A new report from Momentum Cyber finds that the first half of 2021 was the busiest on record for the cybersecurity market in terms of investment and strategic activity. The torrid pace of strategic deals and venture capital (VC) investment activity has been indirectly driven by the massive spike in ransomware attacks as the pandemic pushed companies to quickly develop and deploy hybrid work-from-home models.
Projections are that the cybersecurity market will not cool off in the near term. Many of the big names in the cybersecurity space have seen 100%+ increases in stock value during this period, but the surprising category leader is Blackberry as it experiences great success with its pivot to cybersecurity consulting.
Hot cybersecurity market driven by criminal activity, particularly ransomware
The record half of cybersecurity market activity saw $39.5 billion in merger & acquisition (M&A) volume, along with $11.5 billion in total VC investments. Major acquisitions during the period include Proofpoint (Thomabravo for $12.3 billion), auth0 (Okta for $6.4 billion) and McAfee (STG for $4 billion). In total there were nine deals at over one billion dollars, and 163 transactions in total. The capital was raised across 430 transactions, raising the average deal size with 61 transactions over $50 million and 36 over $100 million.
The primary driver of all of this has been ransomware attacks, these in turn fueled by the broader range of opportunities presented by the shift to work-from-home models and adoption of cloud services. The study finds a year-over-year increase in ransomware attacks of 148% (2.9 million estimated in 2021), and a staggering 3,900% increase in the average fee since 2018.
Cybersecurity stocks increased 16.8% during the period, doing better than the NASDAQ at 12.7%and the S&P at 15.2%. Raising its value by 180%, Blackberry was the lead performer on the back of its highly successful pivot to cybersecurity that began in 2016 when it acquired U.K.-based consultancy Encription. Even more important to the former phone manufacturer’s fortunes was the 2019 acquisition of security AI startup Cylance. Other top cybersecurity market performers in the first half of 2021 were Fortinet (160% growth), Cloudflare (139%), Norton LifeLock (131%), Secureworks (130%), ProofPoint (127%), OneSpan (124%) and Crowdstrike (119%). The embattled SolarWinds even increased in value by 113% in spite of the massive breach that stretched through 2020.
Going by deals completed, the most active sectors of the cybersecurity market by far were security consulting and managed security service providers (MSSP). VC financiers also showed a strong preference for late-stage Series C funding, coming in with $8.4 billion versus no more than $1.5 billion in any earlier stage. Financiers were most interested in data security, risk & compliance, and network & infrastructure security outfits over the period. M&A activity most frequently targeted fraud & transaction security, MSSPs and risk & compliance firms. More companies are also reaching “unicorn” status; 18 just in the first half of 2021, as compared to only six each of the previous two years (and only two in the two years before that).
Existing top performers elevated while lower-growth stocks have consistently lagged
While the cybersecurity market has been very hot, the tide has not lifted all boats. It has tended to elevate existing top performers in a “rich get richer” phenomenon. Since June 2020, existing high-growth stocks have grown the most by far. Lower-growth stocks have consistently lagged behind over this period, failing to beat the NASDAQ and S&P while hotter companies have leapt ahead.
Aggregate market capitalization also shows very strong interest in cybersecurity companies. Collectively the cybersecurity market is valued at $425.8 billion thus far in 2021, growth of 592% in the past decade. The number of publicly traded companies has also increased from 12 to 37 over that period.
While times have been good for the cybersecurity market, the boom has been driven by a lot of misery — chiefly, ransomware and business email compromise. This in turn stems from digital infrastructure being built out quickly to deal with the pandemic. Not just vulnerable endpoints created by allowing more employees to work from home, but also openings created by explosions in online education and retail shopping. Though pandemic social distancing measures have generally been in decline in the first half of 2021, the research report does not foresee any change in this general state of affairs in the near term forecast period.