Cybersecurity businesses across the globe are being approached by buyers wanting to take advantage of a unique and lucrative opportunity. Investors insist we are at the early stages of what will soon become a multi-billion dollar market. With such bullish expectations, it’s hardly surprising that acquisition activity is rife.
Gartner published a report last year predicting that the cybersecurity industry would be worth over US$96 billion this year and that spending in the industry is increasing by 8 per cent each year.
So why is the industry booming? We all know how quickly technology evolves. It’s increasingly difficult to keep up with emerging technologies that might impact your business. Protecting your business from the equally rapid changes in the way criminals are trying to rip you off is just as challenging.
In response to these challenges, tech firms all over the world are introducing cybersecurity tools, services and applications that help to protect your business from cyber attacks, theft and fraud. An ability to automate security across your IT processes is swiftly becoming an essential part of running a business and investors are cottoning on to this fast.
All this growth is, of course, prompted by the sad fact that cyber crime is also growing and that management teams are pushing the issue further and further up the agenda. In fact, just last year alone, there were 231,028 cyber attacks on British businesses. Alarming stuff.
And it’s not just about protecting business interests, it’s also about protecting client information. Regulators have come down hard on businesses that allow data to be stolen and the spend on cybersecurity is an obvious result of this increased pressure.
Deals, deals, deals
The UK cybersecurity M&A market is extremely active. In September 2018, Six Degrees - a global cloud managed service provider - bought award-winning cybersecurity business CNS Group to bolster its existing business offering.
Six Degrees’ Chief Executive, David Howson, explained: "The increasingly complex cybersecurity threat landscape is a major challenge for businesses, which struggle to align IT resources against the risks they face. Existing clients want to place more of their IT estate with us, and security is a vital part of the picture. CNS Group's loyal client base, serviced by a strong management team and talented staff, provides the perfect fit to enable Six Degrees to offer a broader set of cybersecurity services."
Edel Creely, the co-founder of Irish ICT managed services firm Trilogy, cited an increase in board-level interest in cybersecurity issues as a reason for Trilogy’s purchase of Zinopy Security last month. She explained: “Digital transformation, cyber attacks and GDPR requirements have created greater awareness among boards of directors to ensure their businesses are adequately prepared and protected and we see strong growth opportunities in these areas for the enlarged group going forward.”
Specific areas of interest
Although cybersecurity as a whole is a major draw for investors and business buyers, there are a number of niche sub-sectors and specific threats and concerns that are attracting particular attention.
Cybersecurity awareness training
The number of deals being done in this sub-sector is really notable. Businesses have long overlooked the importance of equipping staff with the knowledge they need to help protect themselves and the company they work for from cyber attack threats.
Some 90 per cent of businesses have experienced an increase in phishing attempts in the last year and the human risk factor is often the weakest link when trying to mitigate this kind of attack. Training companies that come into an organisation and train staff on how to identify and deal with such threats are attracting masses of attention from prospective buyers and many are accepting lucrative offers. This burgeoning area of cybersecurity is expected to be worth more than US$1.5 billion this year, according to Gartner.
Data security regulation compliance (GDPR)
As touched on above, the introduction of a tougher stance on data security, specifically from the EU’s new GDPR regulation, has upped the pressure on businesses to commit to protecting their clients' data. Leaks can lead to huge fines for businesses that are found to have not taken the steps necessary to protect their client data from being compromised.
As a result, companies are ploughing cash into cybersecurity innovations that will help them to demonstrate their commitment to data protection. This allows them to protect their reputation and win consumer confidence.
Cybersecurity is no longer just a business concern. It is increasingly a threat at a national and global level. Governments are beginning to take the threat of cyberattacks to national security seriously and, as a result, are also looking to technology businesses to fill the gaps in their often flimsy cybersecurity infrastructure.
This again, whilst being undoubtedly concerning, it is also a major opportunity for those investing in the industry. It’s very difficult to foresee a time when ongoing investment in cybersecurity isn’t necessary.
Are there any red flags?
Very few. Some are concerned about a skills shortage and how this will impact the industry. ESG undertakes a review of the IT industry each year and some 51 per cent of respondents said they had a problematic shortage of cybersecurity skills. This figure has increased steadily since 2014, when only 23 per cent of respondents said the same.
Despite the shortage of skills in the industry, there is rapid growth in IT security degree programmes and in security training certificate programmes which will obviously boost the number of available experts over time. The fact that businesses are admitting that they have a cybersecurity skills shortage will mean even more demand for the businesses that offer cybersecurity expertise.
In conclusion, cybersecurity has become a hot topic in boardrooms across the globe and third party suppliers of cybersecurity services are reaping the rewards. Although it seems like the threat from hackers, online fraudsters and malware is no new thing, we are still at the very early stages in learning how to mitigate these kinds of attacks. As a business buyer, you have the opportunity to get involved at the beginning of this journey if you can identify and grasp the right opportunity.
Established 1998. Exceptional online presence. Ill health forces reason for sale. Busy industrial estate location. Offers invited.
Prime, busy location. Post office facilities. Long establishment. Superb annual turnover. Excellent profit margins. Huge scope for growth. The business is now for sale on a leasehold basis and is only up for sale due to the current owner’s impending...
A highly profitable Civil Engineering Contractor with a diverse capability and a 'wholly owned' plant register of excavators, machinery, vehicles and equipment is for sale. Excellent 'bolt-on' acquisition with no restrictive premises or finance commi...
Sign up to receive our acquisition alert emails to get your FREE guide
Business Sale Report is your complete solution to finding great acquisition opportunities.
Join today to receive:
All this and much more, including the latest M&A news and exclusive resources