10 Standout Security M&A Deals from Q1 2020
The first quarter of 2020 brought investments in enterprise IoT and endpoint security, as well as billion-dollar investments from private equity firms.
![](https://eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blt4d52216aec152c6b/64f0d36d331d04ebff792752/2020AcquisitionsQ1Intro.jpg?width=700&auto=webp&quality=80&disable=upscale)
Mergers and acquisitions were constant in the cybersecurity industry from the first half of 2019 into the second, and this strong pattern of activity continued into the first quarter of 2020.
It's only mid-April, but the industry has already seen plenty of acquisitions, with many in the billion-dollar range. Larger security businesses are broadening their product portfolios with new technologies, as several private equity firms continue to make large investments in security companies – a key trend we noticed in the first few months of the year.
The deals to appear so far in 2020 range in focus from threat protection to enterprise IoT. In early January we saw the sale of Symantec's cybersecurity services business to Accenture; the same day, private equity firm Insight Partners bought security company Armis for a total of $1.1 billion. Shortly ahead of the annual RSA Conference at the end of February, Dell sold RSA to Symphony Technologies for $2.1 billion.
These are only a handful of the M&A deals to catch the eyes of security experts in the first three months of 2020. Here, we take a look back at some of the standout transactions announced in the first quarter and recap the year in M&A, taking a closer look at the trends and what they could mean for the industry. We have no doubt we'll be adding to this list as the year unfolds.
The acquisitions are listed in chronological order.
Among the first deals to start 2020 was Mimecast's acquisition of Segasec, a Tel Aviv-based threat protection startup. This marks Mimecast's sixth acquisition to date and follows its purchases of DMARC Analyzer and Simply Migrate in 2019.
Segasec was founded in 2017 to protect businesses from phishing, business email compromise, ransomware, and other digital threats. Its platform monitors domain registrations, new certificates, mail server provisioning, social networks, and other online resources where consumers and brands interact. Mimecast plans to integrate this technology into its email and Web security services as part of efforts to build an offering called Email Security 3.0.
Terms of the deal were not disclosed. Segasec had raised $2 million since its 2017 founding.
In early January, Accenture agreed to purchase Symantec's Cyber Security Services business from Broadcom in its first of three cybersecurity acquisitions in 2020. The deal will bring Symantec's lineup of services, including global threat monitoring and analysis, industry-specific threat intelligence, and incident response services, into the Accenture Security portfolio. Terms were not disclosed.
A couple of months later, Accenture bought UK-based cybersecurity consultancy Context Information Security from Babcock International Group. Context offers cyber defense, red team services, vulnerability research, and incident response services, and its 250+ employees will reportedly help bring Accenture's services to clients.
Finally, Accenture confirmed plans to buy Revolutionary Security last week. The Pennsylvania-based company provides enterprise security for IT and OT environments and offers assessment, design, and build of security programs and operations. Its acquisition is meant to improve Accenture's services for clients with complex IT and OT networks.
Accenture spent about $1.2 billion globally on 33 acquisitions in 2019, when it bought Deja vu Security, iDefense, Maglan, Redcore, Arismore, and FusionX.
In one of the largest deals so far this year, private equity firm Insight Partners bought enterprise IoT security company Armis for a valuation of $1.1 billion. CapitalG, the investment arm of Google parent company Alphabet, joined the purchase for $100 million.
Since the Israeli company was founded in 2015, Armis has raised $112 million over four rounds of funding and has grown to employ more than 250 people. Its platform aims to discover all devices on a corporate network and identify their type, manufacturer, model, OS, reputation, username, software, and risk factors, among other data, to determine whether they're being used maliciously.
Following the acquisition, Armis will continue to operate independently under the management of its co-founders and executive team. It will work to continue its growth with the support of Onsite, Insight Partners' business strategy and ScaleUp division.
Cloudflare made its first acquisition since going public with its purchase of S2 Systems Corp., a company co-founded by former Microsoft employees to protect companies from Web-based threats through browser isolation.
Washington-based S2 Systems has created browser isolation technology that executes code on cloud servers rather than on the device. Employees who open a Web page don't have content downloaded onto their devices; rather, the content is rerouted to a cloud-based sandbox where it's opened in isolation. The idea is to create a gap between the user's browser and the Internet, protecting users from Web-based threats.
The S2 team has joined Cloudflare following the acquisition and will be based at its new Seattle office.
Industrial control systems firm Rockwell Automation aimed to strengthen its security portfolio with the acquisition of Avnet Data Security, an Israeli cybersecurity services company.
Avnet, which has been providing cybersecurity services for more than 20 years, offers a range of IT and OT services, including assessments, pen testing, network and security products, and training. Its combination of service delivery, research, and training is meant to help Rockwell serve a larger set of customers while expanding its IT/OT expertise.
At the time of the acquisition, Rockwell said cybersecurity was among the fastest-growing segments of its services business. Its announcement arrived at a time when the manufacturing industry is growing more connected, creating a stronger demand for cybersecurity services.
Forescout was acquired by private equity investor Advent International, with participation by Crosspoint Capital Partners, in an all-cash transaction valued at $1.9 billion.
Forescout, which focuses on device visibility and control, will work with Advent and Crosspoint Capital to continue strengthening its position in the market as businesses seek visibility into high-risk devices connecting to their networks. Following the acquisition, Forescout will become a private company with flexibility to continue investing in developing and deploying enterprise security tools that meet this need.
Shortly before the annual RSA Conference took place in San Francisco, Dell announced it would be selling RSA to private equity firm Symphony Technology Group (STG) for $2.1 billion.
The deal was confirmed nearly five years after Dell bought RSA's security business through its $67 billion acquisition of EMC Corp., RSA's former parent company. As part of the most recent transaction, a consortium led by STG, Ontario Teachers' Pension Plan Board, and AlpInvest will buy RSA's Archer, NetWitness Platform, SecureID, and Fraud and Risk Intelligence lines, as well as the RSA Conference.
Security industry experts, some of whom expected this, say the sale will give Dell and RSA space to reset and plan their security strategies. Some say the decision was right for both in the long term. Private equity investors are showing strong interest in the security industry, and it remains to be seen what this deal means for the future of RSA. Dell still has a presence in the cybersecurity space through its Secureworks division and the VMware acquisition of Carbon Black.
In another deal focused on browser protection, McAfee acquired Light Point Security for an undisclosed amount. Baltimore-based Light Point has provided protection against Web-based attacks since it was founded in 2010 by two former NSA employees.
Light Point's technology isolates browser sessions in a remote virtual environment outside of the corporate network to protect employees from common threats like ransomware and credential phishing. McAfee plans to integrate the remote browser isolation technology into its Secure Web Gateway (SWG) and Mvision Unified Cloud Edge (UCE) platform, which contains the SWG, data loss prevention, and Mvision Cloud (CASB).
The investment is intended to help McAfee create a complete implementation of secure access service edge (SASE) architecture. Terms of the deal were not disclosed.
Private equity firm Hellman & Friedman bought Checkmarx from Insight Partners in a deal valued at $1.15 billion. Insight Partners, which initially purchased the application security company for $84 million, will continue to own a minority interest.
Checkmarx, another Tel Aviv-based security firm, offers technology to conduct static and interactive application security testing, software composition analysis, and application security training and skills development so businesses can better detect software vulnerabilities. It employs more than 700 people and reports at least 1,400 customers. In a release, Checkmarx called this "the largest acquisition of an application security company to date."
This announcement arrived at a time when application security is a growing concern for organizations that want to strengthen software security without interfering with development. Integrating security early in the development life cycle is "critical," said H&F partner Tarim Wasim.
Palo Alto Networks is also focused on SASE development, as evidenced in its March acquisition of CloudGenix for $420 million in cash.
San Jose, Calif.-based CloudGenix was founded to transform legacy WANs into a simpler and more secure application-defined structure. Since its 2013 founding, the company has raised $99 million in funding and accumulated about 250 customers across the healthcare, retail, finance, banking, tech, and hospitality industries.
Palo Alto Networks plans to integrate CloudGenix's SD-WAN technology into its Prisma SASE platform following the transaction. The combination, it says, will expand the SASE platform, address network and security transformation requirements, and drive the shift from SD-WAN to SASE.
Palo Alto Networks is also focused on SASE development, as evidenced in its March acquisition of CloudGenix for $420 million in cash.
San Jose, Calif.-based CloudGenix was founded to transform legacy WANs into a simpler and more secure application-defined structure. Since its 2013 founding, the company has raised $99 million in funding and accumulated about 250 customers across the healthcare, retail, finance, banking, tech, and hospitality industries.
Palo Alto Networks plans to integrate CloudGenix's SD-WAN technology into its Prisma SASE platform following the transaction. The combination, it says, will expand the SASE platform, address network and security transformation requirements, and drive the shift from SD-WAN to SASE.
Mergers and acquisitions were constant in the cybersecurity industry from the first half of 2019 into the second, and this strong pattern of activity continued into the first quarter of 2020.
It's only mid-April, but the industry has already seen plenty of acquisitions, with many in the billion-dollar range. Larger security businesses are broadening their product portfolios with new technologies, as several private equity firms continue to make large investments in security companies – a key trend we noticed in the first few months of the year.
The deals to appear so far in 2020 range in focus from threat protection to enterprise IoT. In early January we saw the sale of Symantec's cybersecurity services business to Accenture; the same day, private equity firm Insight Partners bought security company Armis for a total of $1.1 billion. Shortly ahead of the annual RSA Conference at the end of February, Dell sold RSA to Symphony Technologies for $2.1 billion.
These are only a handful of the M&A deals to catch the eyes of security experts in the first three months of 2020. Here, we take a look back at some of the standout transactions announced in the first quarter and recap the year in M&A, taking a closer look at the trends and what they could mean for the industry. We have no doubt we'll be adding to this list as the year unfolds.
The acquisitions are listed in chronological order.
About the Author(s)
You May Also Like
CISO Perspectives: How to make AI an Accelerator, Not a Blocker
August 20, 2024Securing Your Cloud Assets
August 27, 2024