The cybersecurity market has seen a flurry of dealmaking activity in the past couple weeks. Startups are being acquired, preparing for IPO, or otherwise hunkering down for a possible economic downturn.
Steve Russell—Toronto Star via Getty Images
By Robert Hackett
June 8, 2019

A flurry of deal-making activity has struck the cybersecurity industry.

CrowdStrike is preparing for an imminent initial public offering that could value the company at $6 billion. Elastic, maker of a Splunk-like data trawling product, just snapped up Endgame, a CrowdStrike competitor, for a comparatively measly $234 million. Investment firm Insight Partners bought out a portfolio company, threat intelligence firm Recorded Future, for $780 million. And Cisco, Palo Alto Networks, FireEye, and Imperva have all made cybersecurity-oriented acquisitions over the past couple weeks.

What’s behind all this market consolidation? One possibility: fears of a coming recession.

Ron Gula, a cybersecurity investor and alumnus of the U.S. National Security Agency, tells Fortune that whispers of a possible downturn may be provoking people to plan for a drought. Venture capital firms use the circumstances to persuade startups to accept new fundraising, or to apply pressure on their investments to cash out. Entrepreneurs, eyeing a potential cliff on the horizon while also watching rivals get subsumed by acquirers, may find the time for an exit ripe. Peer pressure mounts: As more exits take place, “this can create a sense of urgency” among founders to follow suit, Gula says.

Five or so years ago the market for cybersecurity venture capital kicked off a boom, and companies funded during that era are now mature enough to exit. At the same time, there are more potential buyers across industries. Enrique Salem, a cybersecurity investor at Bain Capital Ventures and former CEO of Symantec, said he expects the spate of mergers and acquisitions to continue, especially as companies not traditionally thought of as cybersecurity firms look to bolster their offerings.”You’ll find lots of companies adding security capabilities to their portfolios,” he said. “They see the benefit of saying, We have lots of data, we’re gonna look to add security to that data.”

If there is a storm brewing, then some cybersecurity businesses may be better positioned to weather the winds than others. Sarah Guo, an investor at Greylock Partners, agrees that “there’s some preemptive concern about how weaker or less strategic companies will progress when such a long bull market inevitably changes.”

“There is a bit of a scramble to get premium assets,” Guo says. “One driving factor could be the strong tech market right now is giving acquirers the multiple (and therefore the ammo) to make big acquisitions.” In other words, there’s pressure from above, among acquirers, to use-it-while-you’ve-got-it.

What do cybersecurity executives think about this? Tom Turner, CEO of BitSight, told me at a dinner he hosted this week that he is not overly concerned about the onset of a winter. While the cybersecurity industry periodically contracts, “the consolidation is rarely as widespread as forecast,” he said. Besides, when competitors exit, that creates opportunities to hire talent that then re-enters the market.

No one knows exactly when a pullback may come, but the smart money is making moves in preparation. As the clouds gather, we must look to those with sunny dispositions to pierce the gloom.


By the way, I would like to put out a call for nominations for Fortune’s Change The World list, which recognizes companies that do well by doing good. This is not a list that honors corporations for philanthropy. Rather, it aims to spotlight corporations that have baked social good into fundamental parts of their business, using the power of profit motives to fix global problems. (Think Merck investing in Ebola vaccines.) Do shoot me a note if you have any recommendations.

Robert Hackett


Welcome to the Cyber Saturday edition of Data Sheet, Fortune’s daily tech newsletter. Fortune reporter Robert Hackett here. You may reach Robert Hackett via Twitter, Cryptocat, Jabber (see OTR fingerprint on my, PGP encrypted email (see public key on my, Wickr, Signal, or however you (securely) prefer. Feedback welcome.


You May Like