Cybersecurity 2024: A New Era of Investment Activity & Competitive Dynamics
The cybersecurity realm is on the cusp of a record-breaking and transformative year in 2024, driven by evolving competitive and investment dynamics alongside an increasingly aggressive pace for M&A activity. This trend of significant consolidation among cybersecurity titans is reshaping the competitive landscape and signaling a strategic quest for end-to-end, agile solutions in a complex digital world. With a keen eye on the growing demand for sophisticated, integrated security platforms, the industry is primed for a year of ambitious expansion and groundbreaking partnerships that will redefine cybersecurity’s future.
Key Highlights
- Record-Breaking Year Anticipated: The year 2024 is set to redefine the cybersecurity landscape with an aggressive M&A pace, marked by IBM’s $6.4 billion acquisition of HashiCorp and Wiz’s M&A-driven calculated domination, which indicates a burgeoning trend of strategic consolidations aiming to offer comprehensive cybersecurity solutions.
- Strategic Consolidations Over Financial Investment: Current M&A activities emphasize operational efficiency and market share expansion, reflecting a shift from financial investments to strategic consolidations, which are expected to continue as companies seek to bolster their platforms and service offerings.
- Competitive Landscape Reshaping: The significant M&A wave in cybersecurity, driven by giants like IBM, SentinelOne, and Wiz, is steering the industry towards sophisticated multi-cloud and AI-powered security, suggesting a move towards an integrated approach that promises optimized agility, observability, and enhanced risk management.
- Private Equity’s Transformative Role: Armed with significant dry powder and taking an increasingly active role in driving industry activity, PE has become an increasingly significant presence and influencer in industry dynamics. Their growing presence is setting the stage for a likely uptick in bolt-on acquisitions and platform consolidations, effectively becoming major influencers in the sector’s trajectory and accelerating consolidation among larger and more established cybersecurity enterprises.
- IPOs as a Release Valve: The anticipated IPOs of cybersecurity unicorns such as Snyk and Cato Networks could offer relief amidst the tightened exit market, setting a new standard for valuations and potentially accelerating the exit process, thereby alleviating LP and liquidity pressures and promoting a healthy cycle of capital formation and deployment.
Global Cybersecurity M&A Activity
The recent uptick in M&A in the cybersecurity sector underscores a growing consolidation trend as firms strive for a larger market share, operational efficiencies, and expanding their service offerings. Through quantitative analysis, it’s evident that the M&A activity in cybersecurity is becoming an increasingly strategic play rather than a purely financial investment.
The cybersecurity M&A landscape in 2024 is shaping up to be a watershed year, with IBM’s colossal $6.4 billion acquisition of HashiCorp illustrating the scale of transactions we’re witnessing. This single acquisition represents a staggering portion of the annual totals of 2021 and 2023, indicating not just an increase in the frequency of deals but a monumental rise in their value. The momentum garnered early in the year suggests a continued growth trajectory, with large industry players looking to consolidate platforms and expand service offerings.
This year’s surge in M&A activity is symptomatic of a strategic shift in the cybersecurity sector, with companies moving beyond incremental growth tactics to substantial consolidations. These consolidations reflect a race to achieve comprehensive solutions, streamline operations, and capture larger slices of the market amidst a backdrop of escalating cyber threats. As firms increasingly seek to gain competitive edges through technological synergies and expanded capabilities, we expect to see continued aggressive investment. This trend points to a maturation of the cybersecurity market where significant deals are no longer outliers but indicative of the new scale of ambition within the industry.
Notable Cybersecurity Industry M&A Activity
The cybersecurity sector is witnessing a consolidation wave, led by strategic acquisitions by industry giants and stalwarts as they seek to develop comprehensive, consolidated, and powerful centralized security platforms. These moves indicate a trend towards enhanced multi-cloud automation, identity access management, and AI-powered security, reshaping the cybersecurity industry. Companies are seeking to provide comprehensive solutions that address the increasing complexity of cloud-native environments and the rising demand for real-time, holistic security management across diverse IT landscapes. The overall trend underscores a drive towards integration and sophistication in cybersecurity services, focusing on agility, intelligence, and proactive risk management.
IBM Acquires HashiCorp (Apr-24, $6.4bn)
Investment Event Overview: IBM’s strategic acquisition of HashiCorp significantly enhances its multi-cloud automation offerings. This merger marks a continuation of HashiCorp’s journey, which began nearly twelve years ago, to advance cloud infrastructure management at scale. With IBM’s extensive reach and resources, HashiCorp’s mission to enable automation in a multi-cloud world is poised to impact a broader audience, promising accelerated innovation and expanded user and customer service.
Implications: The acquisition will allow HashiCorp to maintain its operational ethos while benefiting from IBM's scale and expertise. This move indicates a pivotal advancement in multi-cloud infrastructure and zero-trust security approaches. For IBM, incorporating HashiCorp’s suite of automation tools signifies a deeper commitment to multi-cloud strategies, aligning with modern enterprises’ needs for agile and secure cloud environments. The convergence of these entities is expected to deliver substantial advancements in cloud automation, addressing the complex challenges of cloud adoption and security. With a shared vision for the future of cloud infrastructure, this partnership is set to reshape the landscape of cloud services, empowering a growing community of practitioners and reinforcing a foundation for continued innovation and growth in the cloud sector.
BeyondTrust Acquires Entitle (Apr-24)
Investment Event Overview: BeyondTrust, a global leader in identity and access security, has taken a decisive step in redefining intelligent security solutions by acquiring Entitle. Entitle’s innovative approach to privilege management, which enables just-in-time access and modern identity governance, is particularly adept at navigating the complexities of cloud and hybrid environments. Integrating Entitle’s capabilities will bolster BeyondTrust’s ability to offer time-bound and need-based user access to sensitive data across a company’s cloud estate, a critical need in a landscape where zero-standing privileges are becoming the norm due to regulatory shifts and industry best practices.
Implications: The inclusion of Entitle’s pioneering technologies and its extensive partnerships into BeyondTrust’s portfolio marks a significant expansion in its Privilege Identity Security platform, moving beyond traditional PAM systems. By harnessing Entitle’s automated provisioning workflows and broad integrations, BeyondTrust can offer a more dynamic and comprehensive approach to access management that aligns with the zero-trust security models favored in today’s cloud-centric IT operations. This acquisition signifies BeyondTrust’s commitment to advancing identity-first security strategies that reduce operational complexities while enhancing overall system security. The union of these two entities is set to elevate the standards for managing privileges across IT environments, delivering an identity security solution that’s both agile and robust for modern enterprise needs.
Veracode Acquires Longbow (Apr-24)
Investment Event Overview: Veracode, standing at the forefront of application risk management, has taken a pivotal stride in consolidating its leadership position by acquiring Longbow Security, renowned for its security risk management solutions tailored for cloud-native environments. This acquisition heralds a new phase for Veracode, emphasizing its dedication to aiding organizations in navigating and mitigating application risks within an ever-expanding attack surface.
Implications: Incorporating Longbow’s innovative risk management tools into Veracode’s suite equips security teams with enhanced capabilities to swiftly identify application and cloud assets, assess threats with precision, and streamline remediation efforts through automated analysis. This union is a strategic response to the complexities introduced by cloud adoption and the increasing onus on developers for application security. The merger promises a transformative impact on the industry, offering a comprehensive and simplified solution for overtaxed security teams facing the dual challenge of visibility and alert fatigue. With Veracode and Longbow’s combined expertise, organizations gain a formidable ally in the quest for secure cloud applications, enabling them to better manage their security debt and adopt a more proactive stance in application risk management.
Zscaler Acquires Avalor (Mar-24, $35m)
Investment Event Overview: Zscaler, a titan in the security domain, has announced the strategic acquisition of Avalor, a move poised to revolutionize artificial intelligence within the cybersecurity industry. The acquisition aims to harness Zscaler’s vast security cloud to amplify the effectiveness of security-specific AI models, a crucial step forward in identifying vulnerabilities and proactively thwarting potential breaches.
Implications: Zscaler’s acquisition of Avalor, estimated to be valued between $250 million and $350 million, integrates Avalor’s Data Fabric for Security into Zscaler’s robust Zero Trust Exchange. This integration is anticipated to fortify Zscaler’s formidable platform, enabling customers to predict and pinpoint critical vulnerabilities more efficiently and enhance operational efficiencies. Avalor’s advanced data fabric technology, which consolidates and refines data from over 150 enterprise security and business systems, will empower Zscaler to offer a unified, AI-driven analytical and decision-making framework. The synergy between Zscaler’s cloud prowess and Avalor’s innovative data solutions positions the merged entity to potentially dominate the vulnerability management and data security markets, transforming how businesses fortify their cyber defenses in an increasingly complex digital landscape.
SentinelOne Acquires PingSafe (Jan-24)
Investment Event Overview: SentinelOne, a heavyweight in AI-driven security, has entered into a definitive agreement to acquire PingSafe, marking a significant advancement in cloud security. The merger of PingSafe’s pioneering CNAPP with SentinelOne’s existing cloud workload and data security capabilities promises a fully integrated platform. This platform aims to enhance security coverage, improve hygiene, and automate processes across customers’ entire cloud footprints.
Implications: The planned fusion of PingSafe’s CNAPP into SentinelOne’s Singularity™ Platform is poised to redefine the cloud security space. This strategic move allows businesses to consolidate their cloud security solutions into a singular, advanced AI-powered platform. It promises to streamline security operations, offering full-spectrum protection against endpoints, identities, and clouds threats. This integrated approach seeks to address the challenges of navigating multiple-point solutions and managing attack surfaces through disconnected data silos. Instead, companies can holistically manage their attack surface with real-time interaction and analytics, thus facilitating the detection and interruption of multi-stage attacks with a simplified, automated process. The acquisition propels SentinelOne’s cloud security evolution and underscores its commitment to transform security operations with AI at the forefront.
Company Profile Spotlight – Wiz
Wiz, a cybersecurity unicorn, has been relentless in its pursuit of cloud security domination. Less than five years old, the company has already secured its spot among the cybersecurity stalwarts, becoming the fastest SaaS company to reach a $10 billion valuation and tripling its ARR to $350 in less than two years.
Riding high on the tides of rapid success and explosive growth, Wiz has now set off on an acquisition spree, leveraging its financial position and a recently announced $1 billion Series E funding round that valued the company at a whopping $12 billion.
- Dec-23: Wiz acquires Raftt, a security provider for cloud-based application development frameworks. The acquisition will enable Wiz to provide developers with the tools to bridge development and operational security, providing a seamless transition of runtime environments to the cloud for testing and debugging.
- Mar-24: Wiz acquires Gem Security, a provider of an automated cloud security and visibility platform. By acquiring Gem, Wiz is poised to enhance its capabilities in automatically identifying, detecting, and remediating cloud visibility gaps and threats.
- Apr-24: Wiz signals intent to acquire Lacework, a unified cloud security and CNAPP provider. Although details are still coming to light, the acquisition will likely serve to bolster Wiz’s talent base, customer reach, and technological capabilities. Notably, the acquisition is rumored to carry a price tag of roughly $150-$200m – a far cry from the $8.3 billion valuation Lacework received in 2021 and a stark contrast to Wiz.
This isn’t just growth; it’s a calculated domination of the cloud security ecosystem by developing a holistic, consolidated, and comprehensive platform.
Cybersecurity Industry Private Market Dynamics
The Growing PE Cybersecurity Presence
In the early 2010s, strategic buyers dominated 94% of the cybersecurity M&A scene, but the period from 2020 to 2023 marked a significant shift, with PE firms outspending these buyers by a considerable margin. Additionally, PE firms have been accumulating record levels of dry powder, now armed with over $900 billion at their disposal. These dynamics have catapulted PE firms to a pivotal position in the cybersecurity sector, transforming them into principal buyers and sellers and, consequently, the primary drivers of industry activity. Their growing influence indicates a reshaped landscape where PE firms are likely to continue steering the direction of cybersecurity investment trends, likely leading to continued accretive bolt-on acquisitions and industry and platform consolidation.
Distribution & Exit Demand
The private market landscape has recently experienced a constrained exit environment, exerting pressure on liquidity and distribution for investors. The extravagance of 2021’s distribution rates, peaking at 33.9%, reversed sharply in 2022, plummeting by over 70% to $429.8 billion in 2023, resulting in the lowest distribution rates since the 2009 financial crisis. This downturn has extended into 2024, with exit values continuing to fall quarter over quarter, underscoring persistent volatility and a slow search for stabilization within the PE exit market. Despite the slowdown in exits, dealmaking persists, indicating that GPs are still capitalizing on opportunities, albeit with a growing backlog of investments nearing their exit timelines, potentially inflating holding periods further.
The industry’s dynamic has stretched the median holding period of US PE investments to a record 6.4 years, with the current exit activity remaining well below pre-pandemic averages and drastically lower than the peak activity in 2021. These conditions hint at the necessity for new liquidity solutions as PE-backed companies age and investment exits prolong. Coupled with the lowest 12-month distribution yield as a percentage of NAV for US VC investors, private market operators are facing growing pressures from LPs to execute on exit plans and generate meaningful liquidity.
The highly anticipated IPOs of several notable cybersecurity players, including unicorns Snyk and Cato Networks, come at a critical juncture for the cybersecurity sector, which has experienced a significant exit slowdown over the past two years. With numerous cybersecurity firms eyeing a return to or debut on public exchanges, we could see a revival in public listings and exit activity as investors seek to capitalize on liquidity opportunities. Such public offerings promise to ease LP and portfolio pressures and set a benchmark for valuations, activity, and investor appetite within the cybersecurity vertical. These IPOs could act as a catalyst for other firms considering public offerings, thereby accelerating the rate of exits and creating a ripple effect across the industry, which may assuage LP and liquidity pressures.
This shift could prove crucial, as successful public listings may provide the much-needed pressure release for the industry, unlocking capital formation cycles essential for sustained growth and innovation in cybersecurity. This can also feed into bolstering further M&A activity, further accelerating exit market, competitive, and industry dynamics.
Conclusion
As we move through 2024, the cybersecurity sector is experiencing a groundswell of M&A activity, suggesting a historic year shaped by strategic consolidations and investment dynamism. This year’s transactions, notably IBM’s acquisition of HashiCorp and Wiz’s acquisition spree, demonstrate an industry-wide push towards comprehensive cybersecurity solutions, merging technological prowess with market dominance. Private equity firms have emerged as key influencers, wielding their considerable capital to drive a surge in bolt-on acquisitions and platform consolidations. Amidst this bustling M&A activity, the revival of the IPO market offers a beacon for liquidity, promising to alleviate investor pressures and potentially sparking a domino effect of exits, further accelerating the industry’s transformation.
Looking for ways to navigate the cybersecurity landscape successfully? Contact our experts today to learn more about our research capabilities and how we can tailor a cybersecurity and SPM strategy that addresses your current challenges and anticipates future threats.