Mergers & Money: VC-Backed Cyber Companies Bought Up At Record Pace

Editor鈥檚 note: This is Mergers & Money, a monthly column by Senior Reporter Chris Metinko that covers dealmaking in the enterprise tech space.

Venture capital investors aren鈥檛 just putting a record amount of money into cybersecurity startups, they are also cashing in, as evidenced by an explosion of M&A deals in the space.

Subscribe to the 附近上门 Daily

The number of M&A deals for venture-backed cybersecurity companies in the first seven months of 2021 almost equals the total amount for all of last year, per 附近上门 data. This year has already seen 77 deals 鈥� while last year saw a record total of 80.

While the dealmaking numbers alone are impressive, a look at the deals themselves seem to show a breadth and depth of interest that indicate the current run cybersecurity is on may not stop any time soon.

Big money

On top of the record number of deals, the value has also skyrocketed. While terms of many deals involving VC-backed companies are not announced, the 16 deals in which terms were announced put $11.4 billion back in investors pockets. That amount already surpasses all of what was reported last year 鈥� $5.6 billion 鈥� and even in 2018, which saw large deals such as acquiring for $2.4 billion and buying just before it was set to go public for $1.4 billion.

This year鈥檚 largest deal happened in March, when bought Bellevue, Washington-based identity and access management platform in a $6.5 billion stock deal. Other notable deals include:

Private equity firm bought Washington, D.C.-based privileged access management company for $1.4 billion in March.
acquired Seattle-based network detection and response platform for $900,000 in June.
bought San Francisco-based digital threat management firm for $500,000. Just 10 days later, the Redmond, Washington-based giant would make another deal in cyber, acquiring Sunnyvale, California-based for an undisclosed amount 鈥� the company鈥檚 third cybersecurity deal this year.

Everything鈥檚 popular

Just as venture capital has flowed to a variety of subsectors of cybersecurity, M&A dealmaking has run the gamut too 鈥� from authentication to workload security, and threat intelligence to governance, risk management and compliance.

However, a dive into the numbers does seem to indicate a large appetite for identity management solutions, as well as cloud and network security offerings. Out of the 77 deals to date this year, 47 have involved those areas. That would seem to indicate heightened interest around security platforms that can help keep companies鈥� employees and networks safe in the new hybrid work environment the COVID-19 pandemic has brought.

Aside from the previously mentioned TPG and Microsoft deals, other large companies making acquisitions in the space of identity or cloud and network security this year include , and .

The other takeaway when looking at the deals is the variety of buyers in the space 鈥� which may explain the prices. It is not just strategic buyers in cybersecurity acquiring venture-backed companies, but also private equity firms like TPG, Bain, and . In addition, buyers outside of cybersecurity also are looking for solutions, like consulting giants and , and large tech players not exclusively associated with security such as and .

IPOs

On top of all the selling, venture investors also have used the public market slightly more this year to get liquidity back from earlier investments. Last year saw only two traditional IPOs in the security market, with Virginia-based company and British Columbia-based company going public. This year has already seen Florida-based , U.K.-based , and Mountain View, California-based all listing on major exchanges.

Others like Kirkland, Washington-based , San Francisco-based , Santa Clara, California-based , Sunnyvale, California-based and Atlanta-based also could eye the public market this year.

Take away

With five months still left in the year, not only should cybersecurity shatter venture capital fundings numbers, but M&A deal making should also set new records 鈥� and IPOs should see their best year since 2016 in the sector.

Those numbers likely should not come as a surprise, as ransomware attacks have surged this year and made headlines on a weekly basis 鈥� such as the Colonial Pipeline attack discovered in May. Just late last month, requiring operators of critical pipelines to upgrade their protection against cyberattacks. It was the second such directive since May.

Add on top of that the changing dynamics of the work world 鈥� with more people working from home and companies relying on the cloud to connect everyone 鈥� and it seems clear why everyone from venture capitalists to private equity and large strategics are betting big 鈥� and even bigger 鈥� on cybersecurity plays.

Methodology

Cybersecurity is defined by the industries of network security, cloud security, cybersecurity and identity management, as according to 附近上门 data.

Illustration:

Stay up to date with recent funding rounds, acquisitions, and more with the 附近上门 Daily.

附近上门