The Cyber Security Investment Boom Continues

Despite big economic problems elsewhere, 2020 and 2021 were very good years for the cyber security industry, with 178 strategic merger and acquisition (M&A) deals in 2020, and 223 deals in the first three quarters of 2021 alone. 

Venture capital financing for cyber security firms has also been very high, resulting in a number of 'unicorns' - a company with an investment valuation of more than one billion dollars

According to Progress Partners’ Market Report: Cybersecurity Q1 2022, M&A activity leapt from $27.5 billion in 2020 to $70.4 billion in 2021 and by the end of the first quarter of 2022, it had reached almost $27 billion, on track to exceed previous years.

In the first quarter of 2022 has been remarkable for the high number of cyber security M&A transactions and right now deals are mostly being driven by large corporations in telecoms, aerospace and energy acquiring cyber security technology to strengthen their core operations. 

Larger firms are looking to expand their capabilities. 

  • Recorded Future’s recent acquisition of SecurityTrails is one example, adding attack surface monitoring technology to Recorded Future’s existing capabilities.

However,  the latest M&A figures suggest  a levelling  off for the full year 2022 and sources suggest that while M&A activity will continue, access to VC financing may become more difficult as investors respond to a number of risk factors: 

  • The COVID-induced work from home (WFH) and the new hybrid working paradigm have dramatically increased companies’ threat surfaces.
  • Governments worldwide are applying pressure through increased mandatory cyber security regulations.

While demand for cyber security products will remain high and the finance to support new and existing security companies is available, the pace of investment funding may slow over the next few months, due to these perceived risk factors.

The implication is that the money is still available, but that it will be harder for the new and unproven startups to access it because the investors are becoming more risk-averse.

Part of VC investors’ caution might  be because there has been too much money chasing a simple investment formula - buy private companies, to take them public and sell them to others - risking 'dumb deals'. The rest of 2022, activity is more likely to focus on M&A that consolidates proven technologies rather than betting heavily on new ones. Getting startup funding will become more difficult for the rest of 2022.

As new cyber security threats emerge, new companies with new technologies will be created to combat those threats. The fundamental growth in the sector will ensure that startups will be funded and incumbent players will continue to acquire fresh security technologies and talent via M&A. 

As things stand after Q1 2022, M&A activity will continue, but investment growth financing will be at a more cautious level. 

Progress Partners:   ARN      Forbes:    Security Week:    TechAdvisor:   Dark Reading:  

You Might Also Read: 

Software Industry Mergers and Acquisitions 2022:

 

« Special Measures To Deal With Quantum Technology
Some Apps Come Loaded With Malware »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

NATO Communications and Information Agency (NCIA)

NATO Communications and Information Agency (NCIA)

The NCIA Cyber Security Service Line is responsible for planning and executing all life cycle management activities for cyber security.

Global Forum on Cyber Expertise (GFCE)

Global Forum on Cyber Expertise (GFCE)

GFCE is a global platform for countries, international organizations and private companies to exchange best practices and expertise on cyber capacity building.

Computing Technology Industry Association (CompTIA)

Computing Technology Industry Association (CompTIA)

CompTIA is dedicated to advancing industry growth through its educational programs, market research, networking events, professional certifications, and public policy advocacy.

Antiy Labs

Antiy Labs

Antiy Labs is a vender of antivirus engine and solution, providing the best-in-breed antivirus engine and next generation antivirus services for confronting PC malware and mobile malware.

Red Snapper Recruitment

Red Snapper Recruitment

Red Snapper Recruitment is a market leading staffing services provider to the law enforcement, cyber security, offender supervision and regulatory services markets.

Area 1 Security

Area 1 Security

Area 1 is the only Pay-per-Phish solution in cyber security. And the only technology that blocks phishing attacks before they damage your business.

RKVST

RKVST

RKVST is a powerful tool that builds trust in multi-party processes when it’s critical to have high assurance in data for confident decisions.

Abertay cyberQuarter

Abertay cyberQuarter

The Abertay cyberQuarter is a cybersecurity research and development centre housed within Abertay University.

Trenton Systems

Trenton Systems

Trenton Systems are committed to providing high-performance computing solutions to customers running mission-critical applications in harsh settings worldwide and across various industries.

ISO WISH

ISO WISH

Take your Business to the Next Level with ISO Certification in UAE.

Neosoft

Neosoft

Néosoft is an independent digital transformation consulting group with expertise in Consulting & Agility, Cybersecurity, Data, DevOps, Infrastructure & Cloud and Software Engineering.

Reach Security

Reach Security

Reach is the first generative AI platform purpose-built to empower enterprise security teams. With Reach, organizations measure, manage, and improve their enterprise security posture at scale.

Defendis

Defendis

Defendis develops AI-powered cybersecurity solutions for Government Agencies, Banks, and Businesses, designed to helps them contain data leaks, minimise damage, and proactively hunt for new threats.

Prizsm Technologies

Prizsm Technologies

Prizsm is a computational storage capability that provides flexible, easy-to-use, resilient solutions for quantum-resistant, hyper-secure cloud storage and communications.

Mother Technologies

Mother Technologies

From Datacentre to Desktop, Mother Technologies has been delivering IT Support, Telecoms, Cybersecurity and Connectivity services to businesses across Scotland and beyond since 2002.

DarkHorse Security

DarkHorse Security

DarkHorse exists to make it easy and affordable for organizations to be able to identify their cybersecurity vulnerabilities.