Despite a global economy still suffering from the aftereffects of the COVID-19 pandemic and this year’s war in Ukraine, financing in the cybersecurity market has remained strong. In Q3 2022, a total of 221 companies raised $3.3 billion, while 104 M&A deals had a disclosed value of $11.7 billion. 2022 is likely to set a new M&A record.
Strong areas of interest to investors included blockchain security, IAM, and privacy, while interest in DevSecOps and the need to embed security throughout the software development life cycle is growing.
Two very large deals were announced during Q3. On August 29, 2022, OpenText announced an agreement to purchase Micro Focus for a total of $6.7 billion. Thoma Bravo agreed to acquire Ping Identity for around $2.8 billion on August 3, 2022. Thoma Bravo also looked set to acquire Darktrace for $6.0 billion, but pulled out of the deal in early September.
The investment interest remains high despite cybersecurity stocks declining by 2.1% during Q3 (down 26.1%, year-to-date). Although the stocks declined, cybersecurity continued to outperform the broader tech industry, maintaining the trends from Q1 and Q2: high inflation, rising interest rates and fears of recession leading to market volatility.
Investment advisory firm Progress Partners believes there has been an overreaction to the market conditions. “While current conditions may put pressure on earnings in the short term,” comments Boston- and New York-based Progress Partners in its Q3 Cybersecurity Market Report (PDF), “we think the market has overcorrected to the downside and equities are trading a steep discount to their intrinsic valuations This is especially true in cybersecurity software in our opinion.”
The strength of the cybersecurity market is partly driven by continuing digital transformation. “Top executives seem to understand that digital transformation without cybersecurity is a recipe for disaster and are increasing, not decreasing, their cyber budgets.” As a result, the declining overall market performance is creating what Progress considers to be a ‘window of opportunity’ to buy cybersecurity stocks that offer a significant long-term earnings potential.
VC investments during Q3 were particularly strong in security operations and risk and compliance deals. Progress also notes a 16.1% growth over Q2 (to $246 million) in blockchain security. This, suggests the firm, indicates growing interest by investors in technologies focused on privacy, security and fraud prevention across the web3 ecosystem.
M&A activity has also remained strong, and if this continues as expected through Q4, 2022 will be another record-breaking year. Thoma Bravo again leads the way in headline breaking acquisitions, despite pulling out of the proposed Darktrace deal. “Ultimately,” says Progress, “Thoma Bravo and Darktrace couldn’t agree on terms amid ongoing controversy about its links to embattled British entrepreneur and founding investor, Mike Lynch, as well as analyst skepticism over its products and accounting.”
The report spotlights growing investment interest in DevSecOps. This is being driven by the White House executive order requiring software bills of materials (SBOMs) for software sold to the federal government. Progress expects a ripple effect across public and private sectors, reinforcing the importance of DevSecOps; and notes that “up and coming market leaders such as ShiftLeft , Aqua, Mend, and Contrast Security have raised more than $700M combined.”
Progress Partners was founded in 2002 as a full-service technology investment bank, with services including sell side/buy side M&A and capital raising. It has closed more than 100 transactions worth more than $10 billion.
SecurityWeek has also been tracking cybersecurity-related M&A transactions and can confirm that 2022 is likely to set a new record. To date in 2022, SecurityWeek has tracked nearly 400 deals, with a disclosed value of roughly $60 billion.