CONFERENCE NOW LIVE: Threat Detection & Incident Response (TDIR) Summit - Join the Event In-Progress
Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Management & Strategy

New Public Company SCVX Formed to Acquire Cybersecurity Firms

World’s First Cybersecurity Special Purpose Acquisition Company (SPAC) to Build a New Cybersecurity Platform

World’s First Cybersecurity Special Purpose Acquisition Company (SPAC) to Build a New Cybersecurity Platform

Cybersecurity-focused venture capital firm Strategic Cyber Ventures (SCV) has announced the initial public offering (IPO) of SCVX — the world’s first cybersecurity-focused Special Purpose Acquisition Company (SPAC).

An SPAC is a financial vehicle designed to raise money for the purpose of acquiring an existing company (or in this case, companies). It is a publicly traded company formed from money raised through an IPO. Shareholders in the SPAC become shareholders in the acquired companies.

Cybersecurity SPAC: IPO rules cyberseccurity acquisitionsThe SCVX IPO has been priced at $200 million, and SCVX is now listed on the New York Stock Exchange. Credit-Suisse is the sole book-running manager, and will provide the prospectuses through which the offering is made.

SCVX now has 24 months to find an asset for purchase. When found, the potential purchase is taken to a share-holder vote. If approved, the asset purchase is acquired from the capital raised in the IPO. In theory, an asset could go from start-up with promise to a public company instantly. The first target, however, will be an existing company with proven pedigree that lies somewhere between venture capital investment and going public. It is worth noting, for example, that SCV’s existing portfolio of companies are all too early stage or Series A investments to be considered for purchase by the new SVCX.

The ability of the SPAC’s Board to find a new company or companies and recognize evolving trends is vital to the future of the company — and the SCVX line-up includes a recent director of national intelligence, the current CISO from the Bank of New York, a former Goldman Sachs managing director, and a former chief security scientist from the Bank of America.

SecurityWeek talked to Mike Doniger (SCVX CEO) and Hank Thomas (SCVX CTO) about the direction and purpose of the new SPAC. “Some SPACs,” Doniger explained, “are broad in nature, saying they will buy an industrial company or an energy company. We’ve taken a different approach, with the targeted purpose of buying a cybersecurity firm.”

The purpose goes beyond this. The team sees a problem in the cybersecurity market which it hopes to help solve. The market is fractured, with new startups with new ideas every week. There are too many niche vendors that address one or two threat vectors without scaling across all the threat vectors that need to be addressed; and the result is that larger enterprises can use up to a hundred different security products to defend their networks and data. This causes multiple problems: potential gaps between products; overlapping, costly and redundant security in some areas; and unnecessary cost in money and time to make best use of so many different products.

The business plan for many of the startups is simply to be acquired by existing large companies with existing security platforms. This helps control the overall spread of security vendors, but is not very efficient. New technology must be bolted on, or integrated into, older technology — and it is not always an easy fit. The need, suggests Doniger and Thomas, is for a new platform to absorb new ideas and cover a wider area of cybersecurity to reduce enterprise reliance on too many point products. Finding the new platform is the first task.

“We’ve got to the point where the current marketplace is madness,” commented Thomas. “Some sort of consolidation is going to occur. I see our SPAC as a vehicle to build a revolutionary platform for the cybersecurity industry. In the not-too-distant future I see the number of vendors in the CISO landscape going from 75 to 100 down to 25 to 30 with a couple of major platforms — one of which we intend to build through the SVCX SPAC vehicle. The timeline is this. First, we find our initial business combination, which is a platform security company already based on next-generation technologies that will allow it to be cloud native. Then, we inject it with the capital it needs to innovate and make additional acquisitions down the line. The new acquisitions will complement the core technology of the cornerstone platform we’ve chosen.” 

Advertisement. Scroll to continue reading.

“We are targeting companies that have achieved critical mass in the cybersecurity industry globally, with enterprise valuations in the range of $600 million to $1.5 billion,” Thomas commented in a LinkedIn post.

The theory is relatively simple. The best security solution is not to bolt new technology on to old, but to build a new integrated platform entirely using new technology. The SPAC will first find and acquire the cornerstone technology, and then that company will expand its offerings through the acquisition of new, small and innovative products.

The SCVX SPAC is a vehicle for bringing new finance to the marketplace so that a new solution can be found and developed. It would be impossible for a single platform to solve all security needs — identity and access management is entirely different to endpoint security. Nevertheless, said Thomas, if you consider a CISO might have a hundred parts to his security requirements, “we would like to build a cornerstone platform that starts out with managing 25% of the average CISO’s attackable surface, and then build on it from there.”

*Updated with additional comment from SCV’s Thomas

Related: Are Overlapping Security Tools Adversely Impacting Your Security Posture? 

Related: Wading Through Tool Overload and Redundancy? 

Related: Rate of Cybersecurity Venture Funding Not Sustainable, Investors Say 

Written By

Kevin Townsend is a Senior Contributor at SecurityWeek. He has been writing about high tech issues since before the birth of Microsoft. For the last 15 years he has specialized in information security; and has had many thousands of articles published in dozens of different magazines – from The Times and the Financial Times to current and long-gone computer magazines.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this event as we dive into threat hunting tools and frameworks, and explore value of threat intelligence data in the defender’s security stack.

Register

Learn how integrating BAS and Automated Penetration Testing empowers security teams to quickly identify and validate threats, enabling prompt response and remediation.

Register

People on the Move

Jeremy Koppen has left Mandiant after 13 years to become the CISO of Equifax.

Engineering and technology solutions provider Amentum has appointed Max Shier as its CISO.

PAM provider Keeper Security has appointed Shane Barney as its Chief Information Security Officer.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.