Cybersecurity Defies Current Macroeconomic Headwinds, with M&A Activity Predicted to Surpass pre-Covid Levels

  • Cybersecurity
  • 12.10.2022 11:25 am

The cybersecurity sector is leading the way for M&A and fundraising activity in 2022, says tech-focused investment bank ICON Corporate Finance, with deal activity for Q1-Q3 up 60% compared to 2020 for M&A and +22% for fundraising.

Revealed in ICON’s latest Cybersecurity report, the sector is proving recession-proof and remains a vital growth area, defying current troubling macroeconomic headwinds. Enterprises recognise that they must continue investing in cyber defences regardless to protect against an increasingly sophisticated threat landscape, and as a result of significant geopolitical and economic uncertainty. This in turn continues to drive M&A and fundraising deal activity. ICON’s report investigates the fundamentals behind why this is the case.

Key insights:

  • The first three quarters of 2022 recorded 353 cybersecurity M&A deals, with a total value of $125 billion. As a result, the sector is on track to surpass pre-Covid levels
  • Vendor platform consolidation, largely backed by Private Equity, is a major driver behind the sustained deal activity
  • Fundraising activity remained in line with long-term trends: $15.4bn of VC money was invested in the sector globally across 572 deals Q1-Q3 
  • After an 18-month-long bull run, public cybersecurity stocks have reset at lower levels but continue trading at a significant premium compared to the broader tech market. Growth is the main valuation driver: The top quartile is trading at 8.6x revenues, with growth at +34.4% 21-22E (3.6x revenues, and +6.1% growth, respectively, for the bottom quartile)
  • Recent downgrades in valuations have led to a large number of take-private transactions - most recently, Vista Equity offered to acquire KnowBe4 at a valuation of $4.22 bn, which represents a valuation premium of nearly 39% to KnowBe4’s prior closing price on Sep 16 
  • ICON predicts that consolidation will continue at pace as trade and Private Equity acquirers are ready to capitalise on the extraordinary market opportunity 

Protecting mission-critical data, applications and infrastructure remains a board-level investment priority for public and private organisations. The report highlights that from 2020 to 2022, average data breach costs surged 13% to $4.35m. Financial institutions became a particular target, with malware attacks doubling in H1 2022 and ransomware attacks increasing by 243% against financial targets.

Report author Florian Depner, Director of ICON Corporate Finance, explains: “In our report, we ask the key question: Is the cybersecurity sector and related deal activity recession-proof?

“The answer, in short, is a strong yes. Enterprises recognise that they must continue hardening their security defences to keep above water in the arms race between good and bad. Cybersecurity is mission-critical and companies have no choice but to keep investing given the uplift in malicious activity, and state-backed attacks. Consequently, capital will continue to flow into the sector, which in turn spurs M&A and fundraising activity.”

Florian Depner added: “We believe that cybersecurity deal activity, both in the US and Europe, will be fuelled by Private Equity, providing a more attractive exit alternative to existing shareholders than the IPO route, as demonstrated by KKR’s acquisition of diversified enterprise security specialist Barracuda for $3.9bn in April 2022.

“We also anticipate that Private Equity will continue injecting much-needed growth fuel into later-stage scale-up companies; a trend demonstrated by the BlackRock-backed $250m investment in Swiss-based storage management and personal backup services provider Acronis. These factors, combined with Private Equity backing buy-and-build strategies and vendor platform consolidation, and the fact that the three-year cyber security index for public sector stocks rose 61.5%, while NASDAQ rose just 35.5%, make cybersecurity players undeniably desirable. That’s creating a buoyant market for cybersecurity deals and investment.”

Related News