Two weeks ago, we highlighted the need for automated threat detection in an environment where the number of threats is rising exponentially and commented that Google’s recent acquisition of privately held Siemplify could pave the way to other M&A deals in the field of security automation.
It looks like things are speeding up with Microsoft reportedly in talks to acquire cybersecurity firm Mandiant (formerly FireEye) that boasted a $3.7 billion valuation pre-speculation yesterday and specializes in threat intelligence and incident response and investigation. Both companies already worked together to investigate the SolarWinds and Microsoft Exchange’s recent hacks.
We doubt that any premium would be materially above 20-25% as recent M&A deals displayed a 20% average premium and as Mandiant’s revenue growth has been lackluster for a long time.
As cloud computing is relentlessly eating away corporate on-premise infrastructures, IT security is now almost fully delegated to hyperscalers (Amazon, Google, Microsoft…) which must offer top-notch, cloud-native cybersecurity solutions in order to attract and retain the most requiring customers. And the easiest and fastest way for the Tech giants to offer the necessary set of cybersecurity products/services is to simply acquire them as these skills were never really developed in-house.
If confirmed, such a move from Microsoft would continue a string of public M&A deals in recent months including the acquisitions of Mimecast, Zix, McAfee, Avast and Proofpoint and confirm that cybersecurity is one of the hottest M&A spots.
Going forward, Google and Amazon could be tempted to rapidly beef up their own cloud cybersecurity skills as Microsoft would make a major step forward with a Mandiant acquisition. XDR (Extended Detection and Response) mid-cap players such as SentinelOne, Rapid7 or Darktrace could be a good fit.
More globally, we stick to our view that the cybersecurity space is too fragmented and needs to consolidate. This outlook is attracting both private equity firms seeking to extract synergies by combining various cybersecurity assets and software firms seeking to acquire scarce cyber skills and/or offer an extended suite of security solutions in an industry that is dominated by niche segments (XDR, identity and access management, vulnerability assessment, CDNs…).