In a world of blurring lines and free-flowing data, the need for security technology is more keenly felt than ever. High profile breaches at companies like Target, JP Morgan and Sony – with more announced seemingly weekly – are regular reminders of the threats to data and digital assets. This, in turn, is driving high valuations and significant deal flow for innovative security technology firms. This Market Spotlight webcast will examine the specific technologies receiving the most interest, with perspectives from analysts, bankers, buyers, investors, and CEOs.
Scanning the Internet for External Cloud Exposures via SSL Certs
Market Spotlight: Cyber Security
1.
2. Jon Scott
SeniorVice President
Jon joined Corum in 2010 out of their Seattle headquarters. He has close to 30 years experience serving high technology companies
with the last 20 mainly in chief operating and chief executive roles. During this time Jon has become known for his ability to successfully
integrate strategies and tactics into well executed operating plans, building strong teams and achieving excellent results.
Jon has served as President and CEO of The PowerTech Group, a security and compliance software company sold to Help/Systems in
2008, and Microserv Technology Services, a nationwide tech services company which was acquired by Halifax Corporation in 2003.
Earlier he served as President and COO of Traveling Software, a leading developer of communications software in Seattle. Prior to his
operating roles Jon held vice president roles in sales, marketing and business development for technology companies.
Jon has taught in the software product management program at the University of Washington and holds a business administration
degree from San Francisco State University.
3. Agenda
• Welcome
• Jon Scott, SeniorVP – Corum Group
• M&A in Security Sector
• Aaron King,Analyst – Corum Group
• MarketTrends
• Jon Scott
• Seller Discussion
• Anirban Banerjee, Founder
StopTheHacker (acquired by CloudFlare)
• Q&A
4. Jon Scott
SeniorVice President
Jon joined Corum in 2010 out of their Seattle headquarters. He has close to 30 years experience serving high technology companies
with the last 20 mainly in chief operating and chief executive roles. During this time Jon has become known for his ability to successfully
integrate strategies and tactics into well executed operating plans, building strong teams and achieving excellent results.
Jon has served as President and CEO of The PowerTech Group, a security and compliance software company sold to Help/Systems in
2008, and Microserv Technology Services, a nationwide tech services company which was acquired by Halifax Corporation in 2003.
Earlier he served as President and COO of Traveling Software, a leading developer of communications software in Seattle. Prior to his
operating roles Jon held vice president roles in sales, marketing and business development for technology companies.
Jon has taught in the software product management program at the University of Washington and holds a business administration
degree from San Francisco State University.
5. Aaron King
Analyst
Aaron joined Corum Group in 2015 as a research analyst. Previously he worked as a
writer, editor, and consultant at a software startup. Aaron graduated from Reed College
with a degree in Economics, specializing in Game Theory.
6. 2.00 x
2.50 x
3.00 x
3.50 x
4.00 x
4.50 x
5.00 x
6.00 x
8.00 x
10.00 x
12.00 x
14.00 x
16.00 x
18.00 x
EV/SEV/EBITDA
May-
14
Jun-
14
Jul-
14
Aug-
14
Sep-
14
Oct-
14
Nov-
14
Dec-
14
Jan-
15
Feb-
15
Mar-
15
Apr-
15
May-
15
EV/EBITDA 14.20 14.61 15.50 16.48 16.10 16.22 16.96 17.03 15.71 15.84 16.08 16.16 14.63
EV/S 3.41 3.89 4.07 4.27 4.37 4.73 4.34 4.16 4.12 4.03 4.23 3.88 4.05
Infrastructure Market Valuations
IT Services Management
Network Management
Storage & Hosting
Endpoint
Security
Other Infrastructure
Segments
9. Sold to
Target: BeeWare
Acquirer: DenyAll
Date Announced: May 2014
Transaction Value: Undisclosed
—Web application security, payments,
and payment card data for business
11. Sold to
Target: Sourcefire
Acquirer: Cisco
Date Announced: July 2013
Transaction Value: $2.7B
—Intrusion detection / prevention SaaS,
anti-malware software
12. Sold to
Target: Websense
Acquirer: Raytheon
Date Announced: Feb 2015
Transaction Value: $1.3B
—Defense, aerospace, missile and
intelligence systems for defense and
government
14. Target: Blue Coat
Acquirer: Bain Capital
Date Announced: March 2015
Transaction Value: $2.4B
—Enterprise cybersecurity, web traffic
management, mobile security, and SaaS.
Previously owned by Thoma Bravo.
Sold to
15. Encryption
Growth in Exits by Segment (2013-2014)
Penetration Testing Security Management
Mobile Security
Identity & Access
Management
Storage Security
Anti-Malware
Premises Network
Security
Transaction Security
16. Sold to
Target: Codenomicon
Acquirer: Synopsys
Date Announced: April 2015
Transaction Value: Undisclosed
—Security and vulnerability testing
software and SaaS, performance
management.
Sold to
Target: Quotium
Acquirer: Synopsys
Date Announced: May 2015
Transaction Value: Undisclosed
—Interactive application security testing
(IAST)
17. Encryption
Growth in Exits by Segment (2013-2014)
Penetration Testing Security Management
Mobile Security
Identity & Access
Management
Storage Security
Anti-Malware
Premises Network
Security
Transaction Security
18. Sold to
Target: Metafor Software
Acquirer: Splunk Inc.
Date Announced: June 2015
Transaction Value: Undisclosed
—Cybersecurity anomaly detection and
predictive analytics.
19. Sold to
Target: nsense
Acquirer: F-Secure
Date Announced: June 2015
Transaction Value: $16,481,000
—Cyber protection and vulnerability
assessment for large institutions
21. Sold to
Target: IdMLogic
Acquirer: CA Technologies
Date Announced: June 2015
Transaction Value: $25M
—Identity and Access Management
(IAM) for businesses, and BYOD/mobile
IAM solutions.
22. Sold to
Target: CyActive
Acquirer: Paypal Inc. [eBay]
Date Announced: March 2015
Transaction Value: $60M
—Predictive malware detection and
prevention cybersecurity for business
24. Sold to
Target: Vulnr
Acquirer: ZeroFOX
Date Announced: January 2015
Transaction Value: Undisclosed
—Stealth-mode mobile vulnerability
detection software
25. Sold to
Target: NumberCop
Acquirer: WhitePages, Inc.
Date Announced: June 2015
Transaction Value: Undisclosed
—Anti-spam caller ID mobile app to
identify and block spam, phishing, and
other high-risk calls and text messages
26. Jon Scott
SeniorVice President
Jon joined Corum in 2010 out of their Seattle headquarters. He has close to 30 years experience serving high technology companies
with the last 20 mainly in chief operating and chief executive roles. During this time Jon has become known for his ability to
successfully integrate strategies and tactics into well executed operating plans, building strong teams and achieving excellent results.
Jon has served as President and CEO of The PowerTech Group, a security and compliance software company sold to Help/Systems in
2008, and Microserv Technology Services, a nationwide tech services company which was acquired by Halifax Corporation in 2003.
Earlier he served as President and COO of Traveling Software, a leading developer of communications software in Seattle. Prior to his
operating roles Jon held vice president roles in sales, marketing and business development for technology companies.
Jon has taught in the software product management program at the University of Washington and holds a business administration
degree from San Francisco State University.
32. Jon Scott
SeniorVice President
Jon joined Corum in 2010 out of their Seattle headquarters. He has close to 30 years experience serving high technology companies
with the last 20 mainly in chief operating and chief executive roles. During this time Jon has become known for his ability to successfully
integrate strategies and tactics into well executed operating plans, building strong teams and achieving excellent results.
Jon has served as President and CEO of The PowerTech Group, a security and compliance software company sold to Help/Systems in
2008, and Microserv Technology Services, a nationwide tech services company which was acquired by Halifax Corporation in 2003.
Earlier he served as President and COO of Traveling Software, a leading developer of communications software in Seattle. Prior to his
operating roles Jon held vice president roles in sales, marketing and business development for technology companies.
Jon has taught in the software product management program at the University of Washington and holds a business administration
degree from San Francisco State University.
33. Anirban Banerjee
Dr. Anirban Banerjee is the lead Primary Investigator, the VP of Research and Development, and co-founder of StopTheHacker
Inc. He graduated with his Ph.D. in Computer Science, from the University of California at Riverside in 2008. Dr. Banerjee’s
thesis research includes well over twenty published papers in the areas of internet security, measurements and web
technology.
Over the last few years, he has garnered great visibility and respect among the web security community, rapidly advancing as a
recognized authority in the fight against underground cyber crime. Dr. Banerjee’s profound expertise in Artificial Intelligence
and web security along with his exuberant passion for innovative product development, propel StopTheHacker into the much
coveted position as one of the tech industry’s hottest new startups.
Co-Founder, StopTheHacker
34. Traits of a Successful Security Acquisition
1. Chasing a RealVulnerability
2. Developed an ExpandableArchitecture
3. Deep Subject Matter Expertise and Passion
4. Customer References
5. Began with an End in Mind
35. Q&A
We welcome your questions!
• Use Q&A window on right side
• Submit to queue at any time
• Ask “all panelists” – see “ask” option above text-entry
box
36. Contact Us
For further information or copies of today’s
presentation:
Visit www.wfs.com
-or-
Email jons@corumgroup.com
36
Editor's Notes
Valuations in the overall infrastructure market have dipped a little bit since late last year, but EBITDA multiples remain steady near 14 times overall with this May doing slightly better than last. Sales valuations are up from 3.5 to 4 times – not quite up to last year’s high of 4.7, but showing a definite increasing trend.
Here in the security market, EBITDA multiples have increased from 14 times to an average of about 16 times over the past year, while sales multiples have slowly climbed from 5.5 to 7 times. Notice that the slowing of the overall infrastructure market has had relatively little effect on the Security market, which continues to show valuations well above average for the sector.
After a heavy dip in early 2013, both deal count and disclosed deal values are once again on the rise; the low deal count and disclosed value at the end of 2014 reflects the peak in valuations at the time. Deal count this high indicates a lot of small-to-medium purchases…
…good news for companies like Corum Client BeeWare, which was sold to French application security provider DenyAll in mid 2014.
Turning now to top total spenders in the Security sector, we have four billion-plus spenders in the past three years. Cisco leads the pack with four acquisitions totaling just under 3 billion dollars…
…including their 2.7 billion-dollar acquisition of intrusion detection SaaS company Sourcefire, strengthening their own network security and leveraging their existing market penetration to give Sourcefire a wider footprint.
In the market’s most recent megadeal, Raytheon spends 1.3 billion to form a joint venture with Vista Equity Partners’ portfolio company Websense. The new company will combine Websense’s integrated security platform with Raytheon’s software products to protect commercial and government entities globally.
Our top contributor to total deal count is Proofpoint, a security-as-a-service threat protection suite, snagging five anti-malware companies since 2012 for a total of about $100 million. Plenty of other acquirers hovered in the 3 to 4 range. Enterprise cybersecurity provider Blue Coat is of particular interest, acquiring three companies in a short time…
…before being snapped up itself by Bain Capital for 2.4 billion in the fourth-largest deal the industry has ever seen.
Bain is considering returning Blue Coat to the public markets now that it has had time to grow.
Here we have relative growth in security deals, separated out by segment. Deal count is up significantly all across the sectors, with new technology in Penetration Testing beginning to take off in earnest – deal numbers increased 400% between 2013 and 2014.
Synopsys has been particularly active in this field, enhancing its Coverity platform with two penetration testing adds in the past quarter alone – first Codenomicon in April, and then assets from Quotium in May.
Growth is up significantly in other sectors overall, and even Premises Network Security, which had drop in deals during 2014, is bouncing back with more deals already this year than it had last year in total…
…including Splunk, who acquired anomaly detection cybersecurity provider Metafor just a few days ago in the hopes of further evolving their M2M system…
…and F-Secure, who shelled out 16 million plus earnout for Danish vulnerability assessment provider nSense to expand their incident response and forensic expertise.
Geographical market shares have remained fairly consistent over the last few years, with Africa and the Middle East gaining a notable slice of the pie recently – particularly in Israel, which has seen a surge of activity…
…most recently with CA Technologies’ acquisition of IdMlogic just this month. The 25-million-dollar buy is a clear strengthening of CA’s Identity and Access Management offerings.
Also recently in Israel, eBay spent 60 million for predictive anti-malware developer CyActive through their subsidiary PayPal, hoping to head off in advance any threats to Paypal’s existing security platform.
Note also that Latin America has slowly begun to emerge into the security market…
…with ZeroFOX acquiring Chile’s stealth-mode security company Vulnr early this year. ZeroFOX will be incorporating Vulnr’s technologies and practices moving forward, hoping to strengthen its position as “the social risk management company”.
Meanwhile, back here in Seattle, WhitePages just picked up anti-phishing mobile app NumberCop to enhance its Caller ID services.