Sophos bags an elephant

In a twist on a private-public transaction, Sophos laid out on Monday a bold $340m plan to pick up Utimaco, an encryption vendor that trades on the Frankfurt Stock Exchange. Rather than rolling into the public company, Sophos plans to take Utimaco off the market. It plans to fund the acquisition by drawing on three sources. (My colleague, Nick Selby, has the details on the financing as well as the strategy.)

The financing is crucial because this deal is a whopper. If it goes through, it’ll be the largest IT security deal in seven months. More significantly, however, Sophos’ planned acquisition of Utimaco stands as the biggest purchase by a privately held security company. In fact, it’s nearly twice the size as the number two deal, Barracuda’s unsolicited run at Sourcefire. (And it’s not certain that deal will close at all. Sourcefire, which is slated to report second-quarter earnings on Thursday, has shot down the deal so far.)

Although Utimaco will be erased from the market, we view the disappearance as temporary. Once the two companies get through the integration, we expect Sophos to try to go public once again. (Recall that last fall, it announced plans to list on the London Stock Exchange but shelved them as the markets deteriorated.) Among the underwriters for the planned IPO was Deutsche Bank, which advised Sophos on the purchase of Utimaco. Indeed, it was the same DB banker on this deal that also co-advised on a very similar transaction last fall, McAfee’s $350m purchase of Dutch encryption vendor SafeBoot. (DB and UBS Investment Bank advised SafeBoot, while Morgan Stanley advised McAfee.)