Nice guys do finish first: Why the companies which protect our networks and data are valued so highly

Joe Austin | Jul 2018

Digital network & cyber security market

The cyber security market is a “hot” sector, currently valued at $86bn1 and variably forecast to grow over the next five years at a CAGR of 12-15% per year2.

The growth of the sector has been driven by a rapid increase in cyber-crime, with cyber-attacks growing in both frequency (due to significant increases in available network attack surfaces and connected devices) and sophistication, as attacks are increasingly carried out by state-sponsored actors and highly advanced organised criminals focused on high-value targets.

The increase in the number and sophistication of cyber-attacks has generated greater attention from regulators, who are now driving the cyber security agenda and adopting a tough stance towards both cyber breaches and failure to protect client data. The focus of new regulation is bridging information gaps and ensuring higher minimum standards for compliance. This is being achieved through specialist programmes, such as those run by CREST and the Bank of England CBEST programme for systemically important financial institutions, which is now being rolled-out across other critical infrastructure sectors via TBEST (Telecoms), GBEST (Government) and NBEST (Nuclear) and in the EU as TIBER-EU.

This new regulatory landscape means that cyber security is widely accepted as a ‘board-level’ issue. There is significant reputational risk attached to cyber security failings – as well as huge potential monetary costs. As a result, businesses are investing heavily to protect themselves.

Cyber security spend is typically split between services (e.g. penetrating testing, information security consulting, compliance, incident response, managed services, etc.) and software (e.g. endpoint protection, access control, firewalls, anti-malware, intrusion protection / detection, ransomware protection, etc.). Both of these markets are becoming increasingly sophisticated on the back of a number of interesting developments.

Two key trends are emerging in the cyber security services space – a move to intelligence-led testing and the growth of managed security service provision (‘MSSP’). Intelligence-led testing has revolutionised cyber security by providing more effective, tailored protection. The premise is to leverage research (including ‘honeypots’ and open source intelligence) to identify vulnerabilities and attack formats specific to clients and industries and focus energies on protecting against the most likely attack types for the client rather than simply standard or undefined methods. Meanwhile, managed services are growing as businesses realise they require persistent, live cyber security solutions and cannot just ‘bolt-on’ software products or conduct point-in-time testing.

On the software side, recent developments have been characterised by advancements in terms of artificial intelligence and machine learning. While the success of these platforms us currently varied, the better technologies are being used to enable the quick and accurate identification of potential cyber-attacks.

Unprecedented levels of cyber security spending and increasingly sophisticated solutions makes for an exciting – and expensive – M&A market.

In 2017 alone there were over 200 transactions3 around the world as businesses sought to acquire cyber security capabilities. Highlights include Barracuda Networks being taken private by PE firm, Thomas Bravo, for $1.6bn, DigiCert’s $950m acquisition of Symantec’s website security and PKI solutions business, Synopsys’ acquisition of Black Duck for $565m and CyberArk’s $42m takeover of DevOps. Livingstone has been one of the most active advisers to this market managing the strategic sale of leading service providers ContextIS (to Babcock), Info-Assure (to BSI) and most recently, Nettitude (to Lloyd’s Register).

 

Facebooktwittergoogle_pluslinkedinmail

Insight

Nettitude, a market-leading provider of cyber security services, has been acquired by Lloyd’s Register

Livingstone’s Defence & Security sector team has advised the shareholders of Nettitude, a market-leading provider of cyber security services with some of the most sophisticated technical capabilities in the industry, on its acquisition by Lloyd’s Register.
News
Business Services
Mar 2018

Info-Assure sets a new standard for BSI

Info-Assure, leading provider of cyber-security and information assurance, has been acquired by BSI.
News
Business Services
Oct 2016

Babcock acquires cyber security consultancy

Livingstone’s Defence & Security team has advised the founders of Context Information Security, a leading international cyber security consultancy, on its sale to Babcock International Group plc for £28m plus deferred consideration of £4m.
News
Industrial
Dec 2013