Key Trends in Cybersecurity Dealmaking

Jul 2019

View original document from Pitchbook here.                                                                       

Data provided by Lincoln International & Pitchbook

Cybersecurity is heating up

  • The global cybersecurity market has grown from $4 billion in 2004 to over $120 billion in 2017.¹
  • Gartner forecasts spending on information security alone to grow to $124 billion in 2019.²
  • 2019 YTD saw 105 M&A transactions for $20.9 billion
  • Globally, cybersecurity M&A has accounted for record proportions of information technology (IT) deal volume in 2018 and 2019 YTD hitting 5.4% and 5.5% respectively
  • Dealmaking in cybersecurity is booming as a result, both in the US and globally – 2018 set a volume record for global cybersecurity M&A at 283 transactions for $49.7 billion
  • Private equity activity has surged even faster than broader M&A. 117 deals closed in 2017 up from 80 in 2016.

Dealmaking landscape

The M&A cycle has been booming for several years. Both 2016 and 2018 handily eclipsed $4 trillion in aggregate deal value. Dealmaking in tech has been especially active, as consolidation in key segments such as semiconductors and blockbuster deals such as the Dell-EMC merger marked the industry’s evolution. However, one segment of tech in particular has stood out: cybersecurity.

As the tech industry transitioned to the cloud, enterprises worldwide grew conscious of potential vulnerabilities in their information security systems. Moreover, regulatory schema has slowly begun to grapple with the new realities of sophisticated cybercrime. In response, many companies are boosting research and development (R&D) spending as well as mergers and/or acquisitions, making cybersecurity one of the more dynamic environs across the IT M&A landscape.

Last year marked the first time cybersecurity’s proportion of global IT M&A volume eclipsed 5%, and the first half of 2019 has maintained that record proportion. Moreover, 7.2% of all global IT deal value has been concentrated in cybersecurity, the third-highest tally on record. Multiple segments of cybersecurity are rapidly growing, helping underpin the entire sector’s intense rate of M&A. For example, the managed security service provider (MSSP) market is expected to grow at an annual CAGR of 14.5% to $58 billion by 2024.³ Other key arenas of cybersecurity are just as active, from wireless security to IoT.

“It’s hard to see any diminution in corporate and PE investment in cybersecurity. The billions of interconnections that are being created by rapid cloud and IoT adoption are creating an inverse network effect in the world of cybersecurity – rather than increasing value, each additional user of the network increases the complexity and cost of securing the network. Everyone is running flat out just to keep up.” – William Bowmer, Managing Director & Co-Head of Lincoln’s Global TMT Group.

With significant growth rates spread uniformly across cybersecurity overall, robust appetite for exposure to growth should keep spurring the cybersecurity M&A cycle onward. Gradually swelling deal sizes could contribute to a leveling in M&A volume in the future. Although sample sizes are too small to assess cybersecurity alone, broader M&A deals have soared to a record high in both median and average by midyear—$58.5 million and $554.2 million, respectively. Such sky-high prices will likely slow the pace of dealmaking across all sectors, albeit unevenly. Cybersecurity may be relatively insulated given its healthy growth forecasts as well as the incentives of a key portion of dealmakers: PE firms. PE firms dialed up the pace of cybersecurity investing even faster than the broader market, notching 80 deals in 2016, 97 in 2017 and 117 just last year.

Moreover, a combined $23.9 billion has been spent on cybersecurity investments since the start of 2018. Part of PE’s proliferation into tech overall, financial sponsors’ focus on
cybersecurity assets aligns well with holistic portfolio considerations, as well as PE playbooks designed around consolidation. Armed with ample amounts of capital, as PE dry powder stands at record levels, PE funds’ ongoing activity in cybersecurity will also help keep the M&A cycle in cybersecurity humming for the foreseeable future.


Cybercrime is expected to cost trillions of dollars in IT spent globally within the next few years. Within this spotlight, Lincoln International pinpoints key factors shaping one fast-growing segment within cybersecurity: managed security service providers (MSSPs). As businesses realize how imperative cybersecurity is, outsourcing management of security systems is often viewed as an attractive alternative to developing in-house solutions, only further reinforcing the growth of the MSSP space.

Growth Drivers For Software Security

“Significant IoT, OT (Operational Technology) and ICS (Industrial Control Systems) security attacks have heightened investors’ interest in the IT/OT security space. In recent years, a growing number of organisations have matured their security postures to address OT/IT convergence and have invested heavily in OT security technologies that enable visibility and control across both OT and IT.” – Chris Brooks, Managing Director, Global TMT Group

MSSPs Positioned For Success

“The impact of Agile and DevOps on security has created new opportunities and new challenges among both enterprises and the software ecosystem supporting them. Strategic buyers and sponsors have increased their focus and priority on current trends such as intelligent automation, service orchestration and analytics.” – Roger Knight, Managing Director, Global TMT Group

  1. “Global Cybersecurity Spending Predicted to Exceed $1 Trillion form 2017-2021”, Cybersecurity Venturs’ 2019 Cybersecurity Market Report, ed. Steve Morgan, June 10, 2019
  2. Ibid
  3. “Managed Security Services Market is determined to Grow US $58 Billion by 2024,” Market Watch, February 19, 2019
  4. Global Managed Security Services Market By Verticals Analysis (BFSI, Telecom & IT, Government, Retail, Energy and Power, Healthcare, Industrial Manufacturing); By Service Analysis (Threat Management, Incident Management, Vulnerability Management, Compliance Management); By Deployment Analysis (On-premises, On-demand) and By Regional Analysis – Global Forecast by 2018-2024, “Market Research Engine, November 2018


  • The global cybersecurity market has grown tremendously—from $4 billion in 2004 to more than $120 billion in 2017. The Managed Security Service Provider (MSSP) market is no exception—it is expected to grow at an annual CAGR of 14.5% to $58 billion by 2024.

  • This analysis, developed in partnership with Pitchbook, outlines the technology landscape, and investment opportunities, inherent as organizations protect themselves from cybercrime.
  • "It's hard to see any diminution in corporate and PE investment in cybersecurity. The billions interconnections that are being created by rapid cloud and IoT adoption are creating an inverse network effect in the world of cybersecurity." - Will Bowmer, Managing Director and Co-Head of Lincoln's Global TMT Group
  • Click here to download a printable version of this perspective.
  • Sign up to receive Lincoln's perspectives


Meet our Senior Team in Technology, Media & Telecom

Related Perspectives

Whither Cybersecurity Deal Activity in 2023?

Don More, Managing Director in Lincoln International’s Technology, Media & Telecom Group, recently attended Evolution Equity Partners’ Annual Investor Day in New York to discuss the capital markets and cybersecurity… Read More

2022 Global Results

In 2022, Lincoln International continued to design and deliver meaningful solutions and outcomes for clients around the world. Our shared ambition for results achieved through collaboration, thoughtfulness and tailored approaches… Read More

Lincoln International Announces Managing Director Promotions 2022

Lincoln International, a global investment banking advisory firm, is pleased to announce the promotion of six Directors to Managing Director (MD), effective January 1, 2023. “Each of these individuals contributes… Read More

Cybersecurity Report: Q3 2022

Q3 2022 cyber mergers and acquisitions (M&A) continue to demonstrate relative buoyancy. Year-to-date (YTD) Q3 2022 cybersecurity M&A volume of $25 billion, while a decline compared to 2021’s record of $49… Read More