SOME BIG CYBER SECURITY ACQUISITIONS
BY – VATSAL LAKDAWALA
Companies placed big bets on securing applications and unmanaged IoT devices as well as risk and compliance in the first half of 2020, with eight of the period’s 10 biggest acquisitions focused around these technology areas. Private equity , technology giants and pure-play security mainstays collectively spent more than US$8.5 billion on the year’s most significant deals, scooping up nearly 6,700 employees from an assortment of legacy firms and late-stage startups. Two of the acquired entities were founded in the 1980s, five were founded in the 2000s, and three were established in the 2010s.
Five of the acquired companies are based in Silicon Valley, two are based elsewhere in the Western U.S., two are based in the Northeastern U.S., and one is based in Israel.
HERE ARE SOME OF THE BIGGEST ACQUISITIONS .
1. Accenture acquires Symantec Cyber Security Services
Price of purchase: US$200 million (Momentum Cyber)
Accenture in April purchased Symantec’s Cyber Security Services business from Broadcom.
The Dublin, Ireland-based company said the acquisition also included Symantec’s global threat monitoring and analysis capabilities through a network of six operation centers located in the U.S., the U.K., India, Australia, Singapore and Japan. The Cyber Security Services business has more than 300 employees globally. The focus point of the deal is Symantec’s managed security services business, which delivers a steady stream of technical and cyber adversary threat intelligence through a portal which can be customised. The transaction came just six months after Broadcom closed its US$10.7 billion acquisition of Symantec’s Enterprise Security business, which included the Cyber Security Services assets.
2. Digital.ai acquires Arxan Technologies
Price of purchase: US$225 million (Momentum Cyber)
Arxan Technologies in April was acquired and brought together with CollabNet, VersionOne and XebiaLabs to form Digital.ai. The TPG Capital-backed company looks to create the industry’s first intelligent value stream platform by combining agile planning, application security and software delivery.Digital.ai looks to help the world’s largest enterprises create operational efficiencies across development, IT operations and security and deliver high-quality, secure digital experiences their customers can trust. San Francisco-based Arxan’s existing shareholder, TA Associates, sold its stake in the company as part of the combination.
Arxan’s addition to the new Digital.ai platform provides a unique set of capabilities that offer “Security by Design,” with application security at the planning level ensuring organizations are compliant from the start. And the company’s continuous app protection and real-time threat data feedback capabilities can reduce unnecessary churn or delays toward the end of the development life cycle, Digital.ai said.
3. LexisNexis risk solutions acquires ID analytics
Price of purchase: US$375 million (SEC filing)
LexisNexis Risk Solutions in January purchased ID Analytics from NortonLifeLock to enhance its credit and fraud risk assessment capabilities for enterprises.The Atlanta-based risk management business said its proposed acquisition of San Diego-based ID Analytics will help with the delivery of risk insight through a combination of proprietary data, patented analytics, and near-real-time cross-industry consumer identity behavior.
ID Analytics has become part of the LexisNexis Risk Solutions Business Services group, which uses data, technology, linking and analytics to deliver actionable insight that enables businesses to better analyze and assess risk. More than 450 companies in the US rely on ID Analytics to make risk-based decisions to improve customer experience, enhance revenue, reduce fraud and drive cost savings.
4. Palo Alto Networks acquires CloudGenix
Price of purchase: US$402.7 million (SEC filing)
Palo Alto Networks in April purchased CloudGenix to accelerate the on-boarding of remote branches and retail stores into the company’s secure access service edge (SASE) platform.
The platform security giant said its acquisition of CloudGenix will address network and security transformation requirements and accelerate the shift from SD-WAN to SASE. The proposed deal will extend the breadth of the Palo Alto Networks’ Prisma Access SASE platform, which delivers cloud security across the globe for all users.CloudGenix said its cloud-delivered autonomous WANs have revolutionized branch offices. The company gives enterprises cloud-scale economics for the branch office with the freedom to use any WAN, cloud or best-of-breed infrastructure service, according to the company.
5.Hellman & Friedman acquires Checkmarx
Price of purchase: US$1.15 billion (press release)
Checkmarx was purchased in April by private equity firm Hellman & Friedman (H&F) in the largest acquisition of an application security company to date.
The Israel-based vendor said the proposed acquisition will bolster Checkmarx’s already outstanding growth at a time when software security is critical for modern enterprises. More than 40 of the Fortune 1000 have turned to Checkmarx to mitigate risk, secure code and embed security into the software development life cycle, according to the company. Checkmarx had grown its head count at the time of the acquisition to more than 700 people, up 28 percent from 534 employees a year ago and 73 percent from 395 employees two years ago. The company had been owned by Insight Partners since receiving an US$84 million investment from the firm in June 2015. Insight planned to retain a significant minority stake in Checkmarx following the sale to H&F.
6. Advent International to acquire Forescout
Price of purchase: US$1.9 billion (Press Release)
Forescout in February agreed to be purchased by private equity firm Advent International less than two and a half years after going public. The deal is expected to provide the San Jose, Calif.-based IoT security vendor with the flexibility needed to continue investing in the development and deployment of leading-edge cybersecurity products and tools that serve the evolving needs of enterprise customers.
But Advent told Forescout on May 15 that it would not be closing the deal as scheduled, and Forescout said the two sides were having discussions regarding timing to close and the terms of the transaction. Then on May 20, Forescout sued Advent for allegedly violating the terms of their acquisition agreement, arguing that that all closing conditions are satisfied and that Advent is obligated to close the transaction. Advent said its analysis found that Forescout has experienced a material adverse effect to its business, financial condition and operational results, and believes the vendor will lack the ability to meet its financial obligations as they become due based on its expected post-closing financial condition. A trial in the Delaware Court of Chancery has been set for the week of July 20.
7. Symphony Technology Group to acquire RSA Security
Price of purchase: US$2.08 billion (SEC filing)
Dell Technologies in February agreed to sell RSA Security to private equity firm Symphony Technology Group (STG) less than four years after acquiring the encryption pioneer.
The technology giant said the sale of Bedford, Mass.-based RSA will allow Dell to simplify its security strategy to focus on securing and protecting data at the edge, in the core and in cloud environments. The transaction includes RSA’s four product lines as well as the RSA Conference, and is expected to close by the end of October. Dell said it sought a buyer that was enthusiastic about RSA’s mission, committed to its customer and partner base, and interested in maximizing RSA’s talent, experience and growth potential. Dell said it ultimately determined that Palo Alto, Calif.-based STG would be the right custodian to achieve those goals.