M&A sets record pace as ransomware, nation-state threats fuel security demand
Attivo Networks Blogs

M&A sets record pace as ransomware, nation-state threats fuel security demand

Cybersecurity Dive Logo

An unprecedented surge in ransomware, software vulnerabilities and malign cyber activity against the private sector and critical infrastructure has led to a wave of private equity investment and merger activity in the cybersecurity industry. 

Information technology providers sought to create secure environments for clients. Enterprise customers also demanded end-to-end security solutions capable of hunting down sophisticated malware, detecting software vulnerabilities and protecting sensitive employee data. 

During the first quarter alone, the cybersecurity industry recorded 108 mergers and acquisitions, with a combined transaction volume of $29 billion, according to Progress Partners, a merchant bank with offices in Boston and New York. 

“Cybersecurity is a unique segment where technology must constantly evolve to combat new adversaries and attack methods,” Eric Bell, managing director at Progress Partners said via email. “It does not follow a typical technology maturity cycle.”

M&A activity in the sector is expected to hit a record pace for the second consecutive year, after reaching $70.4 billion in 2021, according to a market report from Progress Partners. 

Data on the cybersecurity market shows deep investor demand, with $5.4 billion raised across 249 transactions in the sector. 

Some of the nation’s top IT and cloud services providers drove much of the M&A activity. They have invested heavily in acquiring smaller rivals and investing in new capabilities for their internal security services, in part to protect the integrity of their software platforms and cloud services customers. 

Gaps to fill

Security acquisitions have been the focus of numerous companies in the IT space in recent months.

SentinelOne entered an agreement  in March to buy Attivo Networks in a deal valued at $616.5 million in cash and stock. The acquisition will combine Attivo Networks’ identity protection and response technology, which focuses on credential theft and lateral movement, with SentinelOne’s autonomous XDR platform. 

“I think the bigger issue these days is combining multiple solutions into security platforms can help customers,” said Peter Firstbrook, research VP at Gartner. “There is increasing demand from enterprise security buyers for consolidated products that are integrated and work well together.”

Firstbrook cites data showing 70% of enterprise security buyers are trying to consolidate the number of vendors and products they purchase. 

Venture capital investments in cloud security have accelerated in recent years, reaching $6.2 billion in 2021, compared with $2.6 billion in 2020, according to Gartner data. 

Cloud-native application protection platforms have emerged as a leading area of growth in terms of venture capital spending. The U.S. has 97 distinct cloud security firms, according to Gartner, however Israel and China lead the space with 25 and 12 cloud security firms respectively.

“Public companies buy innovative companies that fill gaps in their current offerings to [provide] innovative solutions,” Alberto Yepez, co-founder and managing director at Forgepoint Capital.

Customers are looking to add new security features to existing product suites, for example secure service edge (SSE) or XDR, according to Brendan Burke, senior emerging technology analyst at Pitchbook. 

“Recent customer-led waves of acquisition include secure software-defined wide area networking, XDR log ingestion and privileged access control of employee workstations,” Burke said. “Leading vendors compete to acquire the most outstanding technology assets in these categories and in some cases pay significant premiums to win.”

Read the full article by David Jones on Cybersecurity Dive.

Share on:

Free Active Directory Assessment

Get Visibility Into Privilege And Service Account Exposure

For a limited time, Attivo Networks is providing free Active Directory Security Assessments to demonstrate how ADAssessor provides unprecedented and continuous visibility to AD vulnerabilities.

Try Our Endpoint Detection Net (EDN) for Free


Free use offer of our Award-winning security solution to prevent attackers from lateral movement, credential theft, and privilege escalation, fast and easy.

ADSecure 90-Day Free Trial


  • Hide and deny access to AD objects
  • Get alerted on unauthorized queries
  • Attack details easily viewable in dashboard
  • Your data remains on-premise


Ready to find out what’s lurking in your network?

Scroll to Top