2021 is already shaping up to be one of the most challenging years on record for cybersecurity, with ever more sophisticated attackers plumbing the dark corners of our systems and networks. The past couple of years have led companies to realize that cybersecurity isn’t just a check-the-box enterprise – it has to be a fundamental component of their operations, services, and cultures, which essentially leaves companies with no choice but to pour in more investments in cybersecurity. Many factors have conspired to drive this shift: rapid digitization across industries and sectors, rising usage of cloud services, IoT devices, the surging availability and effectiveness of digital communication and collaboration tools, the large-scale shift to remote work, and the increasing sophistication and frequency of cyberattacks. This growing demand for cybersecurity has led to rising mergers and acquisitions in the field this year, with close to 40 firms being acquired until early October itself. The industry saw many of its biggest players pursue acquisitions throughout 2020, into 2021, with large players such as Accenture and Deloitte filling in the gaps in their product strategies with acquisitions of smaller specialised firms, and both strategic and private investors also rushing with investments into these cybersecurity firms, cashing in on the rising need for cyber protection.
The cybersecurity industry has been experiencing rapid global growth for the past decade and, with many companies forced to transition to online, the pandemic only increased this urgency and the relevance of the industry. The cyber security market size was valued at $149.67 billion in 2019 and is projected to reach $304.91 billion by 2027, growing at a CAGR of 9.4% from 2020 to 2027, according to Allied Market research. In line with the rise of M&A transactions, cybersecurity fundings also remained in high gear this year - According to Crunchbase, just over $14 billion has been invested in cybersecurity year to date.
Despite the fact that cyberattacks have exploded over the past few years, companies have still not been able to keep pace with all the changes that are making security awareness increasingly indispensable. Keeping these security gaps in focus, enterprises are now pouring in more investments into cybersecurity companies, realizing that cybersecurity is essential for securing data centers, as they are the heart of many enterprises, providing scalable, reliable access to Data and Applications that define the organization. As these data centers have become more valuable, so too has the job of securing and monitoring them. And now with the advancement of emerging technologies such as Artificial Intelligence and Machine Learning, new methodologies and hyper-automation are increasingly making the cybersecurity domain automated and more effective in managing risk. It enables threat detection and helps further analyze the threats to building better cybersecurity products that grow business for cybersecurity firms. It has become imperative for organisations to adopt cybersecurity defenses that are diverse as the right combination of technologies is different for every organization. Highlighting how cybersecurity is an absolute necessity for companies of all sizes and in all sectors, the following are some recent Strategic Partnerships specialized cybersecurity firms have entered into with established Global Technology Consulting players leading to accelerated growth and innovation:
-
- Deloitte acquired industrial cybersecurity business aeCyberSolutions from aeSolutions, bolstering its existing cybersecurity offerings with the aeCyberSolutions business’ well-tested frameworks, methodologies and technology-enabled tools for industrial control systems / operational technology (ICS/OT) security. The deal also brings aeCyberSolutions’ professionals, who have deep experience in industrial sector standards development and risk advisory services. The addition of the aeCyberSolutions business marks Deloitte’s fifth cyber acquisition in 2021, demonstrating its commitment to aggressively expanding offerings and deepening capabilities that help clients address a broad range of cyber challenges.
- Rapid7 bought threat intelligence and remediation firm IntSights Cyber Intelligence. with the intent of combining IntSights' external threat intelligence capabilities with its own threat intelligence technology for customer environments. This combination is intended to provide customers with a unified view into threats, attack surface monitoring, relevant insights, and proactive threat mitigation for organizations of any size or level of security maturity. This acquisition also enhances Rapid7’s industry-leading cloud-native extended detection and response (XDR) offering, InsightIDR, by enabling high-quality, high-fidelity alerts to ensure efficient security operations, earlier threat detection, and accelerated response times.
- TPG Capital, the private equity platform of global alternative asset firm TPG, acquired a majority stake in Centrify, from Thoma Bravo, a leading private equity investment firm focused on software and technology-enabled services sectors. The investment expands Centrify’s leadership in identity security and privileged access management. Centrify’s secure platform addresses the cyber threat challenge by leveraging existing enterprise identity infrastructure to enforce least privilege access at scale for humans and machines, in the cloud and on-premises. With Centrify, enterprises can automate and seamlessly integrate privileged access controls, reduce administrative access risk, and strengthen compliance postures.
The above acquisitions demonstrate the demand for cybersecurity and how larger players are investing in specialised firms, making this the most active mergers & acquisitions period in the industry. We, at SA, believe that while cybersecurity may have previously been considered one subset of Enterprise IT Operations, recent surge in instances of compromised security and the subsequent rise in investments to tackle these breaches, have brought the sector to the forefront for both enterprises as well as global investors.With the current pace of innovation in the technology ecosystem, building a new product or solution organically, not only takes time but there are inherent risks to achieving a strong product or service market fit while dealing with market-related and scale-related risks. A growing number of companies are awakening to realize that the best bet to avoid a data breach, is through the right level of investment. We continue to see significant investor interest in cybersecurity providers and specialists and expect the range of opportunities within the segment to grow significantly.
To share feedback on this blog or explore transaction opportunities for your firm with us, please write to us at [email protected].