Cybersecurity mergers and acquisitions. PHOTO: Cybercrime Magazine.

Cybersecurity M&A Report, Vol. 4, No. 4: Cisco’s $730M Deal Tops Recent M&A Activity

Deal flow includes Atos, Palo Alto Networks, Cisco, ManTech, IBM, and Deloitte

 – Hillarie McClure, Multimedia Director

Portland, Maine  – Jan. 20, 2021

Cybersecurity Ventures tracks M&A deal flow covering startups, emerging players, and the largest tech vendors. Read on for activity in the most recent quarter.


Dec. 29. Cerberus Cyber Sentinel Corp. has acquired Alpine Security. Financial terms of the deal were not disclosed. Alpine provides cybersecurity services and training, with a focus on cybersecurity testing for the medical device industry. The acquisition, Cerberus said, will strengthen the company’s cybersecurity compliance and penetration testing divisions. In a press release, officials said Alpine “will continue to specialize in medical devices, addressing the expanding demand from health care clients.”

Dec. 23. White Ops has been acquired by Goldman Sachs Group Inc.’s Merchant Banking Division in partnership with venture capital firms ClearSky Security Fund and NightDragon. Financial terms of the deal were undisclosed. White Ops customers have grown 40 percent over 2020 and the company says it’s now processing more than 10 trillion interactions per week.

Dec. 21. IBM to purchase Nordcloud to add multi-cloud consulting expertise. The companies did not disclose the purchase price. In October, IBM announced their plans to spin out its legacy infrastructure management business, placing an all-in bet on the hybrid cloud. Nordcloud fits neatly into this strategy with 500 consultants certified in AWS, Azure and Google Cloud Platform, giving the company a trained staff of experts to help as they move away from an IBM-centric solution to choosing to work with the customer however they wish to implement their cloud strategy.

Dec. 18. PDI acquired Cybera Inc. and ControlScan Managed Security Services. Both are leading providers of managed security service solutions to protect customers against cybersecurity threats. “Security is becoming increasingly important in our industry as many businesses embrace their own digital transformation and deploy more in-store applications and edge devices,” said Jimmy Frangis, CEO at PDI.

Dec. 17. CloudMD has signed a binding term sheet to acquire IDYA4, a leading data integration and cybersecurity company with a focus on the health and wellness sector. IDYA4 has built a proprietary technology platform that provides improvements in data access, management, security and integration, as well as proactively providing protection against cyberattacks.

Dec. 16. ManTech International has acquired cybersecurity solutions provider Tapestry Technologies. ManTech specializes in cyber operations, data collection, and analytics that support national and homeland security. They will add Tapestry’s 150 cybersecurity professionals to their team.

Dec. 16. Atos acquired Motive ICT Security, the largest independent managed security services (MSS) provider in the Netherlands. This acquisition will reinforce Atos’ position as the third worldwide MSS provider and expand its capabilities in key areas such as threat detection and response.

Dec. 15. Palo Alto Networks acquired Expanse Inc. for $670 million in cash and stock, and approximately $130 million in replacement equity awards. With the recent case of the SolarWinds vulnerability, Expanse’s unique level of security visibility through continuous scanning of exposed assets is critical and timely. Nikesh Arora, chairman and CEO of Palo Alto Networks, stated, “This week is another reminder that organizations face an ever-expanding attack surface and increasingly sophisticated threats. Integrating Expanse’s capabilities into Cortex will enable us to offer the first holistic solution for attack surface management, threat detection, and response. Together we can help CISOs and operations teams proactively address all security threats.”

Dec. 14. Cisco to acquire IMImobile for $730 million. The cash offer is based on a price of 595 pence for each share of IMImobile, including debt. IMImobile offers software and services which allow enterprises and organizations to stay constantly connected to their customers through enhanced interactive channels including social, messaging and voice. Once the deal has completed in Q1 of 2021, Cisco will be able to offer customer-facing businesses with an end-to-end customer interaction management solution and rich customer experiences.

Dec. 14. Intelligent Waves LLC announced their acquisition of cybersecurity firm Ski Systems Inc. Financial terms of the transaction were not disclosed. This acquisition will provide Intelligent Waves, a service-disabled and veteran-owned small business, cybersecurity compliance expertise. Founder Jared Shepard, a U.S. Army veteran, stated, “We are excited to add Ski Systems as part of our strategic growth in delivering trusted innovation to government. This acquisition plays a major role in fulfilling our vision of helping secure our nation’s most critical communications infrastructures.”

Dec. 9. CyberCX made another acquisition with Foresight. Specialist cybersecurity consultancy Foresight will strengthen CyberCX’s Canberra footprint and solidify their capability and credentials as “Australia’s leading cybersecurity organization.”

Dec. 9. Alstom finalized a deal to invest $7 million in Israel-based Cylus, thus acquiring a minority stake in the company. Alstom and Cylus will integrate cybersecurity technology into railway processes, components, and solutions. The technology will be implemented first in the Tel Aviv metropolitan light rail system.

Dec. 9. SilverSky was purchased by Richard Dobrow and Cary Conrad, along with support from members of the current management team. Financing for the transaction was led by SQN Venture Partners LLC. Dobrow, most recently co-founder of outSOC, will assume the role of chairman & CEO. Cary, former president of IntegralisAG, will lead business development initiatives. SilverSky is an experienced MSSP with operations experience of more than 22 years and revenues in excess of $50 million.

Dec. 8. Fortinet purchased Panopta to gain visibility into and automate management of enterprise network components. Financial terms of the deal were undisclosed. Fortinet chairman and CEO, Ken Xie, explained in a statement, “Fortinet’s acquisition of Panopta complements our best-in-class security offerings with a SaaS platform that provides further network visibility and agile remediation for hybrid environments, including edge and cloud networks, to achieve even greater security and business efficiency.”

Dec. 8. NortonLifeLock to acquire Avira in an all-cash transaction for approx. $360 million. Avira provides a consumer-focused portfolio of cybersecurity and privacy solutions to a strong European market and key emerging markets. This acquisition is expected to accelerate NortonLifeLock’s international growth and add approximately three points of growth to NortonLifeLock’s revenue with more than 1.5 million paying customers.

Dec. 5. Deloitte Consulting is acquiring HashedIn Technologies, an Indian-based SaaS software development firm that works closely with Amazon Web Services, Microsoft, Confluent, Salesforce, and RedisLabs. Financial terms of the deal were not disclosed. Dan Helfrich, chairman and CEO, Deloitte Consulting, said, “Our two organizations embrace a passion for innovation, digital transformation and commitment to creating the best talent experience for our people. Together, we will help our clients to imagine, deliver and run their futures with cloud.” Deloitte employs more than 50,000 worldwide. HashedIn has 700 employees.

Dec. 3. Imprivata acquires FairWarning, boosting its threat detection intelligence across various healthcare enterprises. Terms of the deal were not disclosed. With the addition of FairWarning, Imprivata says it will be able to offer its customers a single digital identity platform combining role-based access controls, identity governance and data privacy compliance.

Dec. 2. Ivanti acquired both MobileIron and Pulse Secure to improve their zero trust, cloud, and managed IT security portfolio. Ivanti purchased outstanding MobileIron stock for approximately $872 million. Financial terms of the Pulse Secure purchase were not disclosed. Ivanti is exploring how zero trust security practices and contextual automation can improve remote infrastructure — adopted by more companies than ever due to the disruption caused by COVID-19.

Dec. 2. WELL Health Technologies acquired Source 44. The purchase price was $10.5 million in cash and shares. Source 44 is WELL’s second cybersecurity acquisition. WELL Health owns primary care clinics across Canada and provides electronic medical records services. “WELL is becoming a highly diversified business and we view cybersecurity as a key growth vertical for the company going forward and Source 44 accelerates WELL’s overall cybersecurity and risk management program,” said Hamed Shahbazi, the chairman and CEO of WELL.

Dec. 1. TCDI acquired Cicayda LLC. TCDI will integrate Cicayda’s software, iDiscovery®, into their proprietary technology and services, and TCDI will expand their existing cybersecurity toolkit with Cicayda’s social media collections tool, Novara.


Nov. 19. FireEye acquired Respond Software for $186 million. FireEye had its eye on Respond’s Analyst product, which it plans to fold into its Mandiant Solutions platform. Like many companies today, FireEye is focused on using machine learning to help bolster its solutions and bring a level of automation to sorting through the data, finding real issues and weeding out false positives. The acquisition gives them a quick influx of machine learning-fueled software.

Nov. 19. Acronis acquires CyberLynx, a leader in security audits, pen-tests, cyber forensics, and training services. Drawing on CyberLynx’s expertise in threat simulation and analysis, Acronis can better assist MSPs and MSSPs. With this acquisition, Acronis adds new layers of dynamic security and training services to its community of 50,000 IT channel partners.

Nov. 17. Flashpoint acquired CRFT Inc., to bring no-code automation to threat intelligence. This acquisition augments the value of Flashpoint’s intelligence by empowering security and threat teams to streamline workflows and trigger actions that mitigate threats automatically.

Nov. 12. ManTech International made their first acquisition move of the year, purchasing Minerva Engineering. Kevin Phillips, ManTech chairman and CEO, stated, “The addition of Minerva Engineering is highly complementary and further builds upon our differentiated cyber offering, delivering more to our customers while positioning us for continued growth.” The move comes a week after ManTech reported $636 million in third-quarter revenue, backed in part by cyber contract wins with the DoD and Navy.

Nov. 11. ConnectWise acquired Perch Security and StratoZen, two cybersecurity firms dedicated to the needs of SMBs. The acquisitions aim to change the way technology service providers (TSPs) and managed service providers (MSPs) think about security. The objective is to eliminate the many silos around point solutions that plague the MSP industry. “We recognized the economics of things,” said Jeff Bishop, chief product officer, ConnectWise. “We knew that we couldn’t keep layering cost on top of cost. At an endpoint and end-user level, enterprise costs won’t scale in the SMB market. This strategy is financially feasible for an MSP to take to these small and midsize businesses.”

Nov. 11. Barracuda acquires Fyde, a Zero Trust Networks Access (ZTNA) provider based in Palo Alto, Calif., and Porto, Portugal. “Remote work is here to stay, cloud migrations are accelerating, and traditional corporate perimeters have disappeared,” said BJ Jenkins, president and CEO at Barracuda. Jenkins continues, “Fyde offers a powerful ZTNA solution that works on any infrastructure, any device, and with any application on a corporate network. With this acquisition, Barracuda is providing distributed businesses a new way to modernize remote access, enforce global security and access policies, and achieve seamless connectivity without compromising productivity.” Financial terms of the deal were not disclosed.

Nov. 9. EY Canada, part of Ernst & Young, has acquired IDMSense. IDMSense is a boutique digital identity firm and MSP that offers privileged access management, secrets management, and cloud-based identity management services. Financial terms of the deal were not disclosed.

Nov. 9. Zix purchased CloudAlly for $30 million in cash according to a filing with the U.S. SEC. This purchase will help Zix customers safeguard Microsoft Office 365, Google Workspace, SharePoint, OneDrive, Salesforce, Dropbox and Box with backup and recovery from any point-in-time, with unlimited data retention.

Nov. 4. J2 Global Inc. has acquired Inspired eLearning. Financial information was not made public. Inspired eLearning will add security awareness training to J2’s suite of endpoint, email, virtual private network and backup solutions.

Nov. 4. Hexagon AB acquired PAS Global LLC for an undisclosed amount. PAS will be integrated into Hexagon’s PPM (formerly Integraph Process, Power & Marine) division and will bring a new cybersecurity-focused business segment into Hexagon’s existing business along with delivering more than 500 customers across 1,450 sites in 70 countries. PAS customers include 13 of the top 15 refining companies in the world, 13 of the top 15 chemicals, four of the top five in pulp and paper, three of the top five in mining and seven of the top 20 power generation companies.


Oct. 29. Newlight Partners has acquired a majority stake in Pondurance. Pondurance is a leader in Managed Detection and Response (MDR) services and proceeds from the investment will support its growth in the rapidly expanding MDR market, drive its R&D and innovation capabilities, and bolster its leadership team.

Oct. 29. Parsons will acquire Braxton Science & Technology Group for $258 million. Braxton will be merged into Parson’s space and geospatial business. This acquisition “complements our space portfolio, increases our product offerings in high-growth markets, and adds critical intellectual property that complements and expands our capabilities for the U.S. Air Force, Space Force, and research laboratories,” said Chuck Harrington, Parsons’ chairman and chief executive officer.

Oct. 26. Francisco Partners is acquiring Forcepoint from defense contractor Raytheon Technologies. Forcepoint’s technology helps organizations to monitor and protect networks, endpoints, data, and users. The company develops behavior-based solutions that adapt to risk in real-time and are delivered through a cloud-native security.

Oct. 22. Atos reached an agreement to acquire SEC Consult Group. The acquisition will confirm Atos’ leading position in cybersecurity devices in the DACH (Germany, Austria, Switzerland) region with more than 600 experts and will strengthen its number 1 position in Europe. Closing of the transaction is expected to take place by year-end and subject to antitrust filings.

Oct. 20. Juniper Networks buys startup 128 Technology for $450 million. The acquisition will enable Juniper Networks to accelerate AI-driven enterprise, a key area where they are seeing enormous success. Juniper will combine the Session Smart technology with its own technology portfolio to create a modern AI-driven network that optimizes user experiences from the client to the cloud, Juniper said.

Oct. 13. Atos announced that it has completed the acquisition of Atos will benefit from a key asset in the fight against IoT threats and vulnerabilities thanks to CERT-DS, the first European CERT™ (Computer Emergency Response Team) developed by with a dedicated lab to test the security of IoT devices, with hardware to software reverse engineering, de-assembling and radiofrequency signal decoding.

Oct. 12. Atos completed the acquisition of Paladion, a U.S.-based global MSSP, welcoming 800 Paladion employees and cybersecurity experts. This acquisition will bring key Managed Detection & Response (MDR) capabilities to the Atos portfolio, as well as expand global coverage for cybersecurity monitoring and response with four additional SOC in the U.S., Middle East, and India.

Oct. 6. ZeroFox acquired Cyveillance for an undisclosed amount. This deal creates the industry’s largest threat intelligence team. ZeroFox will employ more than 400 workers and plans to add nearly 100 more by next year, said James C. Foster, the company’s chairman and CEO. “The major asset we acquired was Cyveillance’s historical data threat intelligence set. We now think we have the most complete set of cyber threat data in the world,” Foster said.

Oct. 6. Veeam acquired Kasten, a provider of Kubernetes data management, in a cash and stock transaction worth $150 million. The Kasten K10 platform will continue to be available independently. It will also be integrated into Veeam Backup and Replication. That will offer a comprehensive data management solution.

Oct. 5. Converge Technology Solutions has acquired Unique Digital Technology for a valuation of 3.1 to 4.4 times EBITDA for the trailing 12-month period ending August 31, 2020. The valuation range is based on multiple earn-out variables. The Houston-headquartered Unique Digital is primarily focused on architecting and implementing solutions in big data, cloud, data protection, networking, security, and virtualization.

Oct. 2. Rockwell Automation acquired Oylo, a privately-held industrial cybersecurity services provider based in Barcelona, Spain. Oylo provides a broad range of industrial control system (ICS) cybersecurity services and solutions. “As connected smart devices are introduced into the plant floor, having a comprehensive cybersecurity strategy that spans across industrial operational technology (OT) and information technology (IT) is more critical now than ever before. We are dedicated to the success of our customers in their Connected Enterprise journey, and the deep domain expertise that Oylo brings to Rockwell Automation will further accelerate our ability to provide this expertise globally,” said Frank Kulaszewicz, senior vice president, Lifecycle Services at Rockwell Automation. Terms of the deal were not disclosed.

Oct. 2. Tetra Tech has acquired BlueWater Federal Solutions. The addition of BlueWater’s expertise will expand Tetra Tech’s advanced analytics business. The group’s expertise in cybersecurity, mission-critical systems design, and development and operation of federal enterprise systems will be a boon for Tetra Tech, the company said.

Oct. 2. TA Associates has acquired Netwrix. TA Associates is a global growth private equity firm focused on technology, healthcare, financial services, consumer, and business services sectors. Michael Libert, an SVP at Ta Associates, stated, “With its powerful, easy-to-use products and streamlined business model, Netwrix has become a leading provider of data security products for the mid-enterprise market. Netwrix has an abundance of security, audit and compliance experience and more than 7,000 paying organizations that are deriving value from their experience with Netwrix.”

Oct. 1. Cisco to acquire Portshift for a reported $100 million. Portshift, a Tel Aviv-based startup, focuses on application security for cloud-native development environments. Their Kubernetes-native security platform will help Cisco secure a bigger portion of the lifecycle of cloud applications and workloads.

Oct. 1. Fastweb acquired 70 percent of 7Layers, a leader in IT cybersecurity services. The 7Layers agreement is also part of the broader strategy of the positioning of Fastweb in the market as an OTT Infrastructured operator, also within the cybersecurity field, a component that is increasingly more relevant for the enterprise sector. A strategy that, in addition to the growth of external lines, is also supported by concurrent and significant investments in technology and infrastructures, which in the first six months of 2020 have already reached €276 million.

Oct. 1. Imperva acquired jSonar for an undisclosed amount. Imperva said the acquisition “will pioneer a bold new approach to securing data through all paths, including on-premises, cloud, multi-cloud and Database-as-a-Service (DBaaS).”

M&A Report Archives

Hillarie McClure is Multimedia Director at Cybercrime Magazine.