3 Reasons Cybersecurity Buyouts Are On the Rise

Attracting over $12B in venture capital funding and 10 times that amount in various high-profile buyouts and PIPE deals over the five years leading up to 2017, it is no secret that cybersecurity software has been a hot sector across capital markets. Among others, Bain Capital acquired and then sold BlueCoat to Symantec within 13 months, Thoma Bravo sold Tripwire and acquired Imprivata, and Dell completed the largest technology acquisition to date by acquiring EMC, with a large part of EMC’s portfolio consisting of information security solutions. Despite all of that activity, we believe there are three distinct reasons why the sector will garner even more interest from private investors in the near-term.


1. Continued Market Tailwinds

First and foremost, cybersecurity software providers continue to benefit from a variety of demand drivers that have rapidly made cybersecurity a major IT spending priority. In fact, in a recent Cowen IT spending survey, cybersecurity software was the third highest spending priority, only trailing networking and server infrastructure.1 Among others, four key reasons for the rise of cybersecurity spending are:

  • Accelerating cyber threat evolution – while cyber threats were evolving rather slowly in the pre-Millennium era — remember the Morris Worm in ’88 or the Melissa email virus in ’99? — cybersecurity professionals have had to deal with an increasing velocity of threat evolution over the last 10 years.
  • Proliferation of cyberattacks – at the same time, new types of attacks have emerged rapidly. While worms, viruses and malware are still around, APTs and key / certificate based attacks have complicated cybersecurity defense significantly.
  • Diversity of attackers – in addition to more attacks and different types of attacks, cybersecurity professionals have to defend their companies against attackers with varying degrees of sophistication, including script kiddies, individual hackers, malicious insiders, organized cybersecurity gangs, and state-sponsored APTs.
  • Coverage of high-profile breaches – from Target and Yahoo to the election systems of Arizona and Illinois and even Hillary Clinton’s recent presidential campaign, there has been widespread coverage of cybersecurity breaches and their catastrophic consequences, causing cybersecurity to become the most visible IT issue to non-IT executives and investors.


2. Cybersecurity Companies Have Become Cheaper

Both public and private company valuations have slipped to multiples that make them more attractive buyout targets. Though several cybersecurity targets still carry premium price tags, we have made the following observations over the past two years:

  • Lower valuations at Series A & Series B stages – as VC funds have realized the saturation of several market segments, early-stage valuations have come down significantly and allowed established firms to drive aggressive M&A strategies.
  • Poor stock price performance – Despite the most recent overall market uptick, RDWR, FEYE, FTNT, QLYS, PANW, RPD, IMPV, and CUDA were trading at an average discount of 43% off their two-year high, as of 03/09/2017.


3. Multiple Business Models and Technology Trends Allow for Attractive Investment Hypotheses

While the software sector overall has been a great hunting ground for buyout investors,
the cybersecurity space allows for an unparalleled abundance of investment hypotheses,

  • Performance improvement / turnaround plays – in particular, appliance-based companies that are poised to transition to cloud-based products will lead to short term performance improvement opportunities for investors, including sales force restructuring and channel strategy optimization, as well as a stable revenue model and higher margins post-transition.
  • Platform & carve-out plays – while there are several recent examples of Private Equity investors launching cybersecurity platforms (e.g., Clearlake buying LANDesk to merge with Heat Software), some cybersecurity companies had mixed results with similar attempts, particularly when combining product and services businesses. However, the latter provide potential carve-out opportunities for PE investors (e.g., FireEye / Mandiant).
  • Managed Security Service Providers (MSSPs) – representing yet another set of opportunities, MSSPs have some of the highest service margins, are often gateways for new innovative security technologies, and benefit from additional tailwinds in the form of an increasing shortage of cybersecurity professionals.



Despite favorable market dynamics, increasingly appealing valuations, and a variety of potential investment hypotheses, investing successfully in cybersecurity requires deep technological expertise. As is often the case with rapidly changing technology sectors, investors would be wise to look closely at not just existing offerings and markets, but also attempt to project market dynamics, technology trends, and purchasing behaviors. We expect the landscape to look very different in five years – well within most investment periods – and thus investors need to pay particular attention to, and project how, these dynamic factors will influence the market and the various value propositions relating to the investment opportunities.

Posted on April 5, 2017 in Insights, Software, Strategy Consulting, Technology Industry