Cybersecurity M&A set to have another big year

The internet of things (IoT) dominated the last CES show, presenting abundant new-business opportunities, all of which come with formidable cybersecurity challenges. Likewise, car-makers were a predominant presence at CES, touting the connected cars of the very near future – another prospect rife with large, obvious cybersecurity challenges. Both the IoT and connected car opportunities require ecosystems of cooperating enterprises to realise their full potential. That will drive new forms of partnering, such as industrial mash-ups; they will also exacerbate the cybersecurity challenges involved.

Consider the scope of those cybersecurity challenges. IoT systems in every industry and connected or autonomous cars, in particular, will dramatically multiply the number of “endpoint” devices (or nodes) in information system networks, as well as the volume of information exchange being transmitted. Those endpoints and those transmissions must all be protected. The billions of communicating sensors envisioned as part of IoT networks are essentially endpoints that need protection. The complexity and multidimensionality of the cybersecurity challenge are about to skyrocket – at a time when many feel that the “good guys” are already falling behind the hackers.

According to Ernst & Young, the value of deals targeting cybersecurity leaped 160% in 2015, to $26.8 billion from $10.3 billion in 2014. And volume increased by 46%, to 287 deals from 196 in 2014. But, investors may want to note, this is likely only the start of long-term growth.

What will drive the imminent spike in cybersecurity M&A is that organisations throughout the world are all waking up to the true nature of this challenge simultaneously. Their realisation demands they look way beyond their IT infrastructure to fully understand their cyber risk. They must think more broadly about all their business relationships and assess their cyber threat environment from economic and geopolitical perspectives as well. Such cyber threat assessments will be far broader than in the past and will require new approaches and new technologies.

Ironically, M&A presents cyber threat actors with particular opportunity. M&A is one of the few times when all functional areas of an organisation collaborate to understand and assess risk. A large amount of documentation and data goes back and forth between the companies. That volume of activity creates an extremely attractive opportunity for cyber threat actors, so companies must make an extra effort to protect their M&A process.

Furthermore, because their technology increasingly underpins other global industries, technology companies are particularly attractive cybersecurity targets. If an intruder manages to insert malicious code in a tech product that is then sold to customers, that intruder could potentially infiltrate the tech company’s customer base. So tech companies must go further when building cyber defences.

A conversation is never wasted. We’re confident that we can give you all the help you need, but we’ll tell you if we think there’s a better option for you.

Get in Touch Get in touch now