Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.


04:00 PM
Connect Directly

Dell Sells RSA to Private Equity Firm for $2.1B

Deal with private equity entity Symphony Technology Group revealed one week before the security industry's RSA Conference in San Francisco.

Nearly five years after Dell Technologies scooped up RSA's security business via its $67 billion buy of RSA's then-parent firm EMC Corp., the technology company now plans to sell RSA to a private equity firm for $2.075 billion in cash.

Dell Technologies announced today that a consortium led by Symphony Technology Group (STG), Ontario Teachers' Pension Plan Board, and AlpInvest will acquire RSA's Archer, NetWitness Platform, SecureID, and Fraud and Risk Intelligence lines, as well as the security industry's massive RSA Conference. The company did not disclose terms of the agreement.

The decision by Dell to sell RSA was not completely unexpected among industry insiders given Dell's move to go public more than a year ago. The deal with a private equity firm basically gives both Dell and RSA more room to reset and evolve their security strategies, industry expert say. Private equity firms increasingly are setting their sights on the security industry due to its rapid and steady growth.

"I don't think RSA was well-aligned with Dell's go-forward strategy for investment," says Amit Yoran, who served as president of RSA from 2014 to 2016 and is now chairman and CEO of Tenable. "We'll see what private equity ownership means for RSA and what their plans are for the future."

Chenxi Wang, founder and general partner with Rain Capital, says Dell likely was under pressure as a publicly traded firm to trim down debt.

"Dell's vision is to be a provider of a broad swath of technology and services, from PCs, to storage, to software, to information security. RSA would have been a nice slice in that strategy, except that the RSA division has not been a fast-growing business for the Dell empire," she says. "The Dell board is probably asking the executives to concentrate its efforts and to shed low-performing businesses."

Dell Technologies still holds a solid stake in the security sector with its managed security services arm Secureworks, as well as its VMware operation's recent acquisition of endpoint protection firm Carbon Black.

Dell Technologies COO and vice chairman Jeff Clarke called the deal "the right long-term strategy" for both Dell and RSA, as well as their customers and partners.

"The transaction will further simplify our business and product portfolio. It also allows Dell Technologies to focus on our strategy to build automated and intelligent security into infrastructure, platforms and devices to keep data safe, protected and resilient," Clarke said in a statement.

Rohit Ghai, president of RSA, lauded the STG deal as providing the company "with a more independent configuration" to evolve.

"In determining the best way to support our customers' digital journeys, we sought a partner that was enthusiastic about RSA's mission, committed to our customer and partner base, and interested in unleashing the power of our talent, experience, and tremendous growth potential. Symphony Technology Group (STG) fully supports our vision," he said.

The announcement of the deal, which is scheduled to be complete within the next six to nine month, comes the week before the 2020 RSA Conference, which opens in San Francisco next week.

Dell's shedding of RSA basically closes a chapter in the EMC saga as well.

"This acquisition represents the end of an era. At one time it was thought that data center vendors should have a security arm. That concept appeared with Symantec acquiring Veritas and EMC acquiring RSA+SecurID, which it used to form the security division of EMC," says Richard Stiennon, chief research analyst at IT-Harvest. "Most of us expected Dell to spin RSA off with the acquisition of EMC. Apparently it just took longer for Dell to realize that the fast pace of innovation in the security space does not jibe with the slow and steady pace of data center and hardware vendors."

Private Equity for the Win
Private equity firms such as Thoma Bravo, Vista, IntSight, and TPG all have acquired security companies in the past few years, a trend driven by the high growth in that market as well as the ballooning size of the deals, notes Rain Capital's Wang. Private equity firms typically hold a company for 18 months, during which time they double down on efficiencies and then bundle a few companies together and spin them off in an even more lucrative deal, she explains.

"Cyber seems to be a great market for that – many small firms provide niche capabilities, combining them into a broad offering is what the market wants," Wang says. "As M&A deals get larger, it's becoming difficult for broad tech firms to continue to execute the type of deals that are expected by the market."

Enter the private equity investors, a trend Wang expects to continue in security.

Private equity firms provide an alternative way for retooling and reinvigorating firms, notes Brian Reed, senior research director at Gartner. "Private equity firms come up with interesting ways to increase a product life cycle and help reduce the amount of time it takes companies to recover from [things like] product roadmap stagnation," Reed says. The deal gives RSA more freedom and breathing room to work on its product roadmap, he says.

"There are bigger things going on with Dell at the moment from a macro standpoint and outside of security," Reed says. "This is one of those instances where private equity coming in will be a good thing in the medium and long term and allows Dell to get a reset."

Related Content:

Check out The Edge, Dark Reading's new section for features, threat data, and in-depth perspectives. Today's top story: "8 Things Users Do That Make Security Pros Miserable."
Kelly Jackson Higgins is the Executive Editor of Dark Reading. She is an award-winning veteran technology and business journalist with more than two decades of experience in reporting and editing for various publications, including Network Computing, Secure Enterprise ... View Full Bio

Recommended Reading:

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
US Formally Attributes SolarWinds Attack to Russian Intelligence Agency
Jai Vijayan, Contributing Writer,  4/15/2021
Dependency Problems Increase for Open Source Components
Robert Lemos, Contributing Writer,  4/14/2021
FBI Operation Remotely Removes Web Shells From Exchange Servers
Kelly Sheridan, Staff Editor, Dark Reading,  4/14/2021
Register for Dark Reading Newsletters
White Papers
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2021-04-22
An issue was discovered in the AbuseFilter extension for MediaWiki through 1.35.2. Its AbuseFilterCheckMatch API reveals suppressed edits and usernames to unprivileged users through the iteration of crafted AbuseFilter rules.
PUBLISHED: 2021-04-22
An issue was discovered in the AbuseFilter extension for MediaWiki through 1.35.2. A MediaWiki user who is partially blocked or was unsuccessfully blocked could bypass AbuseFilter and have their edits completed.
PUBLISHED: 2021-04-22
An issue was discovered in the AbuseFilter extension for MediaWiki through 1.35.2. The Special:AbuseFilter/examine form allowed for the disclosure of suppressed MediaWiki usernames to unprivileged users.
PUBLISHED: 2021-04-22
An issue was discovered in the CommentBox extension for MediaWiki through 1.35.2. Via crafted configuration variables, a malicious actor could introduce XSS payloads into various layers.
PUBLISHED: 2021-04-22
An issue was discovered in the PageForms extension for MediaWiki through 1.35.2. Crafted payloads for Token-related query parameters allowed for XSS on certain PageForms-managed MediaWiki pages.