Cybersecurity M&A
The consolidation continued in the cybersecurity market during the first three months of the year, both among top vendors in the industry and major solution providers in the channel. We’ve collected details on 10 notable acquisition deals in cybersecurity that were announced or completed during the first quarter of 2023.
[Related: 15 New Cybersecurity Products To Know: Q1 2023]
The M&A activity ranged in size from combinations of large security tool vendors to pickups of small-but-promising startups in cyberdefense. Among the well-known cybersecurity companies that unveiled new acquisition deals in Q1 were Zscaler, which announced a startup acquisition to expand its capabilities for protecting software-as-a-service (SaaS) apps, and Rapid7, which landed an acquisition to enhance its managed detection and response (MDR) platform.
Meanwhile, a number of tech giants that have a broader IT focus announced acquisition deals during Q1 to bolster their security offerings, including Cisco, Hewlett Packard Enterprise (HPE) and OpenText. Several solution providers in the channel disclosed notable security-focused acquisitions during the quarter, as well.
Our list doesn’t cover private equity buyouts, though the first quarter did see some activity there, with Vista Equity Partners closing its $4.6 billion take-private deal for security awareness training vendor KnowBe4.
What follows are the details on 10 key cybersecurity acquisition deals in Q1 of 2023.
OpenText Acquires Micro Focus
In January, OpenText completed its $5.8 billion acquisition of Micro Focus, the latest in a series of cybersecurity-related acquisitions by the company. The acquisition brought the Micro Focus CyberRes offering to the OpenText suite, with capabilities around cyber protection — for data, identities and applications — as well as threat detection and response. Micro Focus had itself acquired a number of cybersecurity vendors in recent years including Interset and Debricked.
The addition of the Micro Focus cybersecurity portfolio to the OpenText platform has joined other capabilities acquired by OpenText in recent years, including endpoint security and threat intelligence from Webroot (through the acquisition of Carbonite); data protection from Carbonite; as well as email encryption software from Zix and security software from Zix-owned AppRiver. OpenText is now finding major traction on security with partners, especially those who favor vendors that can offer a broad portfolio of capabilities, according to Ghassan Lababidi (pictured), vice president of cybersecurity partner marketing and enablement for SMB at OpenText.
HPE Agrees To Acquire Axis Security
In March, Hewlett Packard Enterprise announced that it’s reached an agreement to acquire Axis Security to bolster its secure access service edge (SASE) platform. Combining the Axis Security offering in security service edge (SSE) with the HPE Aruba networking platform — including SD-WAN from the acquisition of Silver Peak — will ultimately give HPE “the most comprehensive” offering in SASE, HPE CEO Antonio Neri (pictured) told CRN.
“All of this will be fully integrated into our HPE GreenLake platform, which will be offered as a subscription service,” Neri said. “Therefore, our partners will be able to sell all these solutions to drive a SASE model with recurring revenue, while also selling the underlying connectivity that comes with it.”
The Axis Security acquisition is expected to close in HPE’s second fiscal quarter, ending April 30. Terms of the deal were not disclosed. Axis Security had raised at least $100 million in funding, most recently raising a $50 million Series C round led by Spark Capital in March 2021.
Cisco Agrees To Acquire Valtix
In February, Cisco Systems announced an agreement to acquire cloud network security startup Valtix, as the tech giant continues working to build out unified platform for modern cybersecurity, Cisco Security Cloud. Valtix specializes in multi-cloud network security for AWS, Azure, Google Cloud and Oracle Cloud Infrastructure. Combined into Cisco’s security portfolio, Valtix will add a layer of visibility between public and private cloud networks and simplify the operational burden for security teams, Cisco said.
Valtix has made significant strides toward bringing a “modern, multi-cloud approach to solving cloud security challenges,” wrote Vishal Jain (pictured), co-founder and CEO of Valtix, in a blog post. As a part of Cisco, however, Valtix is “primed to have an even more massive impact as an integrated component,” Jain wrote.
Cisco, which has been a strategic investor in Valtix for the past three years, did not disclose financial terms of the acquisition deal. Valtix had disclosed raising at least $26.5 million in funding, most recently raising $12.5 million in January 2021.
Cisco Agrees To Acquire Lightspin
In its second acquisition deal of 2023 so far, Cisco Systems announced in March that it’s reached an agreement to acquire cloud security startup Lightspin. The company, which specializes in cloud security posture management (CSPM) across cloud-native resources, will help Cisco to meet its goal of helping customers modernize their cloud environments with end-to-end security and observability, wrote Vijoy Pandey, Cisco’s senior vice president of engineering for emerging technologies and incubation, in a blog post.
Lightspin takes a unique approach to contextualized cloud-security coverage, using graph-based technology to deliver key context, prioritization, and remediation recommendations, Pandey said.
“With the addition of Lightspin, customers will be able to identify, prioritize, and remediate critical cloud security risks without the hassle of extensive configuration requirements,” he said. “In today’s security climate, where the risk management needs of organizations can evolve overnight, it is vital that Cisco’s cloud security investments reflect the growing needs of its customers.”
Lightspin had disclosed raising at least $20 million in funding, most recently raising a $16 million Series A round in June 2021. Terms of the acquisition deal were not disclosed by Cisco.
Optiv Acquires ClearShark
One of the biggest security players in the channel announced an acquisition in Q1, as well. Optiv kicked off a major expansion in the federal government space with the acquisition of solution provider ClearShark, which more than doubles the size of the company’s federal business and provides a foundation for strong growth in the market, CEO Kevin Lynch (pictured) said in an interview with CRN.
Terms of the acquisition of ClearShark were not disclosed. The deal has added about 125 employees to Optiv’s existing headcount of more than 2,500.
Crucially, the combination of the two companies “sets the foundation for us to really bring a public sector focus on an even larger scale,” Lynch said. “We see ClearShark as the cornerstone of our public sector business going forward.”
It’s the first acquisition for Optiv since Lynch joined the cybersecurity powerhouse as CEO in April 2020. And looking ahead, “I do expect that there will be more” acquisitions for Optiv following ClearShark, Lynch said.