AAA Technology security acquisitions are rocketing

Technology security acquisitions are rocketing

For all the talk about a chronic shortage of exits for venture-backed companies, one segment of the venture capital technology ecosystem is poised to go from hot to hotter.

IT security – the umbrella term for technologies designed to protect the digital superhighway – is coming into its own, and in a big way. Following repeated breaches of government and corporate networks, widespread theft of credit card records and medical records transitioning to digital storage and delivery, the security risk index on computer networks has moved from "potentially dangerous" to "we’re under siege".

With active attacks measured in the hundreds of thousands virtually daily, the old adage that a chain is only as strong as its weakest link – in this case, the computer networks that represent the fabric of commerce (and government) on a global basis – is top of mind for chief security officers around the world.

Increasingly, these attacks are originated by state entities engaged in governmental and/or commercial espionage and highly organised criminal gangs.

While the 13-yearold wunderkind who hacks for fun is still with us, the attacks today are orchestrated by the equivalent of PhDs as well educated and sophisticated as any in the world in search of treasure, whether it is commercial, intellectual or political.

The attackers are well funded, highly disciplined and have the advantage. While those in charge of IT security work hard to thwart every attack, the attackers only need periodic success.

This boils down to electronic asymmetric warfare, and it is a surging frontier for innovation and investment among many of today’s entrepreneurs.

Through the first nine months of the year, US venture capital firms invested $9.2bn, up from $8.9bn in the same period in 2009, and a healthy dose of that was invested in security startups.

This was predictable given a huge surge in recent months in acquisitions of IT security companies, which is highly likely to accelerate. There were a whopping 16 IT security acquisitions in the past 100 days. They exceeded $10bn in value by the estimation of others and me.

Here is the list in chronological order, including acquisition prices if disclosed.

July 1: IBM acquired BigFix, a US company that replaces fragmented tools, including vulnerability assessment and security compliance tools, with a unified control architecture.

July 7: Boeing acquired Narus, a US provider of realtime traffic and analytics software to protect against cyber attacks and threats aimed at IP (internet protocol) networks.

July 12: Quest Software, a US maker of technology systems management software, acquired Volcker Informatix, a German software company that makes products that help companies manage user identities, access privileges and security.

July 13: GFI Software, a US provider of software infrastructure products for small and medium-sized companies, acquired US-based Sun Belt Software, a provider of Windows-based security software.

July 22: Mobile Media Unlimited, a UK-based public company specialising in the dissemination of cell phonebased advertising, acquired Enable Software, a UK company that empowers the interception and analysis of audio communications.

July 23: Digital Barriers, a public UK-based maker of thermal imaging equipment for perimeter surveillance, acquired Overtis Solutions, a UK maker of software that prevents malicious or fraudulent data misuse. It paid £3.2m ($5m).

July 27: Juniper Networks acquired US-based SMobile, a mobile security firm. It paid $70m.

July 27: Commtouch, a US company that supplies internet security technology to 150 security companies and internet service providers, acquired the antivirus division of Authentium, based in the US.

July 29: McAfee acquired Singapore- based tenCube, a provider of a mobile security service to combat the ubiquitous problem of lost cell phones.

August 9: Tektronix Communications, a US provider of communications test and network intelligence solutions, acquired Arbor Networks, a Us-based provider of security management solutions for global business networks. Its customers include more than 70% of the world’s internet service providers.

August 4: St Bernard Software, a US-based maker of web security appliances, acquired Red Condor, a US purveyor of managed email security solutions.

August 19: Intel acquired McAfee, among the world’s biggest makers of antivirus software. Intel said it acquired the company because security has become a fundamental component of online computing, including mobile and wireless devices, TVs, cars, medical devices and ATM machines. Intel paid $7.7bn in stock.

August 30: CA Technologies acquired Arcot Systems, a US-based maker of advanced authentication and fraud prevention solutions for onpremise software and cloud computing. CA Technologies paid $200m in cash.

September 1: VMWare acquired US-based TriCipher, a provider of secure access management for cloud-hosted service-asa- service applications.

September 13: Hewlett-Packard acquired Arc-Sight, a US-based global provider of cyber security and compliance solutions that protect organisations from enterprise threats and risks. The price was $1.5bn in stock.

October 4: Raytheon acquired US-based Technology Associates, a provider of computing engineering for the US intelligence community. Raytheon said it bought the company to expand its cyber security business.

As impressive as this level of activity is, all indications suggest an even bigger spurt of security acquisitions in the months ahead. Driven by unprecedented levels of cash on the corporate balance sheets of major technology corporations and a deepseated conviction that IT security must be improved, this almost certainly will be one of the next major growth areas for technology spending.

"No one argues about whether or not our IT security budget will be up," a corporate chief security officer recently told me. "The only question is up by how much? We cannot afford to be wrong or vulnerable."

Beyond the obvious reason, acquisition frenzy will be fuelled further by an unusually broad set of buyers interested in IT security.

In addition to major technology companies, major systems integrators are showing significant interest to meet the needs of their governmental customers better and also to penetrate the commercial market more deeply. These systems integrators include Lockheed, Boeing and General Dynamics.

Other major acquirers include telecommunications companies, which want to improve the security of the data, now all in IP packets, that traverses their networks. They also want to offer customers new data security services.

The data and the trends once again confirm that venture-backed innovation remains alive and well, at least in select areas.

This is good news for enhanced cyber security, which is essential, and for all other types of venture capital-backed innovation, which is good for the US economy.

Leave a comment

Your email address will not be published. Required fields are marked *