Top cybersecurity M&A deals for 2023

Top cybersecurity M&A deals for 2023

Uncertainty and instability marked the end of 2022 for many in the tech sector, a trend that bled into the beginning of 2023. Following on the heels of a drought in IT talent came mass layoffs at many of the world’s biggest tech companies as predictions of recession loomed and war in Ukraine dragged on with no end in sight.

Global concern over cybersecurity has never been higher, with attacks coming fast and furious and in ever-growing numbers, and 65% of organizations planned to increase cybersecurity spending in 2023. That means CISOs may be pressured to do more with what they have as budgets shrink even as demand for security increases. And they should be aware of what could change if one of their vendors is acquired in this climate.

Corporate deals have dropped from the highs of 2021 as well as investors proceed with caution, eyeing interest rate increases and the possibility of a recession. There were some indications that cybersecurity might be an outlier in 2023–that M&A activity might remain a little more robust than in other parts of the tech world. “There are abundant opportunities for innovation in cybersecurity as new technology breakthroughs, such as the near-human capabilities of ChatGPT, introduce new and largely unaddressed security risks,” DataTribe noted in its fourth-quarter 2022 Insights.

While recognizing the ever-growing importance of cybersecurity and the ever-growing demand to protect against increasingly sophisticated–and numerous–bad actors, dealmakers are likely to be active but cautious in the year to come.

Below are the deals that CSO has selected as the most significant of the year. (This list is updated periodically as new deals are announced.) If your company has made or has been involved in a cybersecurity acquisition or merger, contact CSO Regional Executive Editor Andrew Flynn at [email protected] to be considered for inclusion in this list.

Deloitte Australia buys cyber firm ParaFlare

August 2: Financial services firm Deloitte Australia has acquired cybersecurity firm ParaFlare for an undisclosed amount. ParaFlare provides sovereign managed detection and response (MDR) services. “The cyber risk landscape is driving exponential growth in demand for security expertise and solutions, and this partnership with ParaFlare will enable us to bring truly world-class, market-leading capability to service our clients’ cyber security needs,” Deloitte Australia CEO Adam Powick said in a press release.

Armor acquires Quantum Security

August 3:  Cloud and hybrid cloud security solutions provider Armor has acquired Singapore-based cybersecurity firm Quantum Security to enhance its capabilities in cloud security and IT risk. Quantum specializes in cloud automation and services. “Quantum Security’s expertise in cloud automation and services will complement Armor’s existing capabilities and help the company deliver more comprehensive solutions to its customers,” Armor said in a statement.

Protect AI acquires huntr and launches bug bounty program

August 8: Artificial intelligence and machine learning security company Protect AI has bought AI/ML bug bounty platform huntr.dev and launched the huntr AI/ML bug bounty platform. “Originally founded in 2020 by 418Sec Founder, Adam Nygate, huntr.dev quickly rose to become the world’s 5th largest certified naming authority (CNA) for common vulnerabilities and exposures (CVEs) in 2022,” the companies said in a statement. “With huntr, we will foster an active community of security researchers, to meet the demand for discovering vulnerabilities within these models and systems.” Huntr offers an AI/ML bug-hunting environment with intuitive navigation, targeted bug bounties with streamlined reporting, monthly contests, collaboration tools, vulnerability reviews, and bounties available to the hacking community. The first contest is focused on Hugging Face Transformers offering a $50,000 reward.

Rubrik acquires DSPM provider Laminar

August 8: Zero-trust data security firm Rubrik has signed an agreement to acquire data security posture management (DSPM) platform Laminar. “The combination will create the industry’s first complete cyber resilience offering of its kind by bringing together cyber recovery and cyber posture across enterprise, cloud, and SaaS,” the companies said in a statement. Laminar combines cloud-native design with deep security expertise to provide visibility and control for organizations that need to protect sensitive data. Rubrik said the acquisition will further enable its customers to be more proactive against cyberattacks and provide businesses with cyber resilience.

Check Point to acquire Perimeter 81

August 10: Global cybersecurity firm Check Point Software has agreed to buy security service edge (SSE) company Perimeter 81 for about $490 million. Perimeter, launched in 2018, combines cloud and on-device protection within SSE, offering zero-trust access and full mesh connectivity between users, branches, and applications. “With the advent of hybrid work and the rise of cloud transformation, the demand for security services that expand beyond the network perimeter is increasing,” Check Point CEO Gil Shwed said in a statement. “By leveraging Perimeter 81?s capabilities and integrating them into the Check Point Infinity platform we continue with our vision to deliver the best security through comprehensive, collaborative and consolidated solutions.” The deal is expected to close in the third quarter of 2023.

Zurich acquires cyber counterintelligence firm SpearTip

August 14: Zurich Holding Company of America, a subsidiary of Zurich Insurance Group, has acquired cyber counterintelligence firm SpearTip to expand cyber risk mitigation services available from Zurich Resilience Solutions, which employs a team of cyber risk management specialists who provide objective assessments of businesses’ cybersecurity posture and unique threat environment, with consultative support to strengthen overall cyber resilience. “The combination of [SpearTip’s] technical capabilities with Zurich’s service excellence extends the capabilities of the Zurich Resilience Solutions’ Cyber Services Team to bring a full suite offering to our customers,” David Shluger, vice president of Cyber Risk Services for Zurich Resilience Solutions said in a press release.

Zyston buys Complyify

August 14: Dallas-based managed security services provider (MSSP) Zyston has acquired Complyify, a software development company specializing in artificial intelligence technologies. Complyify’s proprietary AI technology will be integrated into Zyston’s CyberCAST offering immediately, with the first upgraded services expected to be available to clients in the third quarter of 2023.

TPG agrees to buy Forcepoint G2CI business

July 10: Global security firm Forcepoint has agreed to sell its global governments and critical Infrastructure (G2CI) business to asset management firm TPG for an undisclosed amount. The move separates Forcepoint’s commercial and G2CI businesses and establishes G2CI as an independent entity. Forcepoint was acquired by investment firm Francisco Partners from Raytheon in 2021. The deal will allow Forcepoint G2CI “to operate with greater flexibility and focus, positioning the new company to grow its platform as a comprehensive, next-generation cybersecurity provider for defense, intelligence, and critical national infrastructure organizations across the globe,” the companies said in a statement.

Safe Security acquires RiskLens

July 12: AI-Driven Cyber Risk Management company Safe Security acquired RiskLens, developer of the Factor Analysis of Information Risk (FAIR) cyber risk quantification standard. The purchase will combine FAIR with Safe Security’s AI-powered automated cyber risk management platform, SAFE. “This acquisition accelerates our mission of becoming the de-facto industry standard to measure, manage, and transfer cyber risk,” Safe Security CEO and co-founder Saket Modi said in a press release.

Cisco announces intent to acquire Oort

July 13: Tech giant Cisco announced on its blog the intent to acquire identity threat detection and response (ITDR) technology developer Oort to enhance the Cisco Security Cloud user context telemetry. Oort’s API-driven, cloud-native, and agentless platform, is intended to eliminate identity visibility gaps across disparate data sources, show misconfigurations, check for security vulnerabilities, and offer predictive identity analytics to proactively stop attacks. “In addition to strengthening Cisco’s native telemetry, Oort’s integrations with other third-party vendors – including Google, Microsoft, Okta, and Auth0 – supports our commitment to increase interoperability and deliver consistent outcomes regardless of vendor or technology,” Raj Chopra, chief product officer of Cisco’s Security Business Group, said in a company blog.

CISO Global buys SB Cyber Technologies

July 19: Managed cybersecurity and compliance provider CISO Global has acquired SB Cyber Technologies, which specializes in identifying, enhancing, and applying emerging government and military grade capabilities to commercial technical security challenges. SC Cyber, which was founded by former members of the US intelligence and special operations communities, has become a wholly owned subsidiary of CISO Global. CISO Global will integrate SB Cyber’s CHECKLIGHT endpoint detection and response (EDR) technology into its suite of products. “CHECKLIGHT expands our proprietary capabilities and value proposition to the market, allowing us to deliver the full spectrum of services required today to be truly cyber resilient,” CISO Global founder and CEO David Jemmett said in a statement.

Graylog acquires Resurface.io’s API security platform

June 19: Graylog, a global provider of SIEM and log management solutions, has acquired Resurface.io’s data-driven API security platform for an undisclosed amount. “The acquisition broadens Graylog’s security portfolio and delivers to enterprise customers a comprehensive API security threat detection and incident response platform to combat the evolving challenges in the API security landscape,” Graylog said in a statement. The product will be renamed Graylog API Security and “will enable Graylog to reach a broader audience, accelerate product advancements, and provide customers unparalleled API ecosystem protection.”

Coro acquires network security startup Privatise

July 26: Mid-market cybersecurity platform Coro has acquired in-office and remote work security provider Privatise for an undisclosed amount. The acquisition will allow Coro to offer a single source of comprehensive security and protection through a unified, cloud-based platform, the company said in a press release. “Since its founding, Coro has focused on delivering a comprehensive, yet affordable and easy to use cybersecurity solution for mid-market companies,” said Coro CEO Guy Moskowitz. “By integrating Privatise’s SASE capabilities into our platform, we offer the industry’s first mid-market solution to deliver cloud-native, seamless, and secure access to applications and resources regardless of location or device.”

Thales agrees to buy Tesserent

June 13: Defense technology and security provider Thales has agreed to buy Australian cybersecurity firm Tesserent in a deal that values to the firm at about $111 million. Paris-based Thales said the deal will enable it to “accelerate its cybersecurity development roadmap and expand its footprint in Australia and New Zealand.” Tesserent will continue to operate under its current name, but its branding will include the “Cyber Solutions by Thales” tagline. “With the acquisition of Tesserent and its highly skilled team of cyber experts, and combined with our own system engineering experts, Thales Australia will establish an Australian/New Zealand leader in Cyber Defence able to best protect the country and its national infrastructure from cyber threats,” Thales Australia CEO Jeff Connolly said in a release.

Informatica announces intent to acquire Privitar

Informatica has agreed to buy Privitar with the intention of integrating its access controls and remediation for data privacy and security into Informatica’s AI-powered Intelligent Data Management Cloud platform. Privitar is a “UK-based data management access and privacy software provider that powers organizations to democratize the ethical and safe use of data across enterprises,” Informatica said in a statement. “Data governance and responsible use of data is a growing priority for large businesses, but too often requires trading off agility and self-service,” said Informatica CEO Amit Walia.

Dataprise acquires Texas-based managed service provider RevelSec

June 21: Dataprise, a provider of managed IT, cybersecurity, and cloud solutions, has acquired RevelSec for an undisclosed amount. RevelSec, a security-first managed service provider headquartered in Texas, will “further expand Dataprise’s national footprint and add high-value vertical expertise while providing RevelSec clients access to Dataprise’s broad portfolio of powerhouse services,” the companies said in a statement. RevelSec serves 200 clients across industries including financial services, healthcare, and oil and gas.

Daisy Corporate Services completes acquisition of ECSC Group

June 22: Daisy Corporate Services has completed its acquisition of breach prevention, detection and response support company ECSC Group. In a statement on its website, Daisy said the purchase “provides highly complementary services” to its “current operational resilience offerings, therefore providing an enhanced customer proposition.” Founded in 2000, ECSC provides expert security breach prevention, detection and response support to almost 425 customers across all sectors and including a range of corporate and blue-chip organizations. “We firmly believe that together we will become the UK’s leading cyber security organization,” said ECSC CEO Matthew Briggs.

Socure buys Berbix for $70 million

June 27: Digital identity verification solutions provider Socure has acquired San Francisco-based startup Berbix for about $70 million. Berbix, founded in 2018 by former members of the Airbnb Trust and Safety Team, has developed a high-accuracy document verification solution with a forensics engine able to detect spoofed IDs, including AI-generated fakes.

Mozilla buys fake-busting software firm Fakespot

May 2: Not-for-profit tech foundation Mozilla has bought fake-busting software developer Fakespot. Fakespot uses artificial intelligence (AI) and machine learning (ML) systems to detect patterns and similarities between reviews to flag those that are most likely to be deceptive. The system helps sort real reviews from fake ones, to support trust and confidence among those making online purchases. Mozilla said it will continue to invest in enhancing Fakespot for current users but plans to develop future Fakespot integrations that will be unique to Mozilla’s Firefox browser.

Private equity firm acquires Absolute software for $657 million

May 11: Crosspoint Capital Partners has agreed to buy self-healing, intelligent security solutions provider Absolute Software for US$657 million excluding debt in a deal that will take the NASDAQ-traded company private. “We are impressed with how Absolute has built upon its asset visibility and control heritage and expanded into solutions that provide endpoint resilience and the reliable access needed in today’s hybrid work environments,” Crosspoint managing partner Greg Clark said in a statement. Absolute provides self-healing, intelligent security solutions that offer a permanent digital connection that intelligently and dynamically applies visibility, control, and self-healing capabilities to endpoints, applications, and network connections.

Exiger acquires software supply chain and SBOM management platform Ion Channel

May 16: Security software as a service provider Exiger has bought software supply chain risk management platform Ion Channel. The acquisition will expand Exiger’s depth of analysis in vendor and open-source software cyber risk, CEO Brandon Daniels said in a statement. “From entities to software to raw materials, Exiger’s technology now covers all potential product risk so our customers can regain control of their supply chains.” Ion Channel has developed a proprietary risk model that analyzes 1.5 trillion events in open-source and proprietary software components daily and tracks more than 100 leading risk indicators to detect security and operational risk months in advance of known vulnerabilities. Ion Channel’s C-SCRM solution will be incorporated into Exiger’s FedRAMP SaaS platform.

IBM acquires Polar Security

May 16: Tech giant IBM has acquired data security posture management (DPSM) provider Polar Security to bolster its cloud security offerings. Polar Security’s platform helps to manage “shadow data” — sensitive data not being tracked or managed by a company. DSPM reveals where sensitive data is stored, who has access to it, how it’s used, and identifies vulnerabilities with the underlying security posture, including policies, configurations, or data usage. Polar Security’s DSPM technology will be integrated into IBM’s Guardium family of data security products.

Onfido buys digital identity-sharing technology developer Airside Mobile

May 22: Automated identity verification company Onfido has acquired Airside Mobile. Airside is noted as among the first to bring user-controlled digital identity to the travel industry. The company’s privacy-first identity management technology will be combined with Onfido’s verification platform to allow “verify once, use anywhere” use where customers can manage their own digital identity stored on a smartphone.

Cisco plans to buy Armorblox to help create “an AI-first Security Cloud.”

May 31: Cisco has agreed to purchase email security platform Armorblox for an undisclosed amount. Cisco security Chief Product Officer Raj Chopra said Armorblox’s use of predictive and generative AI “will change the way our customers understand and interact with their security control points.” In a blog announcing the pending acquisition, Chopra said Armorblox’s techniques may also be applied to attack prediction, rapid threat detection, and efficient policy enforcement.

OpSec Security agrees to buy Zacco

April 4: Brand integrity firm OpSec Security has agreed to buy intellectual property Danish intellectual property management and protection company Zacco, the two companies said in a statement. Zacco combines traditional legal expertise with digital brand management and security. The addition of Zacco will “combine the respective strengths of the two businesses to help customers maximize the value of their IP portfolios, take advantage of new opportunities, and counter vulnerabilities and threats these may bring,” OpSec said.

TrustCloud and Branddocs merge

April 11: In a reverse takeover, secure digital transaction and video verification services Branddocs acquired secure digital transaction choreographing platform TrustCloud for an undisclosed amount. The new company will operate as TrustCloud, combining Branddocs’ client base and in-house network of fraud detection experts, AI/ML technologies, multi-orchestration capabilities, and the TrustCloud modular platform to deliver globally compliant, frictionless, and vendor-agnostic services.

Columbus acquires ICY Security

April 11:  Columbus has acquired ICY Security in an expansion aimed at meeting customer demand for cyber security services. Denmark-based ICY Security is among the Nordic countries’ largest consultancies and implementation companies in the area of identity and access management (IAM). “The acquisition of ICY Security is an important investment in extending Columbus’ offerings following the increased need for cybersecurity services from our customers,” Columbus CEO and President S?ren Krogh Knudsen said in a statement.

Akamai acquires Neosec

April 19: Content delivery network and cloud security services provider Akamai Technologies has agreed to buy privately held API detection and response platform Neosec. The acquisition will extend Akamai’s visibility into the rapidly growing API threat landscape, the company said in a statement. “The combination is designed to make it easy for customers to secure their APIs by helping them discover all of their APIs, assess their risk, and respond to vulnerabilities and attacks.”

Cisco agrees to buy Lightspin Technologies

March 29: Software and service giant Cisco has agreed to buy privately held cloud security software Lightspin Technologies for an undisclosed amount. Lightspin offers end-to-end cloud security posture management (CSPM) across cloud-native resources. The company will join Cisco’s emerging technologies and incubation (ET&I) business.

Mastercard acquires Baffin Bay

March 20: Mastercard has bought Swedish cybersecurity firm Baffin Bay to increase its cloud-based protections. The company will integrate Baffin Bay’s cloud-based solution that uses AI technology to automatically filter and counteract malicious internet traffic into its current offerings. “The addition of Baffin Bay Network’s instantaneous, predictive and cloud-based  AI technology to our existing analytical capabilities will deliver a leading, singular cyber solution,” Mastercard said in a statement.

HPE acquires Axis Security

March 2: Hewlett Packard Enterprise (HPE) agreed to buy cloud security services provider Axis Security, its third acquisition since January, to deliver a unified secure access service edge (SASE) offering. The acquisition is aimed at incorporating the Axis security service edge (SSE) platform into HPE’s edge-to-cloud network security capabilities to deliver integrated networking and security solutions as-a-service. HPE plans to integrate Atmos, an SSE offering by Axis Security, into Aruba, its platform for edge-to-cloud networking with AI-based network automation. “The convergence of Aruba and Axis Security solutions will transform edge-to-cloud connectivity with a comprehensive SASE solution that provides enterprises with the highest levels of security for both IoT devices and all users’ access across geographically distributed locations,” Phil Mottram, executive vice president and general manager, HPE Aruba Networking said in a statement.

Online auction giant eBay Acquires 3PM Shield

February 13: eBay acquired 3PM Shield, a provider of monitoring solutions designed to prevent the sale of counterfeit items, unsafe products and illegal goods. The purchase will help provide sellers and buyers with a safe and trusted platform and enhances eBay’s ability to address suspicious or harmful seller behavior and potentially problematic items. “3PM Shield has been a valued and effective external partner in helping eBay tackle these challenges and we look forward to unlocking additional capabilities as we bring their technologies in-house,” eBay Chief Risk Officer Zhi Zhou said in a statement.

Accenture buys Brazil-based Morphus

February 13:  New York-based Accenture has acquired privately held cyber defense, risk management, and cyber threat intelligence services provider Morphus for an undisclosed amount. Brazil-based Morphus provides red and blue team services; governance, risk, and compliance services; enterprise risk management; cyber strategy; threat intelligence; and managed security services. “The acquisition brings more than 230 highly skilled professionals, making Accenture one of the largest cybersecurity professional services providers in Brazil,” Accenture Security global leader Paolo Dal Cin said in a statement. The acquisition launches Accenture’s cyber industry practice in Latin America.

Vista Equity Partners completes acquisition of KnowBe4

February 1: Investment firm Vista Equity Partners completed its acquisition of security awareness training and simulated phishing platform KnowBe4 for $24.90 per share in cash, valuing the company at about $4.4 billion. “The human element remains one of the most important yet neglected aspects of cybersecurity,” Michael Fosnaugh, co-head of Vista’s Flagship Fund and senior managing director, said in a press release. “The opportunity to scale a business that is truly mission-critical to enterprises around the world is core to Vista’s investment approach and value creation efforts.” Vista focuses exclusively on acquiring enterprise software, data, and technology-enabled businesses.

Radiant Logic signs definitive agreement to acquire Brainwave GRC

February 1: California-based Radiant Logic entered into a definitive agreement to acquire French identity governance and analytics company Brainwave to accelerate the companies’ shared vision of an identity data fabric using data science to ensure the right information is in place to make the right policy decisions. “Demand is increasing for cybersecurity, governance, and compliance solutions that help companies address the continually evolving security threats, especially as regulatory environments and fines become more prevalent,” said Joe Sander, CEO of Radiant Logic, in a press release. The companies said the acquisition will strengthen their market positions as identity, analytics, and intelligence experts and provide a zero-trust and identity-first security foundation to deliver enhanced data security, reduced audit and compliance costs, and improved understanding and visibility of malicious activity.

Veridos becomes majority shareholder in NetSeT

January 30: Berlin-based Veridos has acquired a majority stake in NetSeT Global Solutions, a move the company says will strengthen its position as a full-service provider of integrated identity solutions. NetSeT, based in Serbia, develops information systems for the management of citizen data and information security. In 2017, Veridos acquired a minority stake in NetSeT, which will now be integrated into the Veridos Group. “With this acquisition, we are expanding our position as a provider of holistic identity solutions to cover the entire value chain: from citizen registration to the creation and personalization of ID documents and the management of citizen data to document verification,” Veridos CEO Marc-Julian Siewert said in a press release. The move comes after 20 years of collaboration between Veridos and NetSeT. In joint projects, the companies have co-operated in providing the ID system for northern Macedonia, ePassport systems for Bangladesh, Venezuela, and the United Arab Emirates, and a driver’s licence system for Uganda.

Simeio acquires identity and access management firm PathMaker

January 10: Specialized identity and access management (IAM) services provider Simeio acquired Texas-based identity governance firm PathMaker Group in a move that will enhance Simeio’s consulting services and SailPoint implementation capabilities, the company said. “This acquisition solidifies our commitment to integrate future-ready technologies to protect and secure identities. “Simeio CEO Chris Schueler said in a press release. “I am very confident in the unmatched identity security services that our clients can take advantage of as a result of this acquisition.” Simeio operates a portfolio of end-to-end services in advisory, building, and managing identity security solutions. PathMaker’s IAM MAP assessment process and methodology will be incorporated into          Simeio’s proprietary identity orchestration platform Simeio IO, allowing customers to continuously measure and assess the maturity of their identity programs. Simeio’s managed identity security services delivered through Simeio IO will also be accessible to PathMaker clients.

Data and Information Security, IT Leadership, Mergers and Acquisitions, Security

Go to Source