The Cyber Security Investment Boom Continues

Despite big economic problems elsewhere, 2020 and 2021 were very good years for the cyber security industry, with 178 strategic merger and acquisition (M&A) deals in 2020, and 223 deals in the first three quarters of 2021 alone. 

Venture capital financing for cyber security firms has also been very high, resulting in a number of 'unicorns' - a company with an investment valuation of more than one billion dollars

According to Progress Partners’ Market Report: Cybersecurity Q1 2022, M&A activity leapt from $27.5 billion in 2020 to $70.4 billion in 2021 and by the end of the first quarter of 2022, it had reached almost $27 billion, on track to exceed previous years.

In the first quarter of 2022 has been remarkable for the high number of cyber security M&A transactions and right now deals are mostly being driven by large corporations in telecoms, aerospace and energy acquiring cyber security technology to strengthen their core operations. 

Larger firms are looking to expand their capabilities. 

  • Recorded Future’s recent acquisition of SecurityTrails is one example, adding attack surface monitoring technology to Recorded Future’s existing capabilities.

However,  the latest M&A figures suggest  a levelling  off for the full year 2022 and sources suggest that while M&A activity will continue, access to VC financing may become more difficult as investors respond to a number of risk factors: 

  • The COVID-induced work from home (WFH) and the new hybrid working paradigm have dramatically increased companies’ threat surfaces.
  • Governments worldwide are applying pressure through increased mandatory cyber security regulations.

While demand for cyber security products will remain high and the finance to support new and existing security companies is available, the pace of investment funding may slow over the next few months, due to these perceived risk factors.

The implication is that the money is still available, but that it will be harder for the new and unproven startups to access it because the investors are becoming more risk-averse.

Part of VC investors’ caution might  be because there has been too much money chasing a simple investment formula - buy private companies, to take them public and sell them to others - risking 'dumb deals'. The rest of 2022, activity is more likely to focus on M&A that consolidates proven technologies rather than betting heavily on new ones. Getting startup funding will become more difficult for the rest of 2022.

As new cyber security threats emerge, new companies with new technologies will be created to combat those threats. The fundamental growth in the sector will ensure that startups will be funded and incumbent players will continue to acquire fresh security technologies and talent via M&A. 

As things stand after Q1 2022, M&A activity will continue, but investment growth financing will be at a more cautious level. 

Progress Partners:   ARN      Forbes:    Security Week:    TechAdvisor:   Dark Reading:  

You Might Also Read: 

Software Industry Mergers and Acquisitions 2022:

 

« Special Measures To Deal With Quantum Technology
Some Apps Come Loaded With Malware »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

European Internet Forum (EIF)

European Internet Forum (EIF)

EIF’s mission is to help provide European political leadership for the political, economic and social challenges of the worldwide digital transformation.

IoTium

IoTium

Secure Cloud Managed Software Defined IoT Networks. IoTium simplifies establishing and managing secure network infrastructure for Industrial IoT.

FIRST Conference

FIRST Conference

Annual conference organised by the Forum of Incident Response and Security Teams (FIRST), a recognized global leader in computer incident response.

Cyber Security Capital (CS^)

Cyber Security Capital (CS^)

Cyber Security Capital is a consultancy helping to mobilise and empower individuals, corporate leaders and entrepreneurs in cyber security.

Clari5

Clari5

Clari5 redefines real-time, cross channel banking Enterprise Fraud Management using a central nervous system approach to fight financial crime.

Hysolate

Hysolate

Hysolate has transformed the endpoint, making it the secure and productive environment it was meant to be.

Tenzir

Tenzir

Tenzir's primary focus lies on network forensics: the systematic investigation of cyber attacks with big data analytics.

Smart Protection

Smart Protection

Smart Protection are experts in brand and trademark protection - we fight against counterfeits and unauthorized usages of brands with machine learning technology.

Sovereign Intelligence

Sovereign Intelligence

Sovereign Intelligence provides automated insight into the relative intensity of hidden Cyber, Brand, and Financial Risks to your company.

Templar Shield

Templar Shield

Templar Shield is a premier information security, risk and compliance technology professional services firm serving North America.

Cloud Range

Cloud Range

Cloud Range provides cybersecurity teams with access to the world's leading cyber range platform, eliminating the need to invest in costly cyber range infrastructure.

Magna5

Magna5

Magna5 is a managed IT service provider focusing in network and server monitoring, backup and disaster recovery, cybersecurity, help desk and SD-WAN.

Fibernet

Fibernet

Fibernet's innovative solutions in the fields of cybersecurity and fiber optics range from telecommunications infrastructure to small business cybersecurity.

Sentryc

Sentryc

Sentryc provides automated monitoring of brands on online marketplaces and social media making online brand protection processes faster, more clearly structured and more efficient.

Transatlantic Cyber Security Business Network

Transatlantic Cyber Security Business Network

The Transatlantic Cyber Security Business Network is a coalition of UK and US cyber security companies which facilitates collaboration to help address critical cyber security challenges.

ConductorOne

ConductorOne

ConductorOne is building the identity security platform for the modern workforce.