Cybersecurity continues to remain one of the biggest concerns in global information technology in 2024 following a year that saw security incidents continue to grow at an alarming rate. After cybersecurity mergers and acquisitions dropped more than 18 % in 2023 over the prior year, a robust and active M&A environment is expected in 2024.

The introduction of artificial intelligence capabilities into many security products over the course of 2023 only increased interest in technological advancement as a means of curbing attacks. Governments and the private sector alike have been under immense pressure to address the threats from bad actors, combating a rise in hacker group-produced as-a-service malware and nation-state attacks. The continuing conflict in Ukraine and the more recent conflict in Gaza have added to worries about global cyber warfare.

Pressure for corporate boards to include cybersecurity leaders in high-level discussions has mounted, as have government initiatives to combat cybercrime and further regulate and increase compliance requirements in the industry. This has tended to boost demand and investment interest, benefitting third-party service providers and sector participants, says investment banking firm Capstone.

“Healthy demand for products and services in the Cybersecurity sector has led to a bifurcation of the market, with individual consumers supporting legacy antivirus and threat detection companies, and venture capital[1]backed AI-driven companies bolstering sector growth through technology innovation,” Capstone says in its January 2024 Cybersecurity Sector Report.

“Continued demand on both sides of the market has led to favorable projections for cybersecurity M&A growth into 2024, as buyers look to capitalize on well-performing assets with recurring revenues while also expanding innovative services and product offerings.”

Cybersecurity provider SonicWall buys Banyan Security

January 3: SonicWall acquired security service edge (SSE) solution provider Banyan Security to add zero-trust security capabilities to its offerings. The deal will extend SonicWall’s portfolio to the cloud and provide partners and their customers with more flexibility, the company said.

“The acquisition aligns with SonicWall’s ‘best-of-suite’ strategy — which includes network, endpoint, wireless, cloud email, and threat intelligence — under a single, multi-tenant portal,” the company said in a press release. “The platform also simplifies workflows and offers unified threat visibility, enabling service providers and end users to focus on what truly matters.”

Mimecast buys Elevate Security to bolster human risk management

January 4: Email and collaboration security provider Mimecast has acquired Elevate Security to strengthen its capabilities in human risk management. Financial terms of the deal were not disclosed.

“People are historically the largest vulnerability in an organization but can also be the strongest line of defense if given the right tools and education,” Mimecast Chief Technology and Product Officer David Raissipour said in a press release. “That’s our goal with this acquisition and core to our work — manage risk by understanding human behavior in the context of a complex environment and then acting on it.”

Elevate’s security platform ingests human behavior and context data from a range of sources and then flags high-risk people using a precision risk-scoring algorithm. Mimecast said it will continue to maintain and support the existing Elevate Security customer base and has already begun to integrate its technology into Mimecast products.

Chertoff Group’s MC² Security Fund completes acquisition of Trustwave

January 5: The MC² Security Fund, an affiliate of advisory and investment firm the Chertoff Group, completed its acquisition of global cybersecurity and managed security services provider Trustwave, which offers the Fusion Security Operations platform.

The acquisition will extend the global reach of Trustwave’s offensive and defensive cybersecurity portfolio, Trustwave CEO Eric Harmon said in a statement. “This strategic partnership with MC² and The Chertoff Group serves as a testament to our ongoing innovation and commitment to delivering unparalleled cyber value.”

Trustwave provides managed detection and response (MDR), managed security services (MSS), cyber advisory, penetration testing, database security, and email security. It also operates the SpiderLabs threat research and intelligence team.

Privileged access management provider Delinea buys Authomize

January 9: Privileged access management (PAM) provider Delinea acquired Authomize to increase its capabilities to detect cloud-based threats. The purchase “will extend the Delinea Platform’s reach for comprehensive privileged controls in the cloud while expanding its role to provide a strong defense against identity-based attacks such as account takeovers, insider threats, and lateral movement,” the company said in a statement. “CIEM and ITDR capabilities will be delivered through the cloud-native Delinea Platform, adding depth to its execution of the company’s vision to extend PAM across the modern enterprise.” The acquisition also establishes for Delinea a research and development center in Israel.

Snyk acquires Helios to enhance cloud-to-code risk visibility

January 16: Developer security firm Snyk bought application runtime data capture platform Helios in a bid to enhance its cloud-to-code risk visibility. The acquisition will accelerate the evolution of its Snyk AppRisk platform and Helios’ full-stack runtime data collection and insights capabilities will be integrated into the Snyk Developer Security Platform.

“As the pace and complexity of software development continues to rapidly increase, we’ve seen our global customers reap enormous productivity gains, but often at the cost of increased risk and critical security concerns,” Snyk CEO Peter McKay said in a statement. “This acquisition was executed with those valid concerns top of mind.”

Australia’s 5G Networks buys Security Shift

January 16: Melbourne-based digital services company 5G Networks has acquired Security Shift for AUD$4 million. Security Shift provides cyber security consultancy, end-to-end managed services and outsourced IT engineering and software development, focusing on public cloud, data centre, critical infrastructure, and Australian Government ISM.

“We certainly see the importance and growth in the security area, we are constantly asked to assist our larger managed IT clients and have been restricted in the past as to what we could provide,” 5GN managing director Joe Demase said in a press release. The addition of Security Shift will “enable 5GN to unlock a number of opportunities within our customer base.”

5GN owns and operates a high-speed data network in all major Australian capital cities, Singapore, the USA, Hong Kong and New Zealand. The company also offers managed cloud solutions and managed services to optimize customers’ IT and network environments.

Staley Technologies acquires cybersecurity service division of HoganTaylor Technology

January 23: Managed IT and cybersecurity and technology integrator Staley Technologies has bought the managed service and cybersecurity service division of HoganTaylor Technology for an undisclosed amount. The deal will enhance cybersecurity services and provide an end-to-end solution for the clients of both companies, Staley said in a statement.

Staley Technologies retained all HTT employees, who are experts in cybersecurity and
technology and led by former HoganTaylor partner Cody Griffin.