Global markets have suffered following the first Covid-19 pandemic and the Russian invasion of Ukraine – but sales of cybersecurity software have remained strong. VC investment in cybersecurity has adapted to the world economy rather than stalled.
Progress Partner’s Market Report: Cybersecurity Q2 2022 (PDF) points out that VC and PE investment has remained flat at $5.4 billion (across fewer deals), M&A activity has been strong with 118 deals worth nearly $89 billion. This could be distorted by the Broadcom acquisition of VMWare for $69.2 billion ($61 billion in cash and stock, along with $8 billion assumption of debt).
Technology in general has suffered in the current economy, with (says the report), “barren IPO markets, weak post-IPO performance, rising interest rates, and ongoing global supply chain issues.” But not the cybersecurity software market. “Cyberattacks are on the rise, cybersecurity companies must continuously innovate, and investors/buyers will continue to invest in cybersecurity as new addressable markets emerge and opportunities arise.”
The combined effect of these somewhat conflicting pressures leads Progress to predict continued, if fluctuating, cybersecurity investment and M&A activity for the rest of 2022. However, while investment will continue, it doesn’t mean that the overall market is thriving – revenue multiples for cybersecurity stocks hit a two-year low.
“With midterm elections in November, continued rate hikes, and no near-term solution to supply chain challenges on the horizon, we anticipate continued market volatility for the remainder of the year,” warns Progress.
Investment has remained flat in Q2, with the total invested ($5.4 billion) almost the same as that for Q1. This puts the potential total for 2022 at slightly less than that for 2021 ($25.6 billion), but already close to the total for 2020 ($11.1 billion).
Some cybersecurity sectors are currently performing better than others. Application security garnered 12% of the investment funds, data protection came second with 8%, and threat and vulnerability management accrued 7%.
M&A activity has remained strong. Despite the macroeconomics, finance firms have more than a trillion dollars of ‘dry powder’ that they must put somewhere. In many cases, merging two proven companies is considered less a risk than betting on the future of a possibly unproven young firm. This is typified by the acquisition of VMWare by Broadcom for $69.2 billion, and Progress expects the M&A market to remain strong for 2022.
One new area that Progress is monitoring is quantum computing. It notes that state investment is very different across the world, with China and the EU having announced funding of $22 billion for their quantum programs. Far behind is the US ($1.3 billion) and the UK ($!.2 billion). Private investment in quantum computing expanded after 2017, and includes a $1.5 billion Series D round raised by SandboxAQ (spun out of Alphabet and led by former Google CEO Eric Schmidt) in March 2020.
Surprisingly slow, however, has been investment in post quantum cryptography, despite the urgency apparent from NIST’s rapid progress in its post quantum cryptography competition. “Given the newfound interest in the space, government directives and high-profile investments in quantum computing, we anticipate investor interest and funding into companies focusing on cryptographic and encryption use cases will grow in the coming years,” notes Progress.
Related: Over 230 Cybersecurity M&A Deals Announced in First Half of 2022
Related: Cybersecurity M&A Activity to Continue; Growth Funding to be More Conservative
Related: How a VC Chooses Which Cybersecurity Startups to Fund in Challenging Times
Related: QuSecure Scores Post-Quantum Cybersecurity Contract Worth More Than $100M Annually

Kevin Townsend is a Senior Contributor at SecurityWeek. He has been writing about high tech issues since before the birth of Microsoft. For the last 15 years he has specialized in information security; and has had many thousands of articles published in dozens of different magazines – from The Times and the Financial Times to current and long-gone computer magazines.
More from Kevin Townsend
- Sysdig Introduces CNAPP With Realtime CDR
- OWASP’s 2023 API Security Top 10 Refines View of API Risks
- Zoom Expands Privacy Options for European Customers
- SBOMs – Software Supply Chain Security’s Future or Fantasy?
- Threat Actor Abuses SuperMailer for Large-scale Phishing Campaign
- Quantum Decryption Brought Closer by Topological Qubits
- IBM Delivers Roadmap for Transition to Quantum-safe Cryptography
- CISO Conversations: HP and Dell CISOs Discuss the Role of the Multi-National Security Chief
Latest News
- Sysdig Introduces CNAPP With Realtime CDR
- Stay Focused on What’s Important
- VMware Plugs Critical Flaws in Network Monitoring Product
- Hackers Issue ‘Ultimatum’ Over Payroll Data Breach
- US, Israel Provide Guidance on Securing Remote Access Software
- OWASP’s 2023 API Security Top 10 Refines View of API Risks
- Android’s June 2023 Security Update Patches Exploited Arm GPU Vulnerability
- ChatGPT Hallucinations Can Be Exploited to Distribute Malicious Code Packages
