Just like their VC peers, PE investors can’t get enough of businesses working to keep technology safe, making more and larger investments than ever before. And with VCs providing funding to more startups in the field, it stands to reason that PE’s push into cybersecurity will only grow stronger, as a larger population of companies reach the level of maturity that typically attracts buyout firms.
While this year is on pace for a bit of a decline—not accounting for a likely lag in deal reporting—a look at private equity deal activity in the US cybersecurity sector over the past 10 years shows a steady climb up and to the right, with the number of completed deals more than doubling between 2009 and 2016. Last year brought a 14% increase in activity, according to the PitchBook Platform, particularly impressive considering the YoY decline in overall US PE deal flow that occurred in 2016.
Here’s a full look at yearly US PE activity in the space over the past decade:
Only one firm has completed more than 11 private equity investments in cybersecurity companies since the start of 2007, and it’s a lot more: Thoma Bravo, which has closed 18 deals in the space over that span.
The rest of the top investors in the industry fall into one of two categories. Some are private equity heavyweights who invest prolifically across a whole spectrum of sectors, while the rest are growth-focused firms that operate somewhere in between the traditionally separate definitions of PE and VC. Here’s the full top 7:
And the uptick in interest is about more than just quantity. In the eight-year span between 2007 and 2014, investors completed zero private equity deals that were at least $1.5 billion in size. In the two-plus years since, six transactions have hit that threshold—five typical buyouts, plus Dell’s massive takeover of EMC that included significant backing from Silver Lake.
One representative example occurred last September, when Vista Equity Partners agreed to buy out network security provider Infoblox in a take-private deal for $1.6 billion. Vista invests heavily in the software space, making cybersecurity a natural fit. And Infoblox is exactly the sort of cybersecurity company there may soon be a lot more of: A mature business that already received extensive VC backing, went public, and is now in a later stage of development that makes it a better fit for the usual PE model.
Another major transaction in the space was even more recent: KKR’s acquisition of a majority stake in Optiv Security, a provider of various cybersecurity services, from Blackstone and other previous investors for a reported $2 billion in February. As part of the deal, Blackstone retained a minority stake in Optiv, a company it helped form via the merger of Accuvant and FishNet Security in 2015.
Want more? PitchBook subscribers can access the full data on PE activity in the cybersecurity space.