Top cybersecurity M&A deals for 2023

Uncertainty and instability marked the end of 2022 for many in the tech sector, a trend that bled into the beginning of 2023. Following on the heels of a drought in IT talent came mass layoffs at many of the world's biggest tech companies as predictions of recession loomed and war in Ukraine dragged on with no end in sight.

Global concern over cybersecurity has never been higher, with attacks coming fast and furious and in ever-growing numbers, and 65% of organizations planned to increase cybersecurity spending in 2023. That means CISOs may be pressured to do more with what they have as budgets shrink even as demand for security increases. And they should be aware of what could change if one of their vendors is acquired in this climate.

Corporate deals have dropped from the highs of 2021 as well as investors proceed with caution, eyeing interest rate increases and the possibility of a recession. There were some indications that cybersecurity might be an outlier in 2023--that M&A activity might remain a little more robust than in other parts of the tech world. "There are abundant opportunities for innovation in cybersecurity as new technology breakthroughs, such as the near-human capabilities of ChatGPT, introduce new and largely unaddressed security risks," DataTribe noted in its fourth-quarter 2022 Insights.

While recognizing the ever-growing importance of cybersecurity and the ever-growing demand to protect against increasingly sophisticated--and numerous--bad actors, dealmakers are likely to be active but cautious in the year to come. 

Below are the deals that CSO has selected as the most significant of the year. (This list is updated periodically as new deals are announced.)

Thales agrees to buy Tesserent

June 13: Defense technology and security provider Thales has agreed to buy Australian cybersecurity firm Tesserent in a deal that values to the firm at about $111 million. Paris-based Thales said the deal will enable it to "accelerate its cybersecurity development roadmap and expand its footprint in Australia and New Zealand." Tesserent will continue to operate under its current name, but its branding will include the "Cyber Solutions by Thales" tagline. "With the acquisition of Tesserent and its highly skilled team of cyber experts, and combined with our own system engineering experts, Thales Australia will establish an Australian/New Zealand leader in Cyber Defence able to best protect the country and its national infrastructure from cyber threats," Thales Australia CEO Jeff Connolly said in a release.

Informatica announces intent to acquire Privitar

Informatica has agreed to buy Privitar with the intention of integrating its access controls and remediation for data privacy and security into Informatica’s AI-powered Intelligent Data Management Cloud platform. Privitar is a "UK-based data management access and privacy software provider that powers organizations to democratize the ethical and safe use of data across enterprises," Informatica said in a statement. "Data governance and responsible use of data is a growing priority for large businesses, but too often requires trading off agility and self-service," said Informatica CEO Amit Walia.

Dataprise acquires Texas-based managed service provider RevelSec

June 21: Dataprise, a provider of managed IT, cybersecurity, and cloud solutions, has acquired RevelSec for an undisclosed amount. RevelSec, a security-first managed service provider headquartered in Texas, will "further expand Dataprise's national footprint and add high-value vertical expertise while providing RevelSec clients access to Dataprise's broad portfolio of powerhouse services," the companies said in a statement. RevelSec serves 200 clients across industries including financial services, healthcare, and oil and gas.

Daisy Corporate Services completes acquisition of ECSC Group

June 22: Daisy Corporate Services has completed its acquisition of breach prevention, detection and response support company ECSC Group. In a statement on its website, Daisy said the purchase "provides highly complementary services" to its "current operational resilience offerings, therefore providing an enhanced customer proposition." Founded in 2000, ECSC provides expert security breach prevention, detection and response support to almost 425 customers across all sectors and including a range of corporate and blue-chip organizations. "We firmly believe that together we will become the UK's leading cyber security organization," said ECSC CEO Matthew Briggs.

Socure buys Berbix for $70 million

June 27: Digital identity verification solutions provider Socure has acquired San Francisco-based startup Berbix for about $70 million. Berbix, founded in 2018 by former members of the Airbnb Trust and Safety Team, has developed a high-accuracy document verification solution with a forensics engine able to detect spoofed IDs, including AI-generated fakes.

Mozilla buys fake-busting software firm Fakespot

May 2: Not-for-profit tech foundation Mozilla has bought fake-busting software developer Fakespot. Fakespot uses artificial intelligence (AI) and machine learning (ML) systems to detect patterns and similarities between reviews to flag those that are most likely to be deceptive. The system helps sort real reviews from fake ones, to support trust and confidence among those making online purchases. Mozilla said it will continue to invest in enhancing Fakespot for current users but plans to develop future Fakespot integrations that will be unique to Mozilla's Firefox browser.

Private equity firm acquires Absolute software for $657 million

May 11: Crosspoint Capital Partners has agreed to buy self-healing, intelligent security solutions provider Absolute Software for US$657 million excluding debt in a deal that will take the NASDAQ-traded company private. "We are impressed with how Absolute has built upon its asset visibility and control heritage and expanded into solutions that provide endpoint resilience and the reliable access needed in today's hybrid work environments," Crosspoint managing partner Greg Clark said in a statement. Absolute provides self-healing, intelligent security solutions that offer a permanent digital connection that intelligently and dynamically applies visibility, control, and self-healing capabilities to endpoints, applications, and network connections.

Exiger acquires software supply chain and SBOM management platform Ion Channel

May 16: Security software as a service provider Exiger has bought software supply chain risk management platform Ion Channel. The acquisition will expand Exiger's depth of analysis in vendor and open-source software cyber risk, CEO Brandon Daniels said in a statement. "From entities to software to raw materials, Exiger's technology now covers all potential product risk so our customers can regain control of their supply chains." Ion Channel has developed a proprietary risk model that analyzes 1.5 trillion events in open-source and proprietary software components daily and tracks more than 100 leading risk indicators to detect security and operational risk months in advance of known vulnerabilities. Ion Channel's C-SCRM solution will be incorporated into Exiger's FedRAMP SaaS platform.

IBM acquires Polar Security

May 16: Tech giant IBM has acquired data security posture management (DPSM) provider Polar Security to bolster its cloud security offerings. Polar Security's platform helps to manage "shadow data" -- sensitive data not being tracked or managed by a company. DSPM reveals where sensitive data is stored, who has access to it, how it's used, and identifies vulnerabilities with the underlying security posture, including policies, configurations, or data usage. Polar Security's DSPM technology will be integrated into IBM's Guardium family of data security products.

Onfido buys digital identity-sharing technology developer Airside Mobile

May 22: Automated identity verification company Onfido has acquired Airside Mobile. Airside is noted as among the first to bring user-controlled digital identity to the travel industry. The company's privacy-first identity management technology will be combined with Onfido's verification platform to allow "verify once, use anywhere" use where customers can manage their own digital identity stored on a smartphone.

Cisco plans to buy Armorblox to help create "an AI-first Security Cloud."

May 31: Cisco has agreed to purchase email security platform Armorblox for an undisclosed amount. Cisco security Chief Product Officer Raj Chopra said Armorblox's use of predictive and generative AI "will change the way our customers understand and interact with their security control points." In a blog announcing the pending acquisition, Chopra said Armorblox's techniques may also be applied to attack prediction, rapid threat detection, and efficient policy enforcement.

OpSec Security agrees to buy Zacco

April 4: Brand integrity firm OpSec Security has agreed to buy intellectual property Danish intellectual property management and protection company Zacco, the two companies said in a statement. Zacco combines traditional legal expertise with digital brand management and security. The addition of Zacco will "combine the respective strengths of the two businesses to help customers maximize the value of their IP portfolios, take advantage of new opportunities, and counter vulnerabilities and threats these may bring," OpSec said.

TrustCloud and Branddocs merge

April 11: In a reverse takeover, secure digital transaction and video verification services Branddocs acquired secure digital transaction choreographing platform TrustCloud for an undisclosed amount. The new company will operate as TrustCloud, combining Branddocs' client base and in-house network of fraud detection experts, AI/ML technologies, multi-orchestration capabilities, and the TrustCloud modular platform to deliver globally compliant, frictionless, and vendor-agnostic services.

Columbus acquires ICY Security

April 11:  Columbus has acquired ICY Security in an expansion aimed at meeting customer demand for cyber security services. Denmark-based ICY Security is among the Nordic countries’ largest consultancies and implementation companies in the area of identity and access management (IAM). "The acquisition of ICY Security is an important investment in extending Columbus' offerings following the increased need for cybersecurity services from our customers," Columbus CEO and President S?ren Krogh Knudsen said in a statement.

Akamai acquires Neosec

April 19: Content delivery network and cloud security services provider Akamai Technologies has agreed to buy privately held API detection and response platform Neosec. The acquisition will extend Akamai's visibility into the rapidly growing API threat landscape, the company said in a statement. "The combination is designed to make it easy for customers to secure their APIs by helping them discover all of their APIs, assess their risk, and respond to vulnerabilities and attacks."

Cisco agrees to buy Lightspin Technologies

March 29: Software and service giant Cisco has agreed to buy privately held cloud security software Lightspin Technologies for an undisclosed amount. Lightspin offers end-to-end cloud security posture management (CSPM) across cloud-native resources. The company will join Cisco's emerging technologies and incubation (ET&I) business.

Mastercard acquires Baffin Bay

March 20: Mastercard has bought Swedish cybersecurity firm Baffin Bay to increase its cloud-based protections. The company will integrate Baffin Bay's cloud-based solution that uses AI technology to automatically filter and counteract malicious internet traffic into its current offerings. "The addition of Baffin Bay Network's instantaneous, predictive and cloud-based  AI technology to our existing analytical capabilities will deliver a leading, singular cyber solution," Mastercard said in a statement.

HPE acquires Axis Security

March 2: Hewlett Packard Enterprise (HPE) agreed to buy cloud security services provider Axis Security, its third acquisition since January, to deliver a unified secure access service edge (SASE) offering. The acquisition is aimed at incorporating the Axis security service edge (SSE) platform into HPE's edge-to-cloud network security capabilities to deliver integrated networking and security solutions as-a-service. HPE plans to integrate Atmos, an SSE offering by Axis Security, into Aruba, its platform for edge-to-cloud networking with AI-based network automation. "The convergence of Aruba and Axis Security solutions will transform edge-to-cloud connectivity with a comprehensive SASE solution that provides enterprises with the highest levels of security for both IoT devices and all users' access across geographically distributed locations," Phil Mottram, executive vice president and general manager, HPE Aruba Networking said in a statement.

Online auction giant eBay Acquires 3PM Shield

February 13: eBay acquired 3PM Shield, a provider of monitoring solutions designed to prevent the sale of counterfeit items, unsafe products and illegal goods. The purchase will help provide sellers and buyers with a safe and trusted platform and enhances eBay’s ability to address suspicious or harmful seller behavior and potentially problematic items. "3PM Shield has been a valued and effective external partner in helping eBay tackle these challenges and we look forward to unlocking additional capabilities as we bring their technologies in-house," eBay Chief Risk Officer Zhi Zhou said in a statement.

Accenture buys Brazil-based Morphus

February 13:  New York-based Accenture has acquired privately held cyber defense, risk management, and cyber threat intelligence services provider Morphus for an undisclosed amount. Brazil-based Morphus provides red and blue team services; governance, risk, and compliance services; enterprise risk management; cyber strategy; threat intelligence; and managed security services. "The acquisition brings more than 230 highly skilled professionals, making Accenture one of the largest cybersecurity professional services providers in Brazil," Accenture Security global leader Paolo Dal Cin said in a statement. The acquisition launches Accenture's cyber industry practice in Latin America.

Vista Equity Partners completes acquisition of KnowBe4

February 1: Investment firm Vista Equity Partners completed its acquisition of security awareness training and simulated phishing platform KnowBe4 for $24.90 per share in cash, valuing the company at about $4.4 billion. "The human element remains one of the most important yet neglected aspects of cybersecurity," Michael Fosnaugh, co-head of Vista's Flagship Fund and senior managing director, said in a press release. "The opportunity to scale a business that is truly mission-critical to enterprises around the world is core to Vista's investment approach and value creation efforts." Vista focuses exclusively on acquiring enterprise software, data, and technology-enabled businesses.

Radiant Logic signs definitive agreement to acquire Brainwave GRC

February 1: California-based Radiant Logic entered into a definitive agreement to acquire French identity governance and analytics company Brainwave to accelerate the companies' shared vision of an identity data fabric using data science to ensure the right information is in place to make the right policy decisions. "Demand is increasing for cybersecurity, governance, and compliance solutions that help companies address the continually evolving security threats, especially as regulatory environments and fines become more prevalent," said Joe Sander, CEO of Radiant Logic, in a press release. The companies said the acquisition will strengthen their market positions as identity, analytics, and intelligence experts and provide a zero-trust and identity-first security foundation to deliver enhanced data security, reduced audit and compliance costs, and improved understanding and visibility of malicious activity.

Veridos becomes majority shareholder in NetSeT

January 30: Berlin-based Veridos has acquired a majority stake in NetSeT Global Solutions, a move the company says will strengthen its position as a full-service provider of integrated identity solutions. NetSeT, based in Serbia, develops information systems for the management of citizen data and information security. In 2017, Veridos acquired a minority stake in NetSeT, which will now be integrated into the Veridos Group. "With this acquisition, we are expanding our position as a provider of holistic identity solutions to cover the entire value chain: from citizen registration to the creation and personalization of ID documents and the management of citizen data to document verification," Veridos CEO Marc-Julian Siewert said in a press release. The move comes after 20 years of collaboration between Veridos and NetSeT. In joint projects, the companies have co-operated in providing the ID system for northern Macedonia, ePassport systems for Bangladesh, Venezuela, and the United Arab Emirates, and a driver’s licence system for Uganda.

Simeio acquires identity and access management firm PathMaker

January 10: Specialized identity and access management (IAM) services provider Simeio acquired Texas-based identity governance firm PathMaker Group in a move that will enhance Simeio's consulting services and SailPoint implementation capabilities, the company said. “This acquisition solidifies our commitment to integrate future-ready technologies to protect and secure identities. "Simeio CEO Chris Schueler said in a press release. "I am very confident in the unmatched identity security services that our clients can take advantage of as a result of this acquisition.” Simeio operates a portfolio of end-to-end services in advisory, building, and managing identity security solutions. PathMaker's IAM MAP assessment process and methodology will be incorporated into          Simeio's proprietary identity orchestration platform Simeio IO, allowing customers to continuously measure and assess the maturity of their identity programs. Simeio's managed identity security services delivered through Simeio IO will also be accessible to PathMaker clients.