Category: security

Contact: Scott Denne Adrian Sanabria

Earlier this year, we took a look at M&A possibilities for the cloud application control (CAC) market, and pegged cloud SSO/IAM products as a good matchmaking opportunity. That’s exactly what’s happened with LogMeIn’s acquisition of Meldium. The acquirer’s AppGuru product allows enterprises to monitor and control employee access to SaaS apps. With authentication being the key chokepoint for CAC services, the ‘melding’ of Meldium’s offering with AppGuru could give LogMeIn customers an opportunity to address two issues with one stone.

The $15m price tag (including an unspecified earnout) for Meldium is a typical deal size for LogMeIn, which has built a diverse set of SMB applications, mostly organically, having only made four acquisitions (all between $7.5-16m) since its debut as a public company in 2009. One difference with its Meldium purchase: LogMeIn is jumping on the target earlier than it typically does. Meldium is a year out of its stint at Y Combinator, whereas Ionia and Bold Software, LogMeIn’s two most recent targets, had more than two decades of operations between them when they were picked up.

While LogMeIn has plenty of cash ($220m and growing) and equity to do larger deals, its M&A activity has been light, opting instead to lean on internal development to expand into areas like collaboration, Internet of Things and IT management for SMBs from its starting point in remote desktop applications. Small, tactical buys have served LogMeIn well – it’s projecting 30% revenue growth this year to $217m, outpacing the 15-20% gains it has put up in each of the past three years.

For more real-time information on tech M&A, follow us on Twitter @451TechMnA.

Contact: Scott Denne Garrett Bekker

Veritas Capital’s acquisition of BeyondTrust adds to a flurry of recent deals in the identity and access management (IAM) sector. The transactions continue to flow as CISOs become less reliant on perimeter defenses alone.

At $310m, Veritas is valuing BeyondTrust just a smidge over 3x trailing revenue, putting it below the multiple on Thoma Bravo’s purchase of SailPoint and above the 2.5x that Gemalto paid for SafeNet in its $890m acquisition of that company in August. Other recent deals in this sector include RSA’s pickup of Symplified’s assets and a pair of IAM purchases this summer by IBM.

In a December 2013 survey by TheInfoPro, a service of 451 Research, IAM was the most cited security-related spending priority for IT shops over the next 12 months. Given the increasing role of identity as a key security construct in both cloud and mobile computing architectures, we expect that identity-related technologies will remain fodder for future dealmaking.

Recent IAM transactions

Source: The 451 M&A KnowledgeBase

For more real-time information on tech M&A, follow us on Twitter @451TechMnA.

Contact: Scott Denne Garrett Bekker

IBM inks its second acquisition in a month to grow its identity and access management (IAM) capabilities. In reaching for Lighthouse Security Group, Big Blue gains a managed services offering that already runs on its IAM suite, as well as hard-to-find talent in the IAM sector.

Though Lighthouse brings some unique intellectual property, the rationale is different than last month’s purchase of CrossIdeas, which added access governance and analytics software to IBM’s already broad IAM portfolio, which is mostly built around assets from Tivoli.

The relative importance of IAM within the security landscape expands as the notion of a security perimeter retreats. As we noted in an earlier report, IAM has already played a role in a number of smaller deals this year, including Ping Identity’s pickup of accells technologies and HID Global’s takeout of Lumidigm, as well as Gemalto’s agreement to spend $890m on SafeNet last week.

Whether customers are seeking decreased complexity of IAM deployments via a service like Lighthouse or advanced capabilities like CrossIdeas, IAM is a top priority for CISOs. According to a 2013 survey by TheInfoPro, a service of 451 Research, identity management was the most common security-related priority for IT shops over the next 12 months.

We’ll have a more detailed look at this transaction in tomorrow’s 451 Market Insight.

For more real-time information on tech M&A, follow us on Twitter @451TechMnA.

Contact: Scott Denne

In BlackBerry’s first purchase in more than two years, the struggling smartphone maker buys voice encryption vendor Secusmart, reflecting the importance of security in its turnaround strategy.

Secusmart develops technology for encrypted voice and data communications. The company’s German roots should appeal to BlackBerry’s customers in the region (Europe and the surrounding areas accounted for almost half of BlackBerry’s revenue and is declining at a faster rate than North American sales), where security, especially anti-eavesdropping security, is growing in importance.

Security was a key part of BlackBerry’s rise – its secure email servers helped it become the go-to device for mobile email. This acquisition, along with its CEO’s public statements (he said the words ‘secure’ or ‘security’ 20 times on the company’s last earnings call), demonstrate that BlackBerry is looking to build off of that reputation to recapture enterprise sales of its phones and mobility management software.

BlackBerry still has a foothold in the enterprise segment, but time is limited. According to ChangeWave Research, a service of 451 Research, BlackBerry phones are far more popular among IT buyers than the general public, with 20% of IT departments reporting that they plan to purchase BlackBerry phones in the next 90 days, down from 33% in the same survey a year earlier. A separate survey by ChangeWave shows that BlackBerry still remains a leader in MDM installations, but no buyers reported planned installations or evaluations of BlackBerry’s MDM products in the near future.

For more real-time information on tech M&A, follow us on Twitter @451TechMnA.

Contact: Wendy Nather

As long as there are carbon-based life forms in the system, there will be a need for security awareness education. Security Innovation has spent several years enhancing its application-based security training, but now is expanding into general security training products by acquiring Safelight Security. Terms of the all-cash deal were not disclosed, and neither side used an adviser.

The two companies started talking about teaming up in late 2013. Safelight had last raised funding in 2011, garnering just under $1m from angel investors, and it needed more financing to ride the wave of demand for infosec awareness training. From the Security Innovation side, the deal is an opportunity to take out a likeminded competitor, pick up senior security talent (always in short supply), and collect Safelight’s customer base (since the two were rivals, there’s little overlap). While both sides had plenty of training content, Safelight’s was cast more in the mold of awareness marketing campaigns, including ‘themed collateral’ such as posters, YouTube-style short videos, tip sheets and infographics to go along with the computer-based training.

Both Safelight and Security Innovation have been around for a long time, but security training is gaining fresh interest as newcomers like PhishMe, Wombat Security and KnowBe4 join the scene. Security Compass remains a competitor, as does Denim Group, which still produces its ThreadStrong training videos. The combination of Security Innovation and Safelight is probably big enough to take on Cigital, SANS Institute and FishNet Security.

We’ll have a detailed report on this transaction in tomorrow’s 451 Research Market Insight.

For more real-time information on tech M&A, follow us on Twitter @451TechMnA.