Case Study 



The driving forces of the cybersecurity market

The cybersecurity market is a “hot” sector, currently valued at $86bn and variably forecast to grow over the next five years at a CAGR of 12-15% per year. 

The growth of the sector has been driven by a rapid increase in cyber-crime, with cyber-attacks growing in both frequency (due to significant increases in available network attack surfaces and connected devices) and sophistication, as attacks are increasingly carried out by state-sponsored actors and highly advanced organized criminals focused on high-value targets.

By: Joe Austin

In 2017 alone there were over 200 transactions around the world as businesses sought to acquire cybersecurity capabilities.

Joe Austin is an Analyst in the London office of Livingstone Partners. Prior to Livingstone, Joe worked at KPMG as a qualified accountant.

The increase in the number and sophistication of cyber-attacks has generated greater attention from regulators, who are now driving a cybersecurity agenda and adopting a tough stance towards both cyber breaches and failure to protect client data. The focus of new regulation is bridging information gaps and ensuring higher minimum standards for compliance - across the globe. 

This new regulatory landscape means that cybersecurity is widely accepted as a ‘board-level’ issue. There is significant reputational risk attached to cybersecurity failings – as well as huge potential monetary costs. As a result, businesses are investing heavily to protect themselves.

Cybersecurity spend is typically split between services (e.g. penetrating testing, information security consulting, compliance, incident response, managed services, etc.) and software (e.g. endpoint protection, access control, firewalls, anti-malware, intrusion protection/detection, ransomware protection, etc.). Both of these markets are becoming increasingly sophisticated on the back of a number of interesting developments.

Two key trends are emerging in the cybersecurity services space – a move to intelligence-led testing and the growth of managed security service provision (‘MSSP’). Intelligence-led testing has revolutionized cybersecurity by providing more effective, tailored protection. The premise is to leverage research (including ‘honeypots’ and open source intelligence) to identify vulnerabilities and attack formats specific to clients and industries and focus energies on protecting against the most likely attack types for the client rather than simply standard or undefined methods. Meanwhile, managed services are growing as businesses realize they require persistent, live cybersecurity solutions and cannot just ‘bolt-on’ software products or conduct point-in-time testing.

On the software side, recent developments have been characterized by advancements in terms of artificial intelligence and machine learning. While the success of these platforms currently varies, the better technologies are being used to enable the quick and accurate identification of potential cyber-attacks.

Unprecedented levels of cybersecurity spending and increasingly sophisticated solutions makes for an exciting – and expensive – M&A market.

In 2017 alone there were over 200 transactions around the world as businesses sought to acquire cybersecurity capabilities. Highlights include Barracuda Networks being taken private by PE firm, Thomas Bravo, for $1.6bn, DigiCert’s $950mm acquisition of Symantec’s website security and PKI solutions business, Synopsys’ acquisition of Black Duck for $565mm and CyberArk’s $42mm takeover of DevOps. Livingstone has been one of the most active advisers to this market managing the strategic sale of leading service providers ContextIS (to Babcock), Info-Assure (to BSI) and most recently, Nettitude (to Lloyd’s Register).

10 to Know

Industry trends owners should know

© Copyright 2018

Joe Austin

Analyst | London

Fix the following errors: