12 Jan Cybersecurity M&A Report, Vol. 3, No. 4: McAfee Up For Grabs, LogMeIn Sold for $4.3B, Mastercard Buys RiskRecon
String of billion dollar deals announced in the latest quarter
Northport, N.Y. – Jan. 10, 2020
Cybersecurity Ventures tracks M&A deal flow covering startups, emerging players, and the largest tech vendors. Read on for activity in the most recent quarter.
December
Dec. 23. Palo Alto Networks, of Santa Clara, Calif., announces completion of acquisition of Aporeto, of San Jose, Calif., a machine identity-based microsegmentation company, for $150 million in cash. Palo Alto’s CEO Nikesh Arora says Aporeto’s microsegmentation technology will further expand PA’s cloud security capabilities and enhance its Prisma Cloud offerings.
Dec. 23. Mastercard, of Purchase, N.Y., announces acquisition of RiskRecon, of Salt Lake City, a provider of artificial intelligence and data analytics solutions designed to protect computer systems and infrastructure against cyberattacks. RiskRecon CEO Kelly White says that by joining the Mastercard team, his company will have an opportunity to scale its solution and help companies in new industries and geographies take steps to better manage their cybersecurity risk. Financial terms of the deal were undisclosed.
Dec. 19. F5 Networks, of Seattle, Wash., a provider of application delivery networking technology, announces intent to acquire Shape Security, of Santa Clara, Calif., a defender of websites and mobile applications from automated cyberattacks, for $1 billion. F5 says the combination of its expertise in protecting applications across multi-cloud environments with Shape’s fraud and abuse prevention capabilities has the potential to transform application security.
Dec. 19. Segra, of Charlotte, N.C., one of the largest fiber bandwidth companies in the eastern United States, announces acquisition of North State Telecommunications Corporation, of Hight Point, N.C., a fiber-optic network, cloud and IT services and cybersecurity provider, for $240 million, including debt. Under the cash deal, Segra will pay North State holders of Class A and Class B common stock $80 a share.
Dec. 18. NTT Data Services, of Plano, Texas, a global technology services company, enters into definitive agreement to acquire NETE, of McLean, Va., a provider of digital design and transformation services for agencies in the U.S. Department of Health and Human Services. According to NTT, NETE drives global advancements in health and biomedical research through digital services, agile application development, clinical/bioinformatics, advanced data analytics, cloud, and cybersecurity. Financial terms of the deal were undisclosed.
Dec. 17. Francisco Partners, of San Francisco, a private equity firm, enters into a definitive agreement to acquire LogMeIn, of Boston, a cloud-based connectivity provider, in cash deal valued at $4.3 billion. Under the terms of the agreement, LogMeIn shareholders will receive $86.05 for each share of common stock they own.
Dec. 17. Leidos Holdings, of Reston, Va., a science and technology company, enters definitive agreement to acquire Dynetics, of Huntsville, Ala., a provider of high-technology, mission-critical services and solutions to the U.S. government, for $1.65 billion in cash. After acquisition, Dynetics will operate as a wholly-owned subsidiary of Leidos. Among the benefits Dynetics will bring to Leidos are its rapid prototyping and secure agile manufacturing and systems integration capabilities, which Leidos says will enhance innovation at the company and help its customers achieve their goals.
Dec. 16. Tech Data Corp., of Clearwater, Fla., a technology distribution company, announces agreement to acquire Inflow Technologies, of Bangalore, India, a value-added distributor with experience in cybersecurity and networking. Tech Data CEO Rich Hume says acquisition will help his company strengthen its portfolio of networking and security solutions it’s able to offer its channel partners while optimizing its footprint in Asia Pacific, which is an important region for the business. Financial terms of the deal were undisclosed.
Dec. 14. CNBC reports that Thoma Bravo, of Chicago, a private equity firm, is in early-stage talks to acquire security software company McAfee, of Santa Clara, Calif., for a significant premium over the company’s 2016 valuation of $4.2 billion.
Dec. 12. Fortinet, of Sunnyvale, Calif., a maker of network security appliances, announces it has acquired CyberSponse, of Arlington, Va., maker of a virtual appliance-based security orchestration and automation platform. Fortinet plans to integrate CyberSponse’s technology into its Security Fabric suite of products, which includes firewall, vulnerability detection and connected device protection features, among other capabilities. Financial terms of the deal were undisclosed.
Dec. 12. OPSWAT, of San Francisco, a provider of critical infrastructure protection services, announces completion of acquisition of Impulse, of Tampa, Fla., a maker of network access control solutions and provider of software-defined perimeter capabilities. OPSWAT founder and CEO Benny Czarny says acquiring Impulse will enable his company to deliver best-in-class network protection to its customers. Financial terms of the deal were undisclosed.
Dec. 11. Tesserent, of High Wycombe in the United Kingdom, a service management software company, signs agreement to acquire north BDT, of Canberra, Australia, a consulting practice specializing in cybersecurity, digital strategy and governance, end-to-end application development, and project services, for 5.3 million Australia dollars (US$3.6 million). Deal is funded with AU$1.25 million in cash, AU$2 million in Tesserent stock, and AU$2.05 in deferred cash payments.
Dec. 2. HelpSystems, of Eden Prairie, Minn., a global provider of systems management, security, document management, and business intelligence solutions, announces intent to acquire Clearswift, of Reading in the United Kingdom, a provider of Internet filtering solutions. HelpSystems CEO Kate Bolseth says acquisition will enable her company to offer its customers an expanded set of cybersecurity options to protect critical data and enable compliance with industry mandates such as PCI, GDPR, and HIPAA. Financial terms of the deal were undisclosed.
November
Nov. 27. Patriot Technologies, of Frederick, Md., a maker of custom cybersecurity platforms and devices, announces completion of acquisition of Communications Technologies & Consulting, of Germantown, Md., a communications infrastructure, design, and consulting company. Patriot says acquisition will support its goal to provide end-to-end critical communication solutions for mobile network providers, first responders, and federal and state agencies. Financial terms of the deal were undisclosed.
Nov. 25. BioNovelus, of Potomac, Md., a cybersecurity and IT services company, announces completion of acquisition of Corvus, based in Centerville, Va., a provider of scientific, engineering, technical, operational support, and training services to the federal government and commercial clients focusing on cyberspace operations, electronic warfare, information operations, intelligence, and joint electromagnetic spectrum operations, for $9 million in cash and notes.
Nov. 19. Kape Technologies, of London, a provider of privacy-focused security software, announces acquisition of Private Internet Access, of Greenwood Village, Colo., a VPN service, for $95.5 million. Kape says the deal will double the company’s existing customer base, bringing it to more than two million paying subscribers worldwide.
Nov. 18. Vista Equity Partners, of Austin, Texas, a private equity firm, announces acquisition of Sonatype, of Fulton, Md., which provides intelligence about open-source software components. Financial terms of the deal were undisclosed. Sonatype says deal will enable it to fast-track its Nexus platform, an enterprise repository library and management tool for analysis of open-source components.
Nov. 14. Cybersecurity companies TrustyGate and 6clicks, both of Melbourne, Australia, announce merger. Under the deal, 6clicks will acquire TrustyGate’s assets, people, and customer contracts, and TrustyGate’s brand will come under the 6click umbrella.
Nov. 11. Open Text Corp., of Waterloo, Ontario, Canada, an enterprise information management company, announces acquisition of Carbonite, of Boston, a provider of cloud-based backup solutions for consumers and businesses, for $800 million. According to a research note by Richard Tse of National Bank Financial, the deal opens up the potential for OpenText to build a meaningful SMB revenue stream.
Nov. 11. EY Australia announces acquisition of Aleron, of Sydney, Australia, a cybersecurity consultancy. EY claims the deal makes it the largest cybersecurity provider among Big Four accounting firms, as well as in the professional services sector as a whole. Financial terms of the deal were undisclosed.
Nov. 5. Broadcom, of San Jose, Calif., a designer, developer, and supplier of semiconductors, announces completion of acquisition of the enterprise security business of Symantec, of Mountain View, Calif., for $10.7 billion. Broadcom says that it intends to scale up its investments around the Symantec security endpoint, web, and data loss protection platforms and products, while cutting back investment in other areas that may not be as lucrative.
Nov. 4. NetEnrich, of San Jose, Calif., an IT infrastructure management and operations company, announces merger with ThreatLandscape, of Bangalore, India, maker of an AI-driven, SaaS cybersecurity product. Financial terms of the deal were undisclosed. Under the NetEnrich brand, the companies will offer outsourced IT services and cybersecurity capabilities to midmarket channel partners, IT service providers, and businesses.
Nov. 4. Sumo Logic, of Redwood City, Calif., maker of a continuous intelligence platform, announces acquisition of Jask Labs, of Austin, Texas, maker of a cybersecurity operations platform for finding and mitigating threats. Financial terms of the deal were undisclosed. Sumo says that the combination of its cloud-based SIEM with Jask’s technology delivers to the market cloud-native security intelligence solution built for today’s digital businesses that leverages modern applications, architectures, and multi-cloud infrastructures.
Nov. 3. Proofpoint, of Sunnyvale, Calif., a provider of email security, e-discovery, and compliance solutions, enters into definitive agreement to acquire ObserveIT, of Boston, maker of an insider threat management platform, for $225 million in cash. Proofpoint says that the combination of ObserveIT’s lightweight endpoint agent technology and data risk analytics with Proofpoint’s information classification, threat detection, and intelligence, will give enterprises unprecedented insights into user activity with their sensitive data, wherever it resides.
Nov. 1. CynergisTek, of Austin, Texas, a cybersecurity privacy and consulting firm, announces acquisition of Backbone Consultants, of Minneapolis, an IT risks service provider, for $7 million. CynergisTek says its healthcare with recurring third-party audits required by the U.S. Drug Enforcement Agency can benefit from Backbone’s services.
October
Oct. 30. ConnectWise, of Tampa, Fla., a managed services provider, announces acquisition of Continuum, of Boston, a global innovation design consultancy. Financial terms of the deal were undisclosed. Continuum CFO Geoffrey Wilson says deal will push ConnectWise further into the cybersecurity realm.
Oct. 28. Fortinet, of Sunnyvale, Calif., a maker of network security appliances, announces acquisition of enSilo, of San Francisco, an endpoint security company. Financial terms of the deal were undisclosed. The acquisition is believed to be a solid move for Fortinet because nearly every cybersecurity vendor has some kind of endpoint solution in their repertoire.
Oct. 21. Trend Micro, of Tokyo, Japan, a platform security company, announces acquisition of Cloud Conformity, of Pyrmont, Australia, maker of a security tool for AWS, for $70 million. COO Kevin Simzer says acquisition will help Trend Micro address misconfigurations and unprotected user accounts in the public cloud space.
Oct. 18. Cerner Corporation, of Kansas City, Mo., a global health platform maker, announces definitive agreement to acquire AbleVets, of Chantilly, Va., a consulting and engineering company. Financial terms of the deal were undisclosed. AbleVets will add to Cerner’s manpower pool 350 professionals — many of them veterans — specialized in cybersecurity, agile engineering, analytics, and technology enablement. AbleVets will operate as a wholly-owned subsidiary of Cerner.
Oct. 17. Atos, of Bezons, France, a multinational information technology service and consulting company, announces acquisition of IDnomic, of Issy-les-Moulineaux, France, a provider of trust services for protecting digital identities. Financial terms of the deal were undisclosed. Acquisition is expected to extend Atos’s reach in the global identity and access management (IAM) and public key infrastructure (PKI) solutions markets.
Oct. 16. SailPoint, of Austin, Texas, an identity and access management provider, acquires two cloud security startups. It purchases OverWatchID, of Denver, for $21 million, and Orkus, of San Jose, Calif., for $16.5 million. SailPoint says the acquisition of OverWatchID will enable it to improve the application of access controls, particularly in cloud-based environments, while the addition of Orkus will allow SailPoint customers to use artificial intelligence and machine learning to continuously monitor access relationships and patterns on public cloud platforms.
Oct. 15. Rapid7, of Boston, a provider of security and analytics solutions, announces acquisition of tCell, of San Francisco, a provider of web application threat defense and monitoring. Financial terms of the deal were undisclosed. Rapid7 says that the runtime application self-protection (RASP) and web application monitoring offered by tCell is expected to extend the capabilities of Rapid7’s offerings by enhancing web application security at every level — from browser to server — helping organizations identify and block attacks.
Oct. 14. Thoma Bravo, of Chicago, a private equity firm, announces plans to buy Sophos, of Abington in the United Kingdom, a maker of network security and threat management products, for $3.9 billion. Thoma Bravo managing partner Seth Boro says the equity firm can help accelerate the evolution and growth of Sophos.
Oct. 12. Shareholders of Raytheon Company, of Waltham, Mass., and United Technologies, of Hartford, Conn., approve merger of the two companies. The merged company, which will be headquartered in the Boston area, will have initial annual combined revenue of about $74 billion, making it the second-largest aerospace and defense company in the U.S. after Boeing.
Oct. 11. Alibaba Cloud, a subsidiary of Chinese e-commerce behemoth Alibaba, announces plans to acquire Chaitin Tech, of Beijing, a cybersecurity services provider. Financial terms of the deal were undisclosed. Chaitin says that it can help Alibaba Cloud to significantly boost the capability of its security services to its large government and enterprise clients.
Oct. 9. Akamai Technologies, of Cambridge, Mass., a cloud services provider, announces acquisition of ChameleonX, of Tel Aviv, Israel, a maker of run-time web application self-protection solutions. Financial terms of the deal were undisclosed, but one report pegged its worth at $20 million.
Oct. 8. VMware, of Palo Alto, Calif., a provider of cloud and virtualization services, completes acquisition of Carbon Black, of Waltham, Mass., an endpoint security provider, for $2.1 billion in cash. VMware says its offerings combined with Carbon Black’s technology will deliver a highly-differentiated intrinsic security platform across network, endpoint, workload, identity, cloud, and analytics that will bring a new paradigm to the security industry.
Oct. 8. Wray Castle Group, of London, a holding company dedicated to serving the global telecommunications and cybersecurity industries, announces acquisition of Wray Castle Training, of Bridge Mills in the United Kingdom. Financial terms of the deal were undisclosed.
Oct. 4. ReliaQuest, of Tampa, Fla., an enterprise cybersecurity provider, announces acquisition of Threatcare, of Austin, Texas, maker of a breach and attack simulator. Financial terms of the deal were undisclosed. ReliaQuest says acquisition will increase protection for ReliaQuest’s enterprise customers by providing integrated threat simulations that validate controls, content, and accompanying workflows instantly, enabling proactive improvement of security programs.
Oct. 3. Tesserent, of Camberwell, Australia, a network security provider, announces plans to acquire the security division of PS&C, of Melbourne, Australia, a professional services company, for 16 million Australian dollars (US$11 million). The acquisition will make Tesserent Australia’s largest listed dedicated cybersecurity business, with more than AU$30 million in revenue forecast for FY20.
Oct. 1. Blumshapiro, a national accounting firm based in West Hartford, Conn., announces merger with SunBlock Systems, of Reston, Va., a provider of cybersecurity, digital forensics and business intelligence services. Financial terms of the deal were undisclosed. Blumshapiro CEO Joseph A. Kask says the move will expand the accounting firm’s capabilities by providing clients with expertise in the growing area of global security and intelligence.
Oct. 1. K2 Intelligence, of New York City, a provider of specialized risk services to corporations, governments, and individuals, signs definitive agreement to acquire the Financial Integrity Network, of Washington, D.C., a strategic advisory firm. Financial terms of the deal were undisclosed. K2 CEO Jeremy Kroll says the combined firms makes them leaders in the governance, risk, and compliance market.
John P. Mello, Jr. is a freelance writer specializing in business and technology subjects, including consumer electronics, business computing and cyber security.