The Cyber Security Investment Boom Continues

Despite big economic problems elsewhere, 2020 and 2021 were very good years for the cyber security industry, with 178 strategic merger and acquisition (M&A) deals in 2020, and 223 deals in the first three quarters of 2021 alone. 

Venture capital financing for cyber security firms has also been very high, resulting in a number of 'unicorns' - a company with an investment valuation of more than one billion dollars

According to Progress Partners’ Market Report: Cybersecurity Q1 2022, M&A activity leapt from $27.5 billion in 2020 to $70.4 billion in 2021 and by the end of the first quarter of 2022, it had reached almost $27 billion, on track to exceed previous years.

In the first quarter of 2022 has been remarkable for the high number of cyber security M&A transactions and right now deals are mostly being driven by large corporations in telecoms, aerospace and energy acquiring cyber security technology to strengthen their core operations. 

Larger firms are looking to expand their capabilities. 

  • Recorded Future’s recent acquisition of SecurityTrails is one example, adding attack surface monitoring technology to Recorded Future’s existing capabilities.

However,  the latest M&A figures suggest  a levelling  off for the full year 2022 and sources suggest that while M&A activity will continue, access to VC financing may become more difficult as investors respond to a number of risk factors: 

  • The COVID-induced work from home (WFH) and the new hybrid working paradigm have dramatically increased companies’ threat surfaces.
  • Governments worldwide are applying pressure through increased mandatory cyber security regulations.

While demand for cyber security products will remain high and the finance to support new and existing security companies is available, the pace of investment funding may slow over the next few months, due to these perceived risk factors.

The implication is that the money is still available, but that it will be harder for the new and unproven startups to access it because the investors are becoming more risk-averse.

Part of VC investors’ caution might  be because there has been too much money chasing a simple investment formula - buy private companies, to take them public and sell them to others - risking 'dumb deals'. The rest of 2022, activity is more likely to focus on M&A that consolidates proven technologies rather than betting heavily on new ones. Getting startup funding will become more difficult for the rest of 2022.

As new cyber security threats emerge, new companies with new technologies will be created to combat those threats. The fundamental growth in the sector will ensure that startups will be funded and incumbent players will continue to acquire fresh security technologies and talent via M&A. 

As things stand after Q1 2022, M&A activity will continue, but investment growth financing will be at a more cautious level. 

Progress Partners:   ARN      Forbes:    Security Week:    TechAdvisor:   Dark Reading:  

You Might Also Read: 

Software Industry Mergers and Acquisitions 2022:

 

« Special Measures To Deal With Quantum Technology
Some Apps Come Loaded With Malware »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

ECSC Group

ECSC Group

ECSC is a full-service information security provider, specialising in 24/7/365 security breach detection and Artificial Intelligence (AI).

Advenica

Advenica

Advenica develops, manufactures and sells innovative cybersecurity solutions for encryption and secure information exchange.

APrivacy

APrivacy

APrivacy provides information and communication security products for the financial services industry.

itWatch

itWatch

itWatch is focused on data loss prevention (DLP), endpoint security, mobile security, encryption, and cost reducing solutions for IT operations.

Sequitur Labs

Sequitur Labs

Sequitur Labs is developing seminal technologies and solutions to secure and manage connected devices of today and in the future.

Digittrade

Digittrade

Digittrade develop and produce external encrypted hard disks and secure communications apps.

RhodeCode

RhodeCode

RhodeCode is an open source repository management platform. It provides unified security and team collaboration across Git, Subversion, and Mercurial.

SuperCom

SuperCom

SuperCom are a global secure solutions integrator and technology provider for governments and other consumers facing organizations around the world.

XioGuard

XioGuard

XioGuard is a managed security service for 360-degree cybersecurity coverage, protecting the entire attack surface, increasing performance, reducing cost, and simplifying operations.

US Digital Corps

US Digital Corps

The U.S. Digital Corps is a new two-year fellowship for early-career technologists where you will work every day to make a difference in critical impact areas including cybersecurity.

Cyber Resilience Centre for Wales (WCRC)

Cyber Resilience Centre for Wales (WCRC)

The Cyber Resilience Centre for Wales (WCRC) is part of the national roll out of Cyber Resilience Centres in the UK which began in 2019.

Dawgen Global

Dawgen Global

Dawgen Global is an integrated multidisciplinary professional service firm in the Caribbean Region providing a range of services including Risk Management and Information Systems Assurance.

SoftwareONE

SoftwareONE

SoftwareONE is a leading global provider of end-to-end software and cloud technology solutions.

Verizon

Verizon

Verizon is a leader in IT technology solutions - Verizon Cloud, Networking, Security, Mobility, Machine-to-Machine (M2M), Advanced Communications and Professional Services.

Privasee

Privasee

Make GDPR compliance simple with Privasee. Our software makes it easy to protect your data and ensure you’re compliant with the new regulations.

Twinstate Technologies

Twinstate Technologies

Twinstate Technologies specializes in cybersecurity, proactive IT, and hosted and on-premise voice solutions.