Key Trends in Cybersecurity Dealmaking
View original document from Pitchbook here.
Data provided by Lincoln International & Pitchbook
Cybersecurity is heating up
- The global cybersecurity market has grown from $4 billion in 2004 to over $120 billion in 2017.¹
- Gartner forecasts spending on information security alone to grow to $124 billion in 2019.²
- 2019 YTD saw 105 M&A transactions for $20.9 billion
- Globally, cybersecurity M&A has accounted for record proportions of information technology (IT) deal volume in 2018 and 2019 YTD hitting 5.4% and 5.5% respectively
- Dealmaking in cybersecurity is booming as a result, both in the US and globally – 2018 set a volume record for global cybersecurity M&A at 283 transactions for $49.7 billion
- Private equity activity has surged even faster than broader M&A. 117 deals closed in 2017 up from 80 in 2016.
The M&A cycle has been booming for several years. Both 2016 and 2018 handily eclipsed $4 trillion in aggregate deal value. Dealmaking in tech has been especially active, as consolidation in key segments such as semiconductors and blockbuster deals such as the Dell-EMC merger marked the industry’s evolution. However, one segment of tech in particular has stood out: cybersecurity.
As the tech industry transitioned to the cloud, enterprises worldwide grew conscious of potential vulnerabilities in their information security systems. Moreover, regulatory schema has slowly begun to grapple with the new realities of sophisticated cybercrime. In response, many companies are boosting research and development (R&D) spending as well as mergers and/or acquisitions, making cybersecurity one of the more dynamic environs across the IT M&A landscape.
Last year marked the first time cybersecurity’s proportion of global IT M&A volume eclipsed 5%, and the first half of 2019 has maintained that record proportion. Moreover, 7.2% of all global IT deal value has been concentrated in cybersecurity, the third-highest tally on record. Multiple segments of cybersecurity are rapidly growing, helping underpin the entire sector’s intense rate of M&A. For example, the managed security service provider (MSSP) market is expected to grow at an annual CAGR of 14.5% to $58 billion by 2024.³ Other key arenas of cybersecurity are just as active, from wireless security to IoT.
“It’s hard to see any diminution in corporate and PE investment in cybersecurity. The billions of interconnections that are being created by rapid cloud and IoT adoption are creating an inverse network effect in the world of cybersecurity – rather than increasing value, each additional user of the network increases the complexity and cost of securing the network. Everyone is running flat out just to keep up.” – William Bowmer, Managing Director & Co-Head of Lincoln’s Global TMT Group.
With significant growth rates spread uniformly across cybersecurity overall, robust appetite for exposure to growth should keep spurring the cybersecurity M&A cycle onward. Gradually swelling deal sizes could contribute to a leveling in M&A volume in the future. Although sample sizes are too small to assess cybersecurity alone, broader M&A deals have soared to a record high in both median and average by midyear—$58.5 million and $554.2 million, respectively. Such sky-high prices will likely slow the pace of dealmaking across all sectors, albeit unevenly. Cybersecurity may be relatively insulated given its healthy growth forecasts as well as the incentives of a key portion of dealmakers: PE firms. PE firms dialed up the pace of cybersecurity investing even faster than the broader market, notching 80 deals in 2016, 97 in 2017 and 117 just last year.
Moreover, a combined $23.9 billion has been spent on cybersecurity investments since the start of 2018. Part of PE’s proliferation into tech overall, financial sponsors’ focus on
cybersecurity assets aligns well with holistic portfolio considerations, as well as PE playbooks designed around consolidation. Armed with ample amounts of capital, as PE dry powder stands at record levels, PE funds’ ongoing activity in cybersecurity will also help keep the M&A cycle in cybersecurity humming for the foreseeable future.
Cybercrime is expected to cost trillions of dollars in IT spent globally within the next few years. Within this spotlight, Lincoln International pinpoints key factors shaping one fast-growing segment within cybersecurity: managed security service providers (MSSPs). As businesses realize how imperative cybersecurity is, outsourcing management of security systems is often viewed as an attractive alternative to developing in-house solutions, only further reinforcing the growth of the MSSP space.
“Significant IoT, OT (Operational Technology) and ICS (Industrial Control Systems) security attacks have heightened investors’ interest in the IT/OT security space. In recent years, a growing number of organisations have matured their security postures to address OT/IT convergence and have invested heavily in OT security technologies that enable visibility and control across both OT and IT.” – Chris Brooks, Managing Director, Global TMT Group
“The impact of Agile and DevOps on security has created new opportunities and new challenges among both enterprises and the software ecosystem supporting them. Strategic buyers and sponsors have increased their focus and priority on current trends such as intelligent automation, service orchestration and analytics.” – Roger Knight, Managing Director, Global TMT Group
- “Global Cybersecurity Spending Predicted to Exceed $1 Trillion form 2017-2021”, Cybersecurity Venturs’ 2019 Cybersecurity Market Report, ed. Steve Morgan, June 10, 2019
- “Managed Security Services Market is determined to Grow US $58 Billion by 2024,” Market Watch, February 19, 2019
- Global Managed Security Services Market By Verticals Analysis (BFSI, Telecom & IT, Government, Retail, Energy and Power, Healthcare, Industrial Manufacturing); By Service Analysis (Threat Management, Incident Management, Vulnerability Management, Compliance Management); By Deployment Analysis (On-premises, On-demand) and By Regional Analysis – Global Forecast by 2018-2024, “Market Research Engine, November 2018
- The global cybersecurity market has grown tremendously—from $4 billion in 2004 to more than $120 billion in 2017. The Managed Security Service Provider (MSSP) market is no exception—it is expected to grow at an annual CAGR of 14.5% to $58 billion by 2024.
- This analysis, developed in partnership with Pitchbook, outlines the technology landscape, and investment opportunities, inherent as organizations protect themselves from cybercrime.
- "It's hard to see any diminution in corporate and PE investment in cybersecurity. The billions interconnections that are being created by rapid cloud and IoT adoption are creating an inverse network effect in the world of cybersecurity." - Will Bowmer, Managing Director and Co-Head of Lincoln's Global TMT Group
Meet our Senior Team
I am inspired by working with entrepreneurs and innovators who feel passionately about what they are creating.
Managing DirectorSan Francisco
Education Technology: Investors Don’t Have to go Back to School to Find Success
Technology now permeates schools—both in the classroom and out—at every age, to enrich the learning experience and prepare students for the modern, digital world.
Human Capital Management: Implementing Technology to Make the Workplace Human Again
As organizations focus on attracting and retaining top talent, C-Suite executives turn to innovative and intelligent Human Capital Management (HCM) technology solutions to engage, optimize, improve and retain their workforce.
Education Technology & Services Market Update: Q2 2019
The top subsector stock performer in Q2 2019 was institutions / workforce solutions, up 2.0% quarter-over quarter
U.S.-China Tensions, Tariffs and Tightening Regulations
Tension and tariffs drives Chinese M&A activity to markets outside the U.S. Mounting tension between Washington, D.C. and Beijing are top of mind in the dealmaking climate. As tariffs continue to dominate […]