Forty-two cybersecurity-related merger and acquisition (M&A) deals were announced in April 2022.
A SecurityWeek study showed that more than 430 cybersecurity mergers and acquisitions were announced in 2021.
Airbus Defence and Space has acquired Germany-based DSI Datensicherheit (DSI DS), a company that specializes in cryptography for space applications. The acquisition will help Airbus strengthen its cryptography capabilities and enhance the development of end-to-end secure systems. DSI DS will be fully owned by Airbus and it will operate under the name Aerospace Data Security.
Airiam, a newly formed managed IT and cybersecurity services provider, has acquired IT and cybersecurity company Syntervision, as well as enterprise asset management and logistics software provider Transcendent. Airiam aims to provide managed IT and cybersecurity services to SMEs. All three companies are based in the United States.
Chip giant AMD has acquired Pensando Systems, a company that specializes in distributed computing for cloud, computer, networking, storage and security services. AMD is paying roughly $1.9 billion for Pensando. The Pensando team will join AMD’s Data Center Solutions and it will continue executing their product and technology roadmaps. When the acquisition was announced, Pensando customers such as Goldman Sachs, HPE, Microsoft and Oracle praised the company for its security services.
Ireland-based mobile and cloud security company CWSI has acquired Netherlands-based mobility and security firm BLAUD. BLAUD will become a wholly owned subsidiary of CWSI, helping the company’s European expansion in the cloud and mobile security market.
Brightstar Capital Partners company ERC is merging with Oasis Systems into ERC-Oasis. The goal is to scale and expand engineering, cybersecurity and technology consulting solutions for the aerospace and defense communities.
Cybersecurity and automation software firm HelpSystems has announced buying another company, Canada-based phishing simulation and security awareness training provider Terranova Security. The deal enables HelpSystems to expand its security suite with awareness training.
Imprivata, a provider of digital identity solutions for mission- and life-critical industries, has purchased SecureLink, which specializes in access management for critical systems. The combination of the two companies enables them to deliver a platform for organizations to manage and secure all enterprise and third-party identities.
Software product engineering services company Innominds has announced acquiring Nymi, a Canada-based firm that has developed a secure wearable that enables users to connect to their workplace using contactless and passwordless technology. Nymi will become a wholly owned subsidiary of Innominds and it will continue to operate independently.
Water infrastructure operations company Inframark has announced buying industrial automation solutions provider BLTI. BLTI will join Inframark’s SCADA division and it will operate as an autonomous business unit. BLTI and the combined SCADA division will provide automation and cybersecurity solutions to facilities in the water and wastewater industry.
Kaseya is acquiring Datto for $6.2 billion in cash as part of a transaction that will be funded by an equity consortium led by Insight Partners. Both Kaseya and Datto provide IT management and security to managed service providers (MSPs). Kaseya said it will continue to maintain Datto’s brand, products, and services following the deal.
Investment giant KKR has agreed to acquire email, web and network security solutions provider Barracuda Networks from private equity firm Thoma Bravo in a deal reportedly valued at nearly $4 billion. Thoma Bravo took Barracuda private in a $1.6 billion deal completed in February 2018.
Professional services giant KPMG has announced the acquisition of Canada-based cloud security company Fortica. The deal will help KPMG reinforce its cloud security presence in the Quebec region.
UK-based IT solutions distributor Nuvias Group has acquired Romania-based NetSafe Solutions, which specializes in the distribution of security, networking, wireless, MDM, storage and cloud security solutions. The deal helps Nuvias expand its portfolio and widen its coverage in Eastern Europe.
MSP/MSSP Omega Systems has merged with IT services provider ACE IT. The deal will help Omega expand its portfolio. In terms of cybersecurity, ACE IT provides risk management, auditing, penetration testing, and email security services.
Software development tools provider Perforce Software has acquired DevOps platform Puppet. Perforce said Puppet extends its portfolio with new capabilities that enable DevOps teams to manage and secure their critical infrastructure.
Swiss privacy solutions provider Proton has acquired France-based open source anonymous email service SimpleLogin. SimpleLogin, which becomes a complementary ProtonMail service, has been used by many ProtonMail users to prevent spammers from obtaining their email addresses. SimpleLogin will also continue to function as a separate service.
Industrial automation and networking company Red Lion Controls announced the acquisition of MB connect line, a German firm that specializes in secure remote access, industrial IoT, and industrial security services. The deal will enable Red Lion Controls to expand its secure remote access offering. MB connect line will continue to expand its portfolio of solutions.
MDR company SilverSky has completed the acquisition of Cybraics, whose AI/ML-based behavioral analytics technology will help it enhance its threat hunting capabilities. In addition, the deal will help SilverSky expand its customer base in the federal market.
England-based managed IT, cybersecurity and cloud hosting services provider SysGroup has acquired Scotland-based managed security services provider (MSSP) Truststream Security Solutions for up to £8 million (roughly $10.4 million). The deal helps SysGroup strengthen its presence in the UK and extend its reach into Scotland.
Private equity firm Thoma Bravo is acquiring identity and access management firm SailPoint in a $6.9 billion cash deal. SailPoint will become a private company following the acquisition.
Government contractor Two Six Technologies has announced the acquisition of River Loop Security, which specializes in cybersecurity and embedded systems. The acquisition helps Two Six enhance its cybersecurity capabilities.
Security policy management firm Tufin has agreed to be acquired by investment firm Turn/River Capital for approximately $570 million in cash. The deal value could spike higher, as the agreement includes a 30-day “go-shop” period in which Tufin can receive other acquisition proposals.
Managed services provider Wyntec has acquired security awareness training firm Layer 8 Security. Both companies are based in Australia. The acquisition will help Wyntec expand its cybersecurity offering.
ADACOM has acquired Netbull for €6.3 million ($6.6 million). Both companies are based in Greece and they both offer a wide range of managed cybersecurity services
Application security company Bright Security has acquired We Hack Purple, a company that specializes in application security, DevSecOps and cloud security training. We Hack Purple will continue its current operations as part of Bright Security. The acquisition was announced as Tanya Janca, founder of We Hack Purple, joined Bright Security as Director of Developer Relations & Community.
Managed IT, security, and cloud management services provider Coretelligent has acquired tech firm Chateaux, which, among others, also provides cybersecurity services. Coretelligent said Chateaux complements its own services and solutions, and the acquisition will enable it to expand its offering.
Managed IT services provider CTI Technology has purchased MacHero, a company that provides Apple-centric technology consulting and managed IT services to businesses. CTI said the deal will help it expand its managed services capabilities, particularly in cybersecurity.
Logging and security analytics company Devo has acquired threat hunting firm Kognos. The goal is to deliver an “autonomous SOC,” with Devo collecting data from the entire attack surface and feeding it into the Kognos AI engine.
Ireland-based KYC and client lifecycle management solutions provider Fenergo has acquired Netherlands-based Sentinels, which specializes in anti-money laundering (AML) transaction monitoring services. The deal will enable Fenergo to offer end-to-end client risk management and financial crime compliance services.
Bug bounty platform HackerOne announced the acquisition of code-review-as-a-service company PullRequest. HackerOne will use PullRequest technology and code reviewers to expand its offering.
Meriplex has bought the assets of Cyberian Technologies. Both companies provide managed IT and cybersecurity services. Meriplex is strategically acquiring managed services providers in an effort to become the leading MSP/MSSP in the United States.
Italian private equity firm Metrika Tech Fund has acquired a 70% stake in Abissi, an Italian cybersecurity company that provides threat intelligence, testing, application security, IoT security, forensics, and compliance services.
Rimstorm has acquired Elevative Networks. Both companies offer managed IT and cybersecurity services. The deal will help Rimstorm, which provides cybersecurity solutions to government contractors, expand its managed services portfolio.
Turkey-based industrial and financial conglomerate Sabanci Group has signed an agreement to acquire a majority stake in operational technology (OT) cybersecurity company Radiflow for $45 million. Sabanci Group is initially buying a 51% stake in Radiflow, and it plans on fully acquiring the company in 2025.
Norway-based identity solutions provider Signicat has announced buying UK-based Sphonic, which specializes in identity, fraud and AML orchestration technology. The deal helps Signicat expand its capabilities. In the short term, Sphonic will be a separate business entity, named “Sphonic, a Signicat company,” but the plan is to fully integrate it into Signicat.
Cybersecurity company Sophos has bought SOC.OS, a BAE Systems Digital Intelligence spinout that has developed a SaaS tool for automating alert triage for security operations centers (SOCs). Both companies are based in the UK. The deal will enable Sophos to expand its managed threat response (MTR) and extended detection and response (XDR) capabilities.
Electronic design automation powerhouse Synopsys is expanding its reach into the cybersecurity business with the acquisition of application security firm White Hat Security for $330 million in cash. The transaction will allow Synopsys to expand its portfolio and SaaS offerings.
Managed IT, cybersecurity and cloud hosting services provider SysGroup has acquired MSP/MSSP Orchard Computers. Both companies are based in the UK. The deal — the second announced by SysGroup in April 2022 — will help the company boost its service offering.
Tenable has announced plans to spend $45 million in cash to acquire attack surface management software startup Bit Discovery. Tenable will leverage Bit Discovery’s products across its entire portfolio – from enterprise vulnerability management (VM) to Nessus, from cloud to operational technology (OT) to identity.
Utimaco, a cybersecurity and compliance solutions provider with headquarters in Germany and the US, has acquired Celltick, a US-based company that specializes in public warning systems and cell broadcast-based products. The deal will enable Utimaco to expand its offering.
Private equity firm Vector Capital has announced acquiring a majority stake in network security company WatchGuard Technologies. Vector Capital becomes the majority shareholder after acquiring interests previously owned by Francisco Partners and other investors.
*content and headline updated on May 2 to add six deals