Connect with us

Hi, what are you looking for?



SecurityWeek Analysis: Over 210 Cybersecurity M&A Deals Announced in First Half of 2023

An analysis conducted by SecurityWeek shows that more than 210 cybersecurity-related mergers and acquisitions were announced in the first half of 2023.

Cybersecurity M&A analysis report 2023

SecurityWeek has cataloged 214 cybersecurity-related merger and acquisition (M&A) deals between January 1 and June 30, 2023. 

For comparison, there were 455 transactions announced in 2022, including 234 in the first half of the year. The most significant difference between the first half of 2022 and the first half of 2023 was in June — last year there was a surge in deals and this year there was a significant decrease, with less than two dozen announcements made. 

A majority of the deals announced in the first half of 2023 involved companies in the United States, which is not surprising considering that companies in the US are more likely to enter M&A deals as part of an expansion or exit strategy and are most likely to issue an English-language press release. 

The US has been followed by the UK for the past three years, and countries such as Canada, Germany and Australia are typically also in the top five. However, in H1 2023, Sweden surpassed Canada and Germany, rising to the fourth position, with a dozen cybersecurity M&As involving Swedish firms. 

In terms of regional figures, North America and Europe continue to lead, but the number of deals involving companies in Asia appears to be growing, with 26 transactions announced in the first half of 2023, compared to 29 deals announced throughout 2022. On the other hand, 42 acquisitions involved Asian companies in 2021, in large part due to Israeli firms, which are now again driving a surge in M&A deals in the region, alongside companies from India, UAE and Singapore. 

In the first half of 2023, financial details were available for 30 deals, for a total of $5.1 billion, significantly less than the $51.5 billion in disclosed deal value for 39 deals in the same period of last year. It’s also worth noting that the total disclosed deal value reached $63 billion by the end of 2022. 

The biggest deals involved private equity firms, including Thoma Bravo buying Magnet Forensics for $1.3 billion, Francisco Partners acquiring Sumo Logic for $1.7 billion, and Crosspoint Capital Partners acquiring Absolute Software for $870 million. 

In fact, private equity firms were involved in 20 of the M&As from the first half of 2023, more than the yearly total for 2022 or 2021. In a quarter of cases, investment companies acquired managed security services providers (MSSPs).

Of all the deals announced in H1 2023, 82 involved MSSPs. While the number is slightly higher compared to the 66 announced in the first half of 2022, the total number of MSSP acquisitions will remain roughly the same as last year if deals continue at this pace. 

​​SecurityWeek is tracking MSSP deals separately. While it’s important to keep track of these transactions as they play a significant role in the cybersecurity industry, we are currently tracking them separately in an effort to get a better view of the other categories. 

Advertisement. Scroll to continue reading.

Deals involving companies that offer governance, risk management and compliance (GRC) services are roughly the same as in H1 2022, and so are deals involving identity solutions providers. 

Diving deeper in the GRC category, we see risk management, assessment, and penetration testing stand out, with companies that offer these services being involved in more than 30 deals — roughly 10 deals for each category. 

We see a significant drop in acquisitions involving network security and data protection companies compared to H1 2022 and the entire 2022. Network security and data protection were the second and fourth most common M&A categories in 2022 and they dropped to the ninth and tenth positions, respectively, in H1 2023. 

The number of deals involving firms that offer security consulting services has increased, with 17 acquisitions announced in H1, more than double compared to the first half of 2022 and nearly as much as during the entire last year. 

Monthly summaries of cybersecurity H1 2023 M&A deals: January, February, March, April, May, June

Methodology: The data was collected through news distribution services, Google searches and pitches from PR companies. The data includes companies that issued press releases announcing or mentioning acquisitions, as well as deals that have been privately reported to SecurityWeek. All deals that had a cybersecurity component have been taken into account for this study. Mergers and acquisitions that did not have an English-language announcement may not be included. The data could also include some deals that may have not been completed after they were announced. 

The GRC category includes governance, compliance, risk management, audit, assessment, vulnerability management, penetration testing, attack surface management, and cyber insurance. Network security includes endpoint security, MDR, XDR, NDR, and SASE. Identity includes IAM, PAM, secure access, authentication, and authorization. Incident response includes SOAR, SIEM, SOC, and forensics. ‘Other (specialized)’ includes hardware, blockchain, quantum, payment, healthcare, PR, education, certification, design, workforce, communications, and automotive. Data protection includes encryption/cryptography, VPN, privacy and backup. MSSP includes cybersecurity solution distributors and companies that provide security services but do not develop their own products or solutions.

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment


Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Gain valuable insights from industry professionals who will help guide you through the intricacies of industrial cybersecurity.


Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.


Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Cybersecurity Funding

SecurityWeek investigates how political/economic conditions will affect venture capital funding for cybersecurity firms during 2023.

Cyber Insurance

Cyberinsurance and protection firm Boxx Insurance raises $14.4 million in a Series B funding round led by Zurich Insurance.

Cybersecurity Funding

2022 Cybersecurity Year in Review: Top news headlines and trends that impacted the security ecosystem

Cybersecurity Funding

Network security provider Corsa Security last week announced that it has raised $10 million from Roadmap Capital. To date, the company has raised $50...


Thirty-five cybersecurity-related M&A deals were announced in February 2023


Forty-one cybersecurity-related M&A deals were announced in March 2023.


Forty cybersecurity-related M&A deals were announced in January 2023.