys Duo Security for $2.35 billion

Networking giant Cisco’s $2.35 billion purchase of zero-trust security provider Duo Security was the largest security acquisition of 2018, and evidence of the growing realization that the need for all encompassing cloud security is a pressing issue. In an earnings call just after the acquisition, Cisco CEO Chuck Robbins said the Duo buy was about “expanding the company’s portfolio for the multi-cloud world. Duo’s SaaS delivered solution will expand our cloud security capabilities to help enable any user on any device to securely connect to any application on any network,” he said.

It’s report, Hampleton Partners said that Cisco saw a user-friendly dual authentication solution as a growth opportunity in a time when the threat of security breaches through weak user passwords continues to grow. “Cisco was actually struggling with security for their devices mainly being based on password security,” says Hampleton Partners’ Brill. “Duo can help making access to Cisco devices more secure and at the same time easier to access.”

2, 3 and 5. Thoma Bravo buys Imperva for $2.1 billion, Barracuda Networks for $1.6 billion and Veracode for $950 million

One of the most active companies in the cybersecurity space in 2018 was private equity firm Thoma Bravo, which spent a collective $4.75 billion on three acquisitions. The biggest was its purchase of application and data security provider Imperva for $2.1 billion, followed by network security company Barracuda Networks for $1.6 billion. The company also bought Veracode, which provides application security testing services, for $950 million from CA Technologies shortly after its surprise acquisition by Broadcom.

To continue reading this article register now

FREE Download: Get the Spring 2019 digital issue of CSO magazine today!