End of an encryption era?

Contact: Ben Kolada

There has been considerable consolidation in the drive encryption sector over the past half-decade, most recently with Dell acquiring OEM partner Credant Technologies. However, with Dell taking Credant off the table, meaningful consolidation may be complete as there are few potential buyers left.

Dell is buying its OEM disk encryption software partner Credant in what could be seen as a tech tuck-in. The acquisition provides Dell with the IP rights to technology it already sells – Credant’s Data Protection Suite was available on Dell’s laptops and workstations as a preconfigured option. Terms weren’t disclosed, but we’re hearing that Credant generated trailing revenue in the $20-30m ballpark. (We’ll have a full report on the transaction in our next Daily 451.)

After earlier rounds of consolidation in this sector by security giants Symantec, McAfee and Check Point Software, there aren’t many potential acquirers left. In fact, it appears that the number of likely targets may outnumber the likely acquirers. Although M&A in this sector seems to be either at its end or near it, two remaining targets we would point to are still-independent vendors WinMagic and Zecurion.

Similar acquisitions to Dell buying Credant

Date announced Acquirer Target Deal value TTM revenue
September 22, 2011 Wave Systems Safend $12.8m Not disclosed
April 29, 2010 Symantec GuardianEdge Technologies $70m $18m
April 29, 2010 Symantec PGP $300m $75m
October 8, 2007 McAfee SafeBoot $350m $60m*
November 20, 2006 Check Point Software Technologies Protect Data [dba Pointsec] $586m $63.8m

Source: The 451 M&A KnowledgeBase *451 Research estimate

For more real-time information on tech M&A, follow us on Twitter @MAKnowledgebase.

KEYW picks up Sensage to build out Project G

Contact: Ben Kolada

Just three days after announcing its largest acquisition – the $126m pickup of cybersecurity software development firm Poole & Associates – KEYW has snagged small security information and event management (SIEM) vendor Sensage for $24m, with an earnout potentially raising that price by $10.5m. The two companies had previously been partners, working together on KEYW’s networking cybersecurity platform, dubbed Project G.

KEYW is handing over $15m in cash and $9m in stock. The deal also includes an earnout of up to $3m in cash and $7.5m in stock, achievable based on unspecified revenue targets for the second half of the year. The transaction is expected to close in October.

The Redwood City, California-based target, which has 35 employees, generated about $12m in revenue last year and recorded a small operating loss for the first half of this year. However, although the legacy Sensage business will be retained, the company isn’t being valued on its sales, but rather its potential contribution to KEYW’s nascent Project G platform. Sensage CEO Joe Gottlieb will head the combined company’s Project G network security initiative. KEYW began commercially testing Project G in June.

Select precedent ESIM acquisitions

Date announced Acquirer Target Price/sales valuation
April 3, 2012 TIBCO Software LogLogic 3.5*
October 4, 2011 IBM Q1 Labs 8.8*
October 4, 2011 McAfee NitroSecurity 5.3*
June 23, 2011 SolarWinds TriGeo Network Security 3.9
September 13, 2010 Hewlett-Packard ArcSight 7.7

Source: The 451 M&A KnowledgeBase *451 Research estimate. Click links for full deal details.

For more real-time information on tech M&A, follow us on Twitter @MAKnowledgebase.

Maybe M&A for McAfee?

Contact: Brenon Daly, Andrew Hay

With the ink barely dry on the M&A papers of SolarWinds’ purchase of TriGeo, we understand that another deal in the enterprise security information management (ESIM) market may be already in the works. Several industry sources have indicated that McAfee and NitroSecurity are thought to be close to an agreement that would give Intel’s subsidiary a solid ESIM offering.

McAfee has been looking in this market for some time. We gather that the company lobbed a bid (thought be in the neighborhood of $600m) for ESIM kingpin ArcSight before that company went public in February 2008. More recently, we weren’t surprised to hear that McAfee was in the process early for ArcSight last summer but got outbid by Hewlett-Packard, which ended up paying $1.65bn, or a steep 8 times trailing revenue for ArcSight.

If the acquisition indeed comes together, NitroSecurity would make a great deal of sense for McAfee. NitroSecurity, which we understand is running at about $40m in revenue, sells big-ticket installations to enterprises and the federal government – a market that McAfee clearly wants to be in. (NitroSecurity is also one of the few security vendors that has been able to crack into the industrial control system market, which gives the company a shot at lucrative contracts securing some of the nation’s critical infrastructure.)

The only other ESIM provider of size that might also give McAfee a comparable presence in the enterprise market would be Q1 Labs. However, that firm has a deep relationship with Juniper Networks, which is its single largest OEM partner. Nonetheless, Q1 has ascribed itself a fairly rich valuation, according to sources. The market may well soon have its vote on that, as Q1 recently indicated that it is looking toward an IPO.

McAfee doubles down with tenCube

Contact: Jarrett Streebin

McAfee recently made its second purchase this year in the mobile security field, picking up tenCube. The Singapore-based startup’s applications provide backup and restore for select data, device tracking, as well as remote lock and wipe for Android, BlackBerry, Symbian and Windows Mobile smartphones. Combined with McAfee’s recent acquisition of Trust Digital, recently disclosed in an SEC filing as a $33m purchase, the two deals help provide the largest stand-alone security company with the ability to secure and manage both consumer and enterprise smartphones.

Although mobile hacking is increasing, the several levels of control present in the devices and networks have prevented a major outbreak of malware infections. But due to the rapid expansion of mobile traffic, as well as the amount of sensitive information stored on and sent by these devices, the likelihood of such attacks is increasing. McAfee is well aware of these threats and has been expanding its offerings since its purchase of SafeBoot in 2007. Then, in May it purchased Santa Clara-based startup Trust Digital, providing McAfee with a robust set of Enterprise Mobility Management tools to help manage smartphones on employer networks. Now with tenCube, McAfee adds WaveSecure, the leading device security application for Android phones. WaveSecure is also offered on most other mobile operating systems, providing McAfee with a complete suite to sell to carriers and OEMs.

To say that mobile security has been a hot space recently would be an understatement. TenCube was the most recent of seven acquisitions this year – up from zero in all of last year and only one the year before. Although McAfee gets one of the best device security application makers with tenCube, there are still others left on the market. It’s likely that we’ll see tenCube’s competitors SmrtGuard and Lookout Inc, as well as other mobile device management players like Conceivium, BoxTone, MobileIron and Zenprise, attract M&A attention in the future as more players look to enter the mobile market or strengthen current offerings. Look for our full report in tonight’s MIS sendout.

Symantec-Veritas without the strings

Where Symantec purchased, McAfee will partner. Having watched its major security competitor get bogged down with a storage acquisition, McAfee has opted for a low-risk partnership to tie its security products with storage. The largest stand-alone security vendor said Tuesday that it has struck an alliance with data management software provider CommVault. The initial integrated product, which will put CommVault’s storage resource management tool into McAfee’s ePolicy Orchestrator console, will be available next year.

With modest integration and no bundled products planned, we would characterize McAfee’s loose partnership with CommVault as ‘Symantec-Veritas lite.’ And the two sides have reason to be cautious, given the struggles Symantec has had with its $13.5bn purchase of Veritas. (Although he continues to back the deal, Symantec CEO John Thompson has said the market considers the combination a ‘purple elephant’ and is uncertain of how to value it.) Since the transaction was announced in December 2004, Symantec shares have lost about half of their value, compared to a 20% decline in the Nasdaq and a slight 5% dip in McAfee stock.

Unsecured M&A

In the past month alone, we’ve seen a number of landmark IT security transactions. Symantec inked the largest-ever software-as-a-service security deal, paying $695m for MessageLabs. The largest pure security vendor, McAfee, announced its biggest deal, doubling down on network security with its $497m purchase of Secure Computing. And the formerly somnolent Sophos shook off its sleepiness to go shopping. It recently closed its $341m purchase of Utimaco, the largest acquisition of a publicly held security company by a private company.

So with all of these big-ticket transactions, overall deal flow in security should be strong, right? Actually, year-to-date totals are running at less than half the level of either of the previous two years. The reason: large consolidation plays have been knocked off the table this year. So far, just one security transaction worth more than $500m has been announced, down from five during the same period last year and four in 2006.

Security M&A totals

Period Deal volume Deal value Selected transactions
January 1-October 13, 2006 96 $6bn EMC-RSA, IBM-Internet Security Systems
January 1-October 13, 2007 70 $7.2bn Cisco-IronPort, SafeNet LBO, Google-Postini
January 1-October 13, 2008 68 $2.7bn Symantec-MessageLabs, McAfee-Secure Computing

Source: The 451 M&A KnowledgeBase

Deciphering encryption deals

Exactly a year ago, McAfee announced its $350m acquisition of SafeBoot, which in turn came about a year after Check Point Software made its own purchase of an encryption vendor, Protect Data AB. We mention this bit of history because, in what has seemingly become an annual autumn event, Sophos just closed its own big encryption purchase, the $341m deal for Utimaco.

Although the three encryption vendors shared a home market of Europe and were in the same neighborhood in terms of revenue, the three transactions are very different. For starters, the relative growth rates of the targets were all over the board. Protect Data, or Pointsec as it was more commonly known, was clipping along at 90% year-on-year growth when we spoke to them ahead of the takeout. (Although we have heard that some of that torrid growth came at the expense of margins.) Meanwhile, SafeBoot, which was preparing for a possible public offering, told us sales were likely to grow about 70% in the year leading up to its acquisition. In contrast, 20-year-old Utimaco had increased sales just 20% in its most recent fiscal year.

Also, Check Point inked its acquisition of Protect Data when it was running at about $600m in sales. McAfee was even larger, having topped $1bn in annual revenue when it reached for SafeBoot. That’s not the case for Sophos and its just-closed purchase of Utimaco. With Sophos having finished its fiscal year (ending March) with revenue of $213m, it will be looking to integrate a company that is nearly half its size.

Finally, the returns on the two acquisitions already on the books have varied quite a bit. Check Point, which has traditionally been strong on network security, has struggled to notch sales of Pointsec, which secures the endpoint. On the other hand, McAfee has kept SafeBoot rolling along, with one source indicating that the unit will do about $100m in sales this year. The reason: McAfee already had a strong presence on endpoint security, as well as a management console that has integrated SafeBoot. Of those two contrasting acquirers, Sophos lines up more closely with McAfee, which bodes well for its combination with Utimaco. That’s crucial for Sophos, since we consider its purchase of Utimaco a make-or-break deal for the company.

Significant data encryption deals

Date Acquirer Target Price Target revenue
July 2008 Sophos Utimaco $341m $86m
October 2007 McAfee SafeBoot $350m $60m*
November 2006 Check Point Protect Data (Pointsec) $586m $64m

Source: The 451 M&A KnowledgeBase *451 Group estimate

Preferred gets preference

Even with McAfee’s offer of $5.75 in cash for each share of Secure Computing representing a premium of about 27% over the previous close, many Secure shareholders are underwater. In June, Secure sank to its lowest level in six years, part of a slide that has seen some 40% of its market value erased this year. The decline left the company trading at just 1x revenue. (When it shed its authentication business at the end of July, we noted that the divested unit sold for twice the valuation of the remaining Secure business, a highly unusual situation in corporate castoffs. We also asked if the move wasn’t a prelude to an outright sale of the company.)

It turns out, however, that the stock’s decline didn’t really affect Secure’s largest shareholder, Warburg Pincus. The private equity firm took a $70m stake in Secure in January 2006. (Secure took the money to help it pay for its mid-2005 purchase of CyberGuard.) Yet, because of the way Warburg structured its purchase, the shop ended up making money on its holding. That’s true even though Secure stock, even with McAfee’s offer, is some 60% below where it was when Warburg took its stake. (Shares changed hands at $14.40 each when Warburg picked up its holding, although the conversion price was adjusted slightly six months later to offset the potential dilution caused by Secure’s cash-and-stock purchase of CipherTrust.)

In the end, Warburg pocketed $84m from McAfee for its Secure holdings, which were largely made up of series A preferred shares. Having put $70m into Secure, and then seen the shares sink, we guess Warburg is probably content to book even a slight gain on its investment.

Sophos bags an elephant

In a twist on a private-public transaction, Sophos laid out on Monday a bold $340m plan to pick up Utimaco, an encryption vendor that trades on the Frankfurt Stock Exchange. Rather than rolling into the public company, Sophos plans to take Utimaco off the market. It plans to fund the acquisition by drawing on three sources. (My colleague, Nick Selby, has the details on the financing as well as the strategy.)

The financing is crucial because this deal is a whopper. If it goes through, it’ll be the largest IT security deal in seven months. More significantly, however, Sophos’ planned acquisition of Utimaco stands as the biggest purchase by a privately held security company. In fact, it’s nearly twice the size as the number two deal, Barracuda’s unsolicited run at Sourcefire. (And it’s not certain that deal will close at all. Sourcefire, which is slated to report second-quarter earnings on Thursday, has shot down the deal so far.)

Although Utimaco will be erased from the market, we view the disappearance as temporary. Once the two companies get through the integration, we expect Sophos to try to go public once again. (Recall that last fall, it announced plans to list on the London Stock Exchange but shelved them as the markets deteriorated.) Among the underwriters for the planned IPO was Deutsche Bank, which advised Sophos on the purchase of Utimaco. Indeed, it was the same DB banker on this deal that also co-advised on a very similar transaction last fall, McAfee’s $350m purchase of Dutch encryption vendor SafeBoot. (DB and UBS Investment Bank advised SafeBoot, while Morgan Stanley advised McAfee.)