Over the past year, it’s been impossible to ignore the rising tide of threats targeting government and commercial organizations around the world, and the cybersecurity market is reacting.
Ransomware, for one, increased 148% year over year with an estimated 2.9 million ransomware attacks so far in 2021, Momentum Cyber reveals. Beyond the numbers, these attacks have manifested in significant and increasingly concerning ways.
There was the disruption of the flow of nearly half of the oil and gas to the East Coast of the United States with the shutdown of the Colonial Pipeline, the interruption of our food supply with an attack on JBS, the crippling of the Irish health system, and countless other attacks that never made the news.
On top of that, we’ve seen supply chain attacks, like SolarWinds and Microsoft Exchange, causing widespread impact on thousands of organizations worldwide and the European Union Cybersecurity Agency (ENISA) recently predicted a fourfold increase in supply chain attacks in 2021 over last year, warning that strong cybersecurity protection is no longer effective in defending against these types of attacks.
“We are seeing a perfect storm of factors coming together to create the most aggressive threat landscape in history for commercial and government organizations around the world,” said Dave DeWalt, managing director, NightDragon.
Commercial and government organizations alike are recognizing the dire challenge at hand and investing significantly in cybersecurity technologies to combat these threats. Spend on global information security and risk management technologies in 2021 is projected to increase 12.4% to $150 billion. Additionally, with the recent Executive Order, U.S. government spending is expected to increase 7% to $18.8 billion in 2021.
Investment moving to meet today’s cybersecurity needs
With evolving threats comes a need for new, emerging technologies. These technologies can supplement technologies from some of our nation’s most prominent cybersecurity vendors, or they can stand alone to become the next wave of innovation in our industry.
Total investment into cybersecurity skyrocketed in the first half of 2021, more than doubling over the same period last year. Investors poured $11.5 billion in total venture capital financing in 1H 2021, up from $4.7 billion in 1H 2020. Of the 430 total transactions, 36 were greater than $100 million. Categories like risk & compliance, data security, network & infrastructure security and incident response & threat intel captured the attention of investors.
“As an investor in the cyber market for over fifteen years, I can say that this market climate is unlike anything we’ve seen to date. It is encouraging to finally see CEOs, boards of directors, investors and more paying serious attention to this space and putting the resources and capital in place to fund the innovations that address the cybersecurity challenges of today and tomorrow.
“The market is primed for action to make a meaningful shift in the threat landscape and fuel the continued growth of the capabilities of our nation’s organizations to defend the technological infrastructure that powers our economy,” said Bob Ackerman, managing director, AllegisCyber Capital.
M&A volume also saw a significant increase in the first half of 2021, with significant deals for companies in cloud security, security consulting & MSSP, risk & compliance, and more. Total M&A volume was more than four times what it was during the same period of 2020, with $39.5 billion in total deals in 1H 2021 across 163 total transactions. This total is up from $9.8 billion in 1H 2020 across 93 transactions.
Nine M&A deals in 2021 so far have been valued at greater than $1 billion, including Proofpoint’s $12.3 billion acquisition by Thoma Bravo, Auth0’s $6.4 billion acquisition by Okta, McAfee’s $4 billion acquisition by STG and more. These deals speak to the criticality of the challenge we are solving in cybersecurity today, as well as the amount of capital and opportunity pouring into this space at a record pace.
The cybersecurity market is both encouraging and intimidating
Encouraging in that there are resources available to push innovation to new heights and grow new market categories. Intimidating in that the demand of the market is to meet the severity of the threat landscape. This unprecedented challenge creates significant opportunities for the right investors with the domain expertise and operational know-how to identify the companies and entrepreneurs developing the disruptive technologies that will change the cybersecurity landscape.
“Through the first half of 2021, we have witnessed unprecedented strategic activity with both M&A and financing volumes at all-time highs. We fully expect this trend to continue through the rest of the year and into 2022,” said Eric McAlpine and Michael Tedesco, managing partners at Momentum Cyber.