Cybersecurity – will 2016 be the year of market consolidation?

Last week it was made public that the antivirus maker, Avast Software plans to acquire competitor AVG Technologies for $1.3 billion in cash. This is another in a series of M&A that are likely to change the face of the cybersecurity industry in the coming year.

A week ago CISCO announced it was buying Cloud security company Cloudlock for 300 million USD, and earlier in June security giant Symantec bought Bluecoat for approximately $4.65 billion.

Earlier this year, BlackBerry acquired Encription, IBM bought Resilient Systems, Infoblox bought IID and FireEye bought Invotas and iSIGHT Partners.

Research firm 415 figures show that the number of security acquisitions has increased by 41 percent in the past two years. According to 451 Research’s survey of technology investment bankers in December 2015, cybersecurity had displaced mobility as the area where M&A spending was expected to grow most over the next year, and at that time was expected to grow at a fast rate (a prediction which we can now confirm).

What are the reasons for this trend, is it going to stop, level or escalate and what are the implications on the market and customers?


While raising cash has been relatively easy in the last couple of years (with twelve security companies have raised more than $100 million each from venture capitalists, according to Dow Jones VentureSource), cashing in through IPO isn’t. Market sentiments (fueled by recent Brexit scare), and Dell Secureworks dismal IPO earlier this year signal companies to halt and not go public. Bluecoat was scheduled for an IPO but withdrew and sold itself to Symantec instead. It is not clearq exactly why this happened, but it surely had something to do with the negative sentiment and negative Cash flow.
in its IPO filing, Blue Coat reported a $232 million net loss on $598 million in revenue for the year ending 12 months ending April 30, 2016 (Much of that loss was due to recent acquisitions of Perspecsys and Elastica), so it’s clear the company was eager to tap into fresh money supply.
It’s owner Bain Capital, having purchased it just over a year ago for $2.4 billion, including around $900 million of equity, sensed that need and the negative market sentiment, pulled the IPO offer and opted to sell instead. Industry analyst add that the markets find it difficult to evaluate cybersecurity business potential and worth, but large companies with know –how of the industry and a large cash deposits (checkpoint, Symantec and CISCO to name a few) are better positioned to do so and often act to take smaller firm “off the table”.

Given this overwhelming headwind, it is no wonder that other companies in the industry are who were rumored to move towards an IPO now estimate an IPO isn’t realistic or desired in the next 24-36 months, so we’re likely to see others being bought by larger companies.


Cybersecurity is a segment of the global technology market, which is has been fueled by investment bodies which are in turn effected by the global markets. Should the volatility in the global market continue or worsen (e.g. more countries following the UK steps and exiting the European Union) we will see pressure from the investors to cash in and sell companies. Cash-starved companies advancing towards the end of their runway will have more motivation to sell (since raising cash is harder), which would coincide with buyers’ motivation to grab market share and buy “cheaply” -both in terms of overall deal price and the ability to pay in stocks instead of cash.

Other scenarios which can push companies to an M&A scenario is pressure from hedge funds – such as Imperva is experiencing at the moment.

In case markets level off we could see natural evolution where companies whose offering is synergetic decide to join forces and become a bigger force- such as Carbon Black and Bit9.

Market implications

The cybersecurity market is an extremely fragmented one, composed of dozens of sub-categories and technologies. Larger companies try to assemble a portfolio of solution to allow them to provide holistic solutions to their strategic customers. It makes sense for a behemoth like Symatec to buy Bluecoat since its technology complements theirs. It is also easier for established companies to maintain an innovative edge by buying mature technologies rather than developing these in-house. What this means for up and coming startups is that if they create a mature product offering quickly they face a much earlier exit point than was ever possible before. A company can use its first investments round to grow to a value 100-300 million US$ without having to raise additional rounds, grow to 1 billion before facing the same fate- the difference being the first option is quicker, easier and leaves more money in the founders (and early funders) pockets.

And for the customer?

Being a cybersecurity consumer is difficult- a large scale organization has to deal with 30 or more solutions from a dozen of vendors. CIO / CISO faces a never ending onslaught of phone calls and meetings from vendors and resellers trying to convince him to test and buy their product.
Consolidation (meaning fewer companies offering more wholesome solutions) would make life easier, simpler and save considerate hassle for the buyers. Post – purchase integration between products would also become easier and reduce load from the IT department.

However, there is a chance it will stagnate innovation and evolution (even today, large cybersecurity companies are generally considered less innovative than small ones), so the end result will be a failure to develop and deploy products which could mitigate evolving cyber threat.


Consolidation is without a doubt a prominent force in the cybersecurity industry this year. This trend is likely to continue or even intensify and it will affect the entire industry. We are hopeful that it will end up making customers’ lives easier and their organizations more secure as a result.

Tags: , , , , ,