The cybersecurity market retained investor interest in 2020 in spite of, or perhaps because of, the raging pandemic.
Funding numbers remained strong this year, according to Crunchbase data, and many in the sector expect 2021 to be similar. The cybersecurity sector saw more than $8.1 billion invested to date globally this year and nearly $6.3 billion in the U.S. That compares to $7.4 billion globally and $4.7 billion in the U.S. last year. The coronavirus outbreak and subsequent transition to remote work accelerated a reliance on cybersecurity services.
“Security is a red hot sector with more and more money pouring into it,” said Andrew Atherton, managing director at Union Square Advisors.
Merger and acquisition dealmaking in the cybersecurity sector did take a hit, with values dropping from $28.1 billion in 2019 to $13.8 billion at the end of the third quarter this year, according to San Francisco-based financial advisory firm Momentum Cyber.
Despite the drop in dealmaking, Atherton said he hears from corporate development teams of large companies that they are still approached on a daily basis by startups and growing cybersecurity firms interested in strategic dealmaking and partnerships. Atherton said he expects dealmaking to remain strong in 2021, after it picked up significantly in the second half of the year. More nontraditional buyers could help push the market, he said, pointing to Fastly acquiring Signal Sciences in August for $775 million as an example.
So where should investors and strategics look toward in 2021 when analyzing the cybersecurity landscape? Following are subsectors that seem primed to have escalated interest in the new calendar year:
Recent years have seen increased interest from buyers looking for IoT security providers, which includes medical device security. Among them was Palo Alto Networks buying Zingbox for $75 million last year, and Armis being acquired by Insight Partners at a valuation of $1.1 billion.
Large tech companies like IBM also have grown their health care security divisions, said Kinsella, whose firm invested in New York-based medical device security provider Cylera in 2018.
Analysing Risk From the Top
Kinsella said the SolarWinds hack may be an inflection point for the industry to look at how vendors share data.
Kubernetes and Containers
That space already has seen significant dealmaking. Palo Alto Networks bought RedLock for $173 million in 2018 and followed that with its acquisition of Twistlock for $410 million and PureSec for an undisclosed amount last year. The cybersecurity giant used that trio to create its cloud security offering Prisma Cloud. Then in April, Rapid7 bought cloud security posture management company DivvyCloud for approximately $145 million.
Venture capital also has rolled in. In September, Mountain View, California-based StackRox raised a $26.5 million round, while in May, Israel-based startup Aqua Security raised $30 million, and Mountain View, California-based Lacework raised a $42 million Series C in the second half of last year.
While the space still is developing, Boukouris said he thinks more money will flow into the area because cloud infrastructure is so hot.