2021 was a record year for the cybersecurity industry in terms of mergers and acquisitions, as well as funding activity, according to financial advisory firm Momentum Cyber.
Momentum’s 2022 Cybersecurity Almanac shows that total funding increased by 138% in 2021 compared to the previous year, from $12.4 billion to $29.3 billion in venture capital financing across more than 1,000 deals. This is almost as much as the investments announced in 2018-2020 combined ($30.3 billion).
There were 82 investments of more than $100 million and over 30 companies announced achieving unicorn status, with valuations exceeding $1 billion — far more than the six new unicorns from 2020. The list of 2021 unicorns includes Aqua, Axonius, Coalition, Contrast Security, Dragos, Expel, Feedzai, ID.me, Lacework, Noname Security, Orca, OwnBackup, Socure, and Wiz.
[ READ: What’s Behind the Surge in Cybersecurity Unicorns? ]
Notable exits announced in 2021 include XM Cyber (acquired by Schwarz Group), Guardicore (acquired by Akamai), Medigate (acquired by Claroty), Intsights (acquired by Rapid7) and Vdoo (acquired by JFrog).
As for M&A activity, Momentum saw 286 deals for a total volume of $77.5 billion, including 14 billion dollar-plus deals. In comparison, there were 178 M&A deals in 2020, totaling nearly $20 billion. The median disclosed deal value in 2021 was $119 million.
SecurityWeek has also conducted a study of the M&A activity reported in 2021 and we have identified more than 430 M&A deals (SecurityWeek uses a different methodology). Additional details are available in a report published this week.
According to Momentum, security consulting and MSSP companies ranked the highest in terms of M&A activity volume. When it comes to financing activity, risk and compliance is at the top, followed by data security, identity and access management, and network and infrastructure security.
Five cybersecurity companies announced IPOs in 2021, including KnowBe4, DarkTrace, SentinelOne, Riskified and Forgerock. IPOs raised, on average, $444 million, with an average revenue multiple of 28.2x.
“Last year I went on record predicting that 2021 would be the most profound year in Cybersecurity in our global history, and it was,” said Robert Herjavec, founder and CEO of Herjavec Group and Shark Tank star. “My prediction remains the same for 2022 as we are truly in a golden era of Cybersecurity.”
Related: SecurityWeek Study: Over 430 Cybersecurity Mergers & Acquisitions Announced in 2021

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.
More from Eduard Kovacs
- Intel Boasts Attack Surface Reduction With New 13th Gen Core vPro Platform
- Dole Says Employee Information Compromised in Ransomware Attack
- High-Severity Vulnerabilities Found in WellinTech Industrial Data Historian
- CISA Expands Cybersecurity Committee, Updates Baseline Security Goals
- Exploitation of 55 Zero-Day Vulnerabilities Came to Light in 2022: Mandiant
- Organizations Notified of Remotely Exploitable Vulnerabilities in Aveva HMI, SCADA Products
- Waterfall Security, TXOne Networks Launch New OT Security Appliances
- Hitachi Energy Blames Data Breach on Zero-Day as Ransomware Gang Threatens Firm
Latest News
- US Charges 20-Year-Old Head of Hacker Site BreachForums
- Tesla Hacked Twice at Pwn2Own Exploit Contest
- CISA Ships ‘Untitled Goose Tool’ to Hunt for Microsoft Azure Cloud Infections
- Critical WooCommerce Payments Vulnerability Leads to Site Takeover
- PoC Exploit Published for Just-Patched Veeam Data Backup Solution Flaw
- CISA Gets Proactive With New Pre-Ransomware Alerts
- Watch on Demand: Supply Chain & Third-Party Risk Summit Sessions
- TikTok CEO Grilled by Skeptical Lawmakers on Safety, Content
