Over the coming weeks, Delling Advisory will present a high-level picture of trends and directions of the cyber security market over the last decade.
The data was collected this year and covers some 650 cyber-security related transactions around the world, dating back to 2004.
Within this is a significant amount of proprietary data which we use in our advisory roles to better understand and communicate the state of the market, as well as valuation trends and trends in the 'buyer universe'.
Each transaction has been catergorised on:
- Company type of the acquiring firm;
- Security-related services that the acquiring and trageted firms provided;
- The country of origin of the acquirer and target companies,
- And the financial details of the transaction.
The image below was created from the data and shows blue dots as acquirers and yellow as target companies.
Initial data sets
Q. Who is buying all these cyber-security companies?
In short, many different companies and company types are acquiring cyber-security companies.
While the defence industry has made headlines as one of the most significant buying groups, they accounted for only 12 percent of all transactions in 2004.
Defence sector transactions were highest in the years from 2010 to 2012 but those firms only accounted for about 18 percent of transactions. There was a rise in transaction volume across the sectors during this time.
The heavy acquirers transaction as seen on the map at the start of this post, have tended to be companies such as Cisco, McAfee, Oracle, CA Technologies, Symantec, IBM, Microsoft, EMC Corporation and Dell - although the defence primes Raytheon and BAE Systems have also made a dent.
Q. Are transaction volumes sky-rocketing?
Not really. There are certainly many more cyber-security related transactions now than there were in 2004, but there are also many more cyber-security businesses.
In broad terms, transaction volume rose about 50 percent from 2009 onwards than in the period 2006 to 2008.Cyber-security firms and IT companies seeking to expand their security-related offerings have been the most prevalent acquirers of cyber-security companies since 2004.
Examples of these IT companies include:
Cyber-security has quicky become very important to a lot of companies. Given the difficulties in recruiting cyber-security professionals, adding this capability by acquisition continues to be very attractive.