Despite a pandemic that raged around the globe for the better part of the year, the cybersecurity market retained investor interest in 2020 and many in the sector expect next year to be no different.
“Security is a red hot sector with more and more money pouring into it,” said Andrew Atherton, managing director at Union Square Advisors.
Funding numbers remained strong this year, according to Crunchbase data. The cybersecurity sector saw more than $8.1 billion invested to date globally this year and nearly $6.3 billion in the U.S. That compares to $7.4 billion globally and $4.7 billion in the U.S. last year.
Large deals in 2020 include Santa Clara, California-based Netskope hauling in $340 million in February; Mountain View, California-based SentinelOne raising $267 million in November; Dallas-based StackPath closing a $216 million Series B in March; and Minnesota-based Arctic Wolf announcing a $200 million raise in October.
Merger and acquisition dealmaking in the cybersecurity sector did take a hit, with values dropping from $28.1 billion in 2019 to $13.8 billion at the end of the third quarter this year, according to San Francisco-based financial advisory firm Momentum Cyber.
Despite the drop in dealmaking, Atherton said he hears from corporate development teams of large companies that they get approached on a daily basis by startups and growing cybersecurity firms interested in strategic dealmaking and partnerships.
Atherton said he expects dealmaking to remain strong in 2021, after it picked up significantly in the second half of the year. More nontraditional buyers could help push the market, he said, pointing to Fastly acquiring Signal Sciences in August for $775 million as an example.
Large tech companies like IBM also have grown their health care security divisions, said Kinsella, whose firm invested in New York-based medical device security provider Cylera in 2018.
Nevertheless, investment in the area lags behind other cybersecurity verticals, but a strong 2021 is a possibility.
“Right now it’s a decade behind,” Kinsella said, “but I can see interest picking up.”
Kubernetes and containers
The use of containers in building modern applications has grown through recent years, with open-source software platform Kubernetes becoming a popular way to deploy and manage those containers.
“Cloud infrastructure security is hot and Kubernetes and container security is just a natural extension,” Boukouris said.
That space already has seen significant dealmaking. Palo Alto Networks bought RedLock for $173 million in 2018 and followed that with its acquisition of Twistlock for $410 million and PureSec for an undisclosed amount last year. The cybersecurity giant used that trio to create its cloud security offering Prisma Cloud. Then in April, Rapid7 bought cloud security posture management company DivvyCloud for approximately $145 million.
Venture capital also has rolled in. In September, Mountain View, California-based StackRox raised a $26.5 million round, while in May, Israel-based startup Aqua Security raised $30 million, and Mountain View, California-based Lacework raised a $42 million Series C in the second half of last year.
While the space still is developing, Boukouris said he thinks more money will flow into the area because cloud infrastructure is so hot.
Regardless of what the next big thing is in cybersecurity, it’s guaranteed more tools and complexity will come into the space. That means security services—the unsexy subsector of managing security tools—also will remain interesting to investors.
“There is some great technology out there, but because there’s so much you need someone to manage it,” Boukouris said. “That’s why the space is red hot. There is interest from VC and private equity alike.”
Companies like Arctic Wolf, as well as others such as deepwatch and eSentire, which help manage tools and offer security operation center services, continue to attract investor interest as offerings proliferate throughout the sector, Boukouris said.
“The more tools get complicated, the better services companies need to manage them,” he added.
Atherton said he expects cybersecurity as a whole will see high single-digit to low double-digit growth in spend next year, with strategics and investors eyeing bigger slices of the pie.
“I don’t think you’ll see much of a slowdown in M&A or investment in the sector,” he said “It remains very hot.”
Picture from freepik.com