January Cyber Intelligence Review

Ending a year that witnessed several high-profile cybersecurity breaches, December saw two of the year’s largest.  National retailer Target Corp. reported  a breach of it users’  credit and debit card data that affected approximately  40 million accounts, with the perpetrators gaining access to card numbers and encrypted PIN data.  Additionally, 4.6 million user names and associated mobile phone numbers were stolen and partially published online, in association with social communication company Snapchat.

December was a strong month for IT security M&A.  Identity-based security solution provider Entrust was acquired by Datacard Group for $500 million, at an EV / EBITDA multiple of ~4.17x. The combination of Datacard’s personalized card and secure identification solutions with Entrust’s digital identity capabilities is expected to create an integrated platform of physical and digital security solutions that will reduce complexity for customers’ identification ecosystem.  Additionally, Akamai Technologies acquired Prolexic Technologies, a provider of cloud-based distributed denial of service (“DDoS”) protection solutions, for $370 million, in order to expand its portfolio of network security solutions.

IT security companies also experienced a robust market for VC funding in December.  Fundings for the month reached $130 million, bringing total YTD funding to $1.2 billion.    Mobile device security developer Mocana raised $15 million in a Series E funding round that will be used to further develop security technologies aimed at protecting the growing number of sensor-embedded, network-enabled devices, commonly referred to as the “Internet of Things.”  AlienVault, a provider of open source tools for vulnerability assessment and security intelligence, raised $30 million in a Series D funding round  in an effort to scale  its  global sales and marketing  initiatives.  The Big Data market also made funding headlines with Palantir’s $107.5 million Series I round that implied a valuation of approximately $9 billion for the CIAbacked data analytics firm.

Click here to review the Cyber / Intelligence monthly post.

Interrelated M&A and Venture Capital Trends Signal Increased 4Q13 / 1Q14 M&A Activity

Venture capital (“VC”) activity has continued to remain strong for both cybersecurity and big data companies.  During the first half of 2013, cybersecurity and big data firms have secured $2.0 billion in funding, representing an 81.0% increase over the first half of 2012.  Similarly, M&A activity for cybersecurity and big data companies has continued at a healthy clip over the past year.  During the first half of 2013, announced deals rose 20.6% over levels seen during the same period in 2012, with 1H13 deals climbing to 82.  Examining quarterly data from 1Q12 – 2Q13 more closely, the relative movements of these respective M&A and venture capital markets have roughly mirrored each other, as VC investors appear to see favorable exit potential from cybersecurity and big data investments.  The relation between M&A and venture capital markets can be seen in the two Figures below.

As illustrated in Figure 1, increases in VC funding levels over the past six quarters have been met with similar increases in M&A activity.  Additionally, as Figure 2 highlights, the number of total funding rounds has acted roughly as a leading indicator of the trends in the M&A market.

Macroeconomic headwinds, including a government shutdown that catapulted many businesses into uncharted territory, led to a sharp decline in M&A activity in 3Q13.  However, the surge in 3Q13 VC funding displays VC firms’ willingness to continue to deploy significant amounts of capital, despite market uncertainties, as they position themselves to capitalize on an expected rebound in M&A activity.

Given the historical VC funding trends illustrated below and 3Q13 VC confidence, we expect to see M&A markets rebound in late 4Q13 / 1Q14 to levels more closely related to that of current VC funding.

June Cyber Intelligence Review

The month of May featured several cybersecurity headlines, in addition to many M&A and venture capital (“VC”) transactions.  A confidential report prepared by the Defense Science Board  listed advanced weapon system designs,  such as those of the Patriot missile and Aegis ballistic missile, that have been compromised by Chinese cyberspies.  Amidst frequent and high-profile cyber breaches in both the government and private sector,  VCs  invested  about  $350 million into IT security deals in 1Q13, up 90%  over  1Q12[1]. On the Big Data front, President Obama signed an executive order that mandated all  legally-permissible  federal data be made publicly accessible in machine-readable format.

On the M&A front, Blue Coat Systems (a portfolio company of Thoma Bravo)  acquired Solera Networks, a provider of  security analytics and forensics  solutions;  Vista Equity Partners  purchased  publicly-traded Websense, a provider of web, email, and data security solutions, for  nearly  $1 billion; and  Haystax Technology acquired FlexPoint Technology, a provider of security services and cloud computing solutions. In VC funding news,  Digital Signal Corporation, a provider of 3D  long-range facial recognition solutions for government and commercial clients,  raised a $50 million Series D round to expand sales, distribution, and manufacturing.  AirWatch, a provider of  mobile security and mobility management solutions, raised  another $25 million to extend its Series A round  from  February 2013  to a total of $225  million.  Finally, Cloudant, a provider of  data hosting and analytics solutions, raised  a  $12 million Series B  round  to  support global expansion and grow support, service, and go-to-market strategies.


Click here to review the Cyber / Intelligence monthly post.

February Cyber Intelligence Review

January was an active month both for cyber market and venture capital (“VC”) funding activity, while M&A experienced a slower start in the new year. On the industry side, experts uncovered one of the largest and most pervasive cyberattacks ever launched, called “Red October.” Over the last five years, Red October reportedly stole terabytes of data from government, diplomatic, and scientific research organizations around the world, and also targeted data on smartphones – one of the first large-scale attacks to do so. On the government policy side, the Army Cyber Command (“ARCYBER”) began developing a chain-of-command doctrine that a commander might use to request cyberattacks on enemy networks, similar to the way a precision airstrike is ordered.

On the M&A front, there were a couple of notable acquisitions. InvestCorp S.A. made a sizable move into the cybersecurity market with its acquisition of FishNet Security, a provider of comprehensive cybersecurity products and services. Guavus, Inc. acquired Neuralitic Systems, a provider of mobile data intelligence technology that analyzes network, application, and content usage patterns to optimize marketing initiatives; Guavus also raised a $30 million Series D funding round in January. In additional funding news, SevOne, a provider of Big Data network performance management solutions, raised a $150 million Series B funding round, expected to be in preparation of an IPO. Also speculated to execute a near-term IPO is FireEye, aprovider of cybersecurity solutions that detect and block advanced malware, which raised a $50 million Series D funding round in January.

Click here to review the Cyber / Intelligence monthly post.

Cyber Acquisitions Favored in the Market

It may come as no surprise that cyber companies (cybersecurity, Big Data, and Cloud) saw strong M&A activity in the second half of 2012.  However, to examine the market’s cyber M&A sentiment from a different standpoint, an analysis was performed to determine if public acquirers of cyber companies experienced excess stock price returns during the three and five-day periods around deal announcements.  The results could shed some light on investors’ enthusiasm for cyber acquisitions, and perhaps indicate if cyber acquisitions are generally perceived to be accretive.

The results were very interesting.  On one hand, the unadjusted transaction set uniformly displays that acquirers, overall, received no excess returns for their cyber acquisitions (please see Figure A).

          Figure A: Unadjusted Results                            Figure B: Results Adjusted for Outliers


However, when only four outliers[1] are removed, the results show that public acquirers did achieve excess returns[2].  As Figure B demonstrates, acquirers experienced an average of 0.66% excess return during the three days surrounding the M&A announcement.  To compare, one studyfound that from 1984 to 2004, S&P 500 acquirers achieved an average three-day excess return of -1.21% (median was -0.83%)[3].

We believe the excess returns are due to a few key trends:

  • Organizations more deeply understand the ability of Big Data, Cloud, and cybersecurity technologies to deliver more decision insight, cost efficiencies, and comprehensive security
  • Organizations are becoming more data-centric; tools that analyze new sources of data, enable workforce mobility, and protect multiple network access points are in high demand
  • As organizations better understand and gear towards a data-centric environment, more spending is focused on these areas, and the market rewards companies that improve cyber capabilities

Given recent market reactions to cyber acquisitions, we anticipate more cyber M&A activity in 2013.


Supplemental information about the analysis:

  • Data set included 54 transactions between June 1, 2012 and January 10, 2013 with publicly-traded acquirers listed on major U.S. exchanges
  • Stock returns were equally-weighted
  • Excess returnA = Actual returnA – [(2-yr average BetaA) x (Index return)]
  • Regression analyses were used to measure the statistical significance of results

[1] Outliers = transactions where acquirers’ stock returns exceeded +/- 6%

[2] Excess return was statistically significant

[3] “The Acquisition Performance of S&P 500  Firms”; March 2007

January Cyber Intelligence Review

December was a strong month for venture capital activity, while M&A transactions were prominent among IT Security and Big Data companies. In the cybersecurity industry, the discovery of a massive cyberattack against large banks scheduled for spring 2013, called “Project Blitzkrieg,” made headlines; however, industry and government leaders are optimistic they have enough time to prepare for and mitigate the effects of such an attack.

In cloud computing, a Microsoft-sponsored IDC report painted a positive picture for the nascent industry, expecting seven million new cloud jobs to be created over the next three years. IDC predicted an equally encouraging outlook for Big Data, noting the volume of digital information is expected to grow at a 42% CAGR between now and 2020.

On the M&A front, Oracle made a bold addition to its cloud computing capabilities after acquiring Eloqua, Inc. for ~$871 million; IBM moved to augment its Big Data offerings by acquiring StoredIQ, Inc.; and Dell continued its interest in M&A with the acquisition of data security firm Credant Technologies. On the VC front, Cloud Sherpas, a provider of solutions for adopting and managing cloud solutions, raised $40 million in Series B funding, while Cloudera, a provider of an Apache Hadoop-based data analytics platform, raised $65 million in Series E funding.

Also, CipherCloud, a provider of cloud encryption and tokenization gateways, landed an initial funding round of $30 million. Finally, two VC firms announced they had raised new funds to focus on companies in the Cyber / Intel market. The Quantum Wave Fund announced it raised $30 million, with the potential to reach $100 million, to fund breakthrough companies that utilize quantum materials and technologies such as quantum encryption. Costanoa Venture Capital raised $100 million to invest in cloud-based technologies, social and mobile opportunities, and Big Data.

Click here to review the Cyber / Intelligence monthly post.

December Cyber Intelligence Review

November was characterized by important government policy events and a strong showing by Big Data in Venture Capital fundings.  On the government side, President Obama signed Policy Directive 20, a classified order that enables the military to act more aggressively to thwart cyberattacks on government and private computer networks. 

The Navy awarded a $98.7 million SPAWAR contract, procuring support that will enable U.S. forces to maneuver in the cyber domain, while paying special attention to protect U.S. critical infrastructure.  Meanwhile, the South Carolina government raced to secure its computer networks in response to a high-profile hack that compromised the Social Security numbers of 3.8 million people and tax information from nearly 657,000 businesses.

On the M&A front, KeyW Corporation added to its cybersecurity offerings after acquiring Rsignia, Inc., a provider of cyber solutions that enable detection, mitigation, countermeasures, and forensics.  Cisco was active in the cloud sector with its acquisitions of Meraki, Inc., a provider of on-premise networking solutions that can be centrally managed from the cloud, and Cloupia, Inc., a provider of cloud automation and management software solutions to small, medium, and large enterprises.  Intelligent Software Solutions furthered its Big Data strategy with its acquisition of Xpect, LLC, a provider of software to Federal, state, and local governments that assist in identifying, collating, analyzing, visualizing and exploiting various types of information.  Most notably, Big Data saw a surge in Venture Capital funding activity, comprising 16 of the last 19 cyber funding rounds tracked.

Click here to review the Cyber / Intelligence monthly post.

November Cyber Intelligence Review

October was another active month for cyber / intel markets, both from a policy and news standpoint, as well as with regard to transaction activity.  On the government policy side, Secretary of Defense Leon Panetta, made shockwaves when he announced that the nation could experience a “cyber-Pearl Harbor” attack on critical infrastructure in the near future if comprehensive and binding cybersecurity legislation is not passed. 

The Air Force published its “Cyber Vision 2025,” laying out key themes to ensure an enduring cyberspace advantage over our adversaries.  The Big Data sector got a boost from a new report by Gartner that claimed Big Data-driven IT spending will reach $232 billion worldwide by 2016, implying a 4-year CAGR of nearly 25%.

With respect to M&A activity, Microsoft acquired two companies: PhoneFactor, Inc., a mobile security company that provides multi-factor authentication solutions; and StorSimple, Inc., a provider of enterprise storage services for Windows and VMware infrastructures.  Raytheon made its eleventh cyber-related acquisition since 2007 with its purchase of Teligy, Inc., adding specialized wireless expertise to Raytheon’s security offerings. 

On the Venture Capital front, Shine Security and Quarri Technologies, both of which specialize in mobile security solutions, received funding rounds to accelerate growth and development.  Attivio, a Big Data analytics company, continued the theme of large funding rounds with a $34 million Series A investment.  Finally, In-Q-Tel gave a vote of confidence to quantum computing and encryption technology after it joined a $30 million funding round for D-Wave Systems, a company at the forefront of developing quantum technology for commercial use.

Click here to review the Cyber / Intelligence monthly post.

October Cyber Intelligence Review

September was a strong month for cybersecurity M&A and VC funding activity despite continuing industry headwinds and a sluggish economy. On the macro side, the OMB released its much-anticipated Sequestration Report, which covered the potential federal budget impact of sequestration. Despite the wealth of information provided, the report lacked program-level details, and as such, uncertainty remains a fundamental concern for industry participants. Additionally, the failed Cybersecurity Act of 2012 made headlines again as President Obama, the DHS, and the FBI began drafting an Executive Order to pass voluntary parts of the Act before year end.

As for M&A activity, General Dynamics, Novetta Solutions, and KeyW Corporation each made cyber / intel acquisitions in September, continuing their momentum from August. GD targeted mobile security in its acquisition of Open Kernel Labs, while Novetta focused on signals intelligence with its purchase of International Biometric Group. KeyW acquired systems and software engineering firm, Poole & Associates, after Poole won a $150 million contract to provide system engineering and program management support to an unnamed U.S. intelligence customer. Only three days later, KeyW announced it had acquired security information company, Sensage. Venture capital also saw impressive funding rounds for cyber companies, notably the $50 million Series A for Tenable Network Security. Shortly after that funding round, Tenable signed a formal strategic partnership and technology development agreement with In-Q-Tel.

Click here to review the Cyber / Intelligence monthly post.

September Cyber Intelligence Review

August began with a setback for the proposed Cybersecurity Act after a filibuster in the Senate stalled the bill before the August recess.  Joint Chiefs Chairman Martin Dempsey and sponsor Joe Lieberman deplored the filibuster and continue to urge action before the end of the year, though the hotly contested election could distract these efforts.

On the transaction front, August saw a few notable Cyber / Intel M&A transactions and venture capital (“VC”) fundings.  Prime contractor General Dynamics’ (“GD”) acquisition of Fidelis Security Systems on August 28th exemplified cyber-focused M&A activity as GD aims to enhance its ability to deliver innovative cyber solutions to its customers. 

On the Cloud side, Accel-KKR-backed Layered Technologies entered the Federal cloud and hosting market by acquiring New World Apps. 

In the VC arena, activity was strong across the board, with several large-scale investments in Big Data, Cloud, and Security markets.  Highlighting the Big Data trend, longstanding Sigma Partners Principal, Richard Dale, left to start a new VC firm called “Big Data Boston,” which will focus on Big Data start-ups focused on software and services.

Click here to review the Cyber / Intelligence monthly post.