Keep the pace of CyberSecurity mergers and acquisitions!
Looking at such a list, I believe it is critical for CISOs to adapt to this pace by anticipating their needs, managing obsolescence, contracting and migrating their Cyber Defense solutions within a very short period of time.
If they hesitate too much, for instance to decide who’s gonna be shortlisted during an RFP, they may simply have to restart the entire process again due to emerging acquisitions and technologies. When smartphones have emerged, I’ve known a friend who kept waiting for the best possible one. As each year a new smartphone was released (for sure better than any previous one) he ended up keeping his dumb phone for years… For sure not the best option!
In order to adapt, CISOs must have and share a vision and remain agile towards such a volatile market, ensuring the continuity of their strategy. Even selecting well-known vendors does not guarantee longer term decisions: famous companies have also been acquired by others, as shown in the list below, while today’s small companies may grow into future major ones.
It is also wise to avoid contracting with the same vendor for the entire fleet of CyberSecurity solutions. Which means that vendors should not try to cover all possible needs but rather ensure interoperability and proper R&D skills. It’s like a painting: plenty of colours are used, their mix ensures the best overall picture… provided that they match together !
In order to demonstrate agility both for themselves and for their teams, CISOs must not look for the perfect solution and vendor that enable them to tick all the boxes, but rather stay focused on their risks and concerns to pick the best partner and product and stay openminded and aware of the market to adapt to future stakes.
CISOs must also [define and] revise their “make/team/buy” strategy, and rather control the mix of their partners and solutions than either try to do everything by themselves or outsource everything to a unique third-party. In other words, CISOs must move from musician to bandmaster, which probably also applies to CIOs by the way 😉
2010: Intel acquires McAfee Aug 2010: Thoma Bravo acquires LANDesk Jan 2011: Dell acquires SecureWorks Jul 2012: Dell acquires Quest Software Jan 2014: Orange Business acquires Atheos Aug 2015: Blackberry acquires Good Technology Sep 2016: Intel sells McAfee to TPG Jan 2017: Thoma Bravo sells LANDesk to Clearlake Capital Jan 2018: LinkByNet acquires Securiview 2018: Thoma Bravo acquires Imperva, Barracuda Networks, Veracode 2019: Thoma Bravo acquires Sophos 2019: VMWare acquires Intrinsic & Carbon Black 2019: F5 acquires Shape Security 2019: Orange acquires SecureLink 2019: Palo Alto Networks acquires Demisto & PureSec 2019: Fortinet acquires enSilo 2019: McAfee acquires NanoSec 2019: FireEye acquires Verodin 2019: HP acquires Bromium 2019: Proofpoint acquires ObserveIT 2019: Chronicle folds into Google Cloud Feb 2019: Carbonite acquires Webroot Feb 2019: Blackberry acquires Cylance May 2019: Insight Venture Partners acquires Recorded Future Aug 2019: Broadcom acquires Symantec Nov 2019: Opentext acquires Carbonite Dec 2019: Francisco Partners and Evergreen Coast Capital Corporation acquire LogMeIn (including LastPass) Apr 2020: Accenture acquires Symantec Cyber Security Services Apr 2020: Hellman & Friedman acquires Checkmarx Feb 2020: Dell sells RSA Security to Symphony Technology Group Jul 2020: Advent acquires Forescout (amended merger) Sept 2020: RSA Security operates as an independant company Jan 2020: Insight Partners Acquires Armis At A $1.1 Billion Valuation Jun 2020: Microsoft Acquires CyberX To Accelerate And Secure Customers’ IoT Deployments Oct 2020: Private Equity Firm TA Associates Acquires Cybersecurity Vendor Netwrix Oct 2020: Atos Completes The Acquisition Of Digital.security Dec 2020: Ivanti Announces Double Acquisition Of MobileIron, Pulse Secure In Zero-Trust Security Push
Apr 2021: Rapid7 Bolsters Open Source Security With Velociraptor Acquisition
Apr 2021: Thoma Bravo Is Buying Cybersecurity Firm Proofpoint In A $12.3 Billion All-Cash Deal
Apr 2021: Accenture Announces Intent To Acquire Openminded, France-Based Cybersecurity Services Company
Apr 2021: Tenable Completes Acquisition of Alsid
Jun 2021: Private equity firm Symphony Technology Group (STG) acquires FireEye’s security products business and brand (without Mandiant Solutions)