Work-at-home due to COVID-19 is a boon to cybersecurity firms but the surging demand is putting dealmaking on the backburner.
By Chris Metinko and Kyle LaHucik, with analytics by Philip Segal
Coronavirus and its aftermath may provide new markets for cybersecurity companies, but will also slow the flood of money into financings and deal-making in the sector.
The COVID-19 crisis has turned the US workforce into a work-from-home army, giving new access points to malware, cyber viruses and phishing attacks. While that may provide new opportunities for many of the 4,000-plus cybersecurity companies, the overall economic impact is likely to slow transactions. “You will see a sharp decline in both” financings and dealmaking, predicted Eric McAlpine, managing partner at the San Francisco-based advisory firm Momentum Cyber.
Dealmaking in cybersecurity exploded last year, more than tripling to $33.7 billion in total value globally from $9.5 billion in 2018, according to Mergermarket date. The largest deal was Broadcom’s
“Mergers and acquisitions that were on schedule to close in the next few weeks might very well be canceled, and certainly renegotiated,” said a private investor in cybersecurity. “Private deals will be renegotiated. It’s the perfect storm on that score.”
With more people working from home, the attack surface for attackers has never been wider in the US As a result, many subsectors of cybersecurity will see increased opportunities because of the current situation, according to executives. Sectors such as Secure Access Service Edge, which helps support secure network connectivity and cloud access, should see significant growth as companies look to secure their infrastructure.
Large companies in SASE include VMware
Companies with strong financials could be beneficiaries of a new cybersecurity market, said McAlpine. Companies such as Palo Alto Networks, Proofpoint, VMware and Crowdstrike all could look at making deals, he added. “For companies with strong balance sheets, there will be very good values out there,” he added. The fear of the virus also offers the chance for new phishing scams, as well as fake websites and social media profiles, which is why training employees on the cybersecurity threats becomes important.
“The pandemic has made bad guys hyperventilate,” said Stu Sjouwerman, CEO of Tampa Bay, Florida-based cybersecurity awareness training company KnowBe4. With so many people working from home and in unfamiliar environments, Sjouwerman said his company’s training may be more valuable than ever. “People need education.”
COVID-19 will unlock new security vulnerabilities that will make services such as managed detection and response, managed endpoint and response and vulnerability management services a must for companies with large work-from-home bases, said Charlie Thomas, CEO of Denver-based deepwatch . The company is looking to raise a $50 million Series B at some point later this year and dialogue with investors has continued despite the pandemic. “We think that at the end of the day, these PE groups have a long-term perspective and long-term horizon,” said Thomas, adding private equity now may be more selective and opportunistic, wanting a discount on price due to the virus’s impact.
Despite the overall market optimism, Thomas said the company is “being careful on growth the last couple of weeks,” and doing lots of scenario modeling on different economic impacts overall. Thomas said his company has continued to receive strategic inbound M&A inquiries during the past few weeks.
“That will likely continue,” he added.
Chris Metinko is a San Francisco reporter covering technology, media and telecommunications for Mergermarket and Dealreporter. Kyle LaHucik is a Chicago reporter covering technology, media and telecommunications for Mergermarket. Philip Segal is the Head Analyst for Mergermarket – Americas based in New York.