News & Events

Recent Trends in Cybersecurity Venture Capital and M&A

By Jon Yim

Recent cybersecurity venture capital and M&A trends have demonstrated heightened awareness over the potential costs of cyber-related attacks and illustrate significant investment interest in security products and services.  This growing demand can be seen by the recent upward shift in quarterly venture capital activity.  Average quarterly venture capital funding increased to $249 million during the second half of 2012, a 46% increase from the first half of 2012, when quarterly venture capital funding averaged $170 million.  The shift in funding trends has continued throughout the first half of 2013, as average quarterly funding increased 7% from the second half of 2012 to $267 million.  Further substantiating the shift in average quarterly funding trends, $271 million of funding has already been secured in 3Q2013 alone, indicating that venture capital funding for 3Q2013 could potentially reach $500 million, well above funding levels in both 1Q2013 and 2Q2013.

The recent increase in funding is partially attributable to the increase in later stage funding rounds (post Series B) seen as a percentage of total funding.  Later stage funding represented 22% of total funding in 1Q2013, but has increased to 35% in 2Q2013 and 50% in the first two months of 3Q2013.  The higher percentages of larger, later-stage financings could indicate that companies have matured enough to be attractive acquisition targets, and could serve as a catalyst for increased M&A activity throughout the second half of 2013.

Notable examples of large capital raises have been Barracuda Networks, Inc. and FireEye, Inc.  Barracuda Networks, a manufacturer of content security software, completed a $130 million Series C round in October 2012, bringing the company’s total funding to $176 million.  FireEye, a provider of malware protection software, filed its S-1 on August 2nd of this year, looking to raise $175 million in public capital.  The company completed a Series D round of $50 million in January 2013 to position itself for the public offering.

Despites the shifts in VC funding, M&A activity for cybersecurity companies has remained robust, with 130 cybersecurity deals announced from 1Q2012 to 2Q2013.  Recently, Cisco Systems’ acquired Sourcefire, Inc., a provider of malware prevention software.  The deal, announced on July 23rd of this year, yielded an EV / revenue multiple of 10.13x and an EV / EBITDA multiple of 132.8x.(1) 

With recent attacks on entities such as Nasdaq OMX Group, J.C. Penney, and The Associated Press highlighting the vulnerability of key industries and infrastructure to cyber threats, companies offering mitigation or preventative cybersecurity solutions have benefited from a significant influx of investment capital.