The year 2024 has been one of significant uncertainty in the business world, due to factors such as global economic turbulence, high-profile elections and rising geopolitical tensions.
This means merger and acquisition (M&A) activity, including in cybersecurity, faced a lot of headwinds, Stuart Pilgrim, Head of Cybersecurity M&A, KPMG UK, told Infosecurity.
Nevertheless, cybersecurity remains a highly fragmented marketplace that has many small businesses operating, meaning it is primed for greater consolidation.
“With elections in the US and UK having now taken place, we are seeing more signs of activity and expecting this to continue into 2025,” commented Pilgrim.
Key Drivers of M&A Activity in 2024
Despite the uncertain business environment, several high-value M&A deals were announced in 2024.
A major driver of such transactions is resurgent private equity activity in the cybersecurity market following a quieter 2023, according to Mark Smith, a Director at Houlihan Lokey’s Technology Group. This was highlighted by Thoma Bravo’s $5.3bn deal to purchase UK-based Darktrace in October 2024.
“This resurgence in private equity activity is fuelled by increased confidence, record levels of dry powder, and the perception of cybersecurity as a high-growth and resilient market,” Smith said.
Another driver of large deals in 2024 is the need for big cybersecurity firms to expand their capabilities, with organizations increasingly seeking broader product offerings, reducing the need for multiple vendors. Smith cited Sophos’ intended purchase of SecureWorks for $859m and CyberArk’s $1.5bn acquisition of Venafi as examples of this trend.
This demand means there has been a big focus on M&A’s involving companies with Managed Detection and Response (MDR) services and Security Operations Centers (SOCs), who can monitor, detect and respond to cyber-attacks on customers.
“Investors are keen to build pure-play cybersecurity platforms of scale,” said Smith.
Pilgrim concurred, noting: “As this is sold as-a-service it’s quite an attractive area for buyers and investors as it is recurring by nature, ensuring the contractual relationship with a customer is much more sticky and therefore people switch providers less frequently.”
Expected M&A Trends in 2025
Looking ahead to 2025, analysts expect cybersecurity M&A activity to continue to grow as big security firms further expand their capabilities.
Smith and Pilgrim predicted a particular focus from strategic acquirers on next-generation technologies and capabilities such as AI that can improve productivity and removing the burden of certain tasks, thereby helping alleviate the cyber skills gap.
Pilgrim noted: “We may see a push towards investing in AI and automation capabilities, particularly for businesses who are running a SOC.”
Top 5 M&A Deals in 2024
Numerous eye-watering M&A deals were announced or concluded in 2024, illustrating some of the trends identified above.
Here are the top five M&A transactions observed by Infosecurity in 2024 in order of financial value.
Cisco Completes Record $28bn Splunk Acquisition
On March 18, US tech giant Cisco completed on its $28bn acquisition of Splunk, a machine-data analytics platform provider whose products are widely used for managing cyber operations.
The deal was first announced in September, 2023, and represents the biggest in Cisco’s history. The firm conducted other M&A activity in 2024, including announcing its intent to purchase Robust Intelligence in August.
Thoma Bravo Buys Darktrace for $5.3bn
Private equity giant Thoma Bravo completed a $5.3bn all cash acquisition of Darktrace, a UK-based cybersecurity firm specializing in AI solutions, on October 1.
Thoma said the deal, announced in April, will enable it to support the continued growth of Darktrace as an independent business. It is one of many recent cybersecurity acquisitions made by Thoma, which has a particular focus on the enterprise software market.
Mastercard Reaches $2.65bn Deal to Buy Recorded Future
Card payment services giant Mastercard emphasized its commitment to cybersecurity by agreeing a $2.65bn deal acquire threat intelligence company Recorded Future from its owner Insight Partners on September 12.
Mastercard said Recorded Future’s real-time visibility into potential threats will complement the firm’s identity, fraud prevention, real-time decisioning and cybersecurity services.
Recorded Future will remain an independent company under the deal, which is expected to close by the first quarter of 2025.
CyberArk Acquires Venafi for $1.54bn
On October 1, identity and access management CyberArk completed its $1.54bn acquisition of Venafi from owner Thoma Bravo, after the deal was agreed in May 2024.
The transaction will see CyberArk and Venafi build end-to-end machine identity solutions across workloads, code, applications, IoT devices and containers. The purchase price encompassed approximately $1bn in cash and $540m in ordinary shares.
Permira Completes $1.3bn Majority Stake in BioCatch
Private equity firm Permira announced it had completed a majority stake in behavioral biometrics specialist BioCatch on September 9, at a $1.3bn valuation.
The transaction aims to help BioCatch accelerate the expansion of its digital fraud detection and financial crime prevention solutions. Permira highlighted the importance of behavioral biometric intelligence as a critical solution for combating AI-powered digital fraud as the key driver for this investment.
Conclusion
Cybersecurity continues to be a busy arena for M&A deals, despite the challenging economic environment. This has been demonstrated by numerous multi-billion dollar transactions that took place, highlighting how this industry is viewed as ripe for long-term investments.
The need for further consolidation in the sector, alongside a growing demand for cybersecurity companies to provide a holistic range of services, is set to drive further significant M&A activity in 2025. Here at Infosecurity we will continue to bring you all the major announcements in this space.