“While ransomware is nothing new, WannaCry’s ability to scale is alarming,” Jason Kaufman, president of the Chertoff Group, tells Mergers & Acquisitions, referring to malicious software that blocks access to data and demands money to release it.
“Unfortunately this is yet another wake-up call to executives that they need to promote basic cyber hygiene inside their organizations. This will benefit providers of risk management services and reinforces the urgent need for in-depth cybersecurity due diligence in an M&A setting."
The Chertoff Group, co-founded by former U.S. Homeland Security Secretary Michael Chertoff, is a business strategy and M&A advisory firm that focuses on the security and risk management sector. The firm has been an active dealmaker. In 2016, Coalfire acquired Veris Group, creating one of the largest providers of cybersecurity services on the market. The deal was funded in part by new equity investments by affiliates of the Carlyle Group LP (Nasdaq: CG) and the Chertoff Group, which partnered to take a majority stake in Coalfire in 2015.
“Cybersecurity is a fragmented industry with lots of growth. This is enticing to dealmakers. There are always new threats companies need to defend against,” says Kaufman. “Unfortunately, the bad guys seem to find a way to be a step ahead so there will always be the need to develop new tools to address these problems.”
Some other cybersecurity deals include:
CA Technologies (Nasdaq: CA) purchased Veracode, a security company for applications and software developers, for $614 million. Veracode provides automated, cloud-based services for securing web, mobile and third-party applications throughout the software development process.
The KeyW Corp. (Nasdaq: KEYW) acquired Sotera Defense Solutions, a cybersecurity service provider for the intelligence community, for $235 million. Sotera is a national security technology company that provides cyber systems, IT applications, counter-terrorism, intelligence analysis, and data analytics services.
LLR Partners has bought cybersecurity company BluVector from Northrop Grumman Corp. (NYSE: NOC) for an undisclosed amount. BluVector develops machine-learning software that detects and hunts cyber-threats, all while reducing response times. The target’s technology enables security operations center analysts and incident response teams to gather insight on threats in real time.
Tenable Network Security purchased information technology company FlawCheck Private Registry for an undisclosed amount. FlawCheck provides security and protection for cloud-based storage against malware and other potential risks.