Академический Документы
Профессиональный Документы
Культура Документы
Momentum Offers Readers A Condensed Public Edition & Client Edition Of The Cybersecurity Almanac.
Intended Audience ▪ Board of Directors ▪ Corporate Development ▪ Public Investors ▪ Governments & Defense
▪ Venture Capitalists ▪ M&A Professionals ▪ CISOs ▪ Regulators
▪ We are dedicated to consistently providing valuable insights on the fast growing and rapidly evolving Cybersecurity landscape
Purpose ▪ We publish the Almanac with the sole purpose of sharing the document with the growing Cybersecurity ecosystem to create awareness around key industry trends
and strategic activity
▪ The 2019 Almanac takes a deep dive into the year that was and puts focus to key topics on the year ahead
▪ This year’s edition is our most in-depth industry review ever, as we present a detailed view on key industry trends, private and public market activity, major news
and events, and all things “Cyber”. Some key highlights include:
- Highlighted key M&A and financing transactions as well as IPOs and public market performance
Background - The latest version of our often referenced CYBERscape to accurately capture the continuously evolving industry taxonomies
- An examination of the past decade of Cybersecurity transactions (M&A and VC / PE) to provide valuable insights and identify key trends
- Spotlighted our favorite content in 2018, sharing our own original content, as well as others’
- Focused on key regulatory changes as well as industry sectors that are center stage with higher than average strategic activity
- Spotlighted leading, Cyber-focused investors that increasingly play an integral role in the industry’s most innovative startups
▪ We maintain the leading proprietary M&A and Financing Transaction Database – unrivaled in its accuracy, quality, and scale (“CYBERcloud”)
Methodology ▪ We complement CYBERcloud with data from various industry leading databases and research publishers, primarily from North America and around the world,
representing over a million data points and decades of institutional industry knowledge and experience
2
The Authors
World-Class Advisors & Operators In Cybersecurity.
Authors
Keith Skirbe Dino Boukouris Jeremy Isagon Tim Van Tuyle Jay Keswani
Founder & Director Founder & Director Associate Associate Analyst
Momentum Cyber Momentum Cyber Momentum Cyber Momentum Cyber Momentum Cyber
Backgrounds
As Advisors As Operators
Client Public
Foreword | Making Cybersecurity Investing & M&A Work: An Operator’s Perspective (By Dave DeWalt) 5 5
For Access To The Client Edition, Please Contact Momentum Cyber At almanac@momentumcyber.com
4
Foreword
Foreword
By Dave DeWalt | CEO, NightDragon Security & Chairman, Momentum Cyber
Dave DeWalt
Founder & Chairman
Momentum Cyber
Michael Tedesco
industry providing bespoke high-impact Founder & Managing Partner
Action
25+ Years M&A and Board Advisory Across
advice combined with tailored senior- Enterprise IT, Board Member, & Investor
Eric McAlpine
level access. The firm was founded by Founder & Managing Partner
Tenacity
20+ Years Cybersecurity Board/CEO
world-class advisors and operators and Advisor, Founder & Engineer
Ken Gonzalez
caters to the unique needs of both Partner Innovation
20+ Years Cybersecurity
Strategy, M&A, & Investing
earlier stage Founders, CEOs, & Boards
as well as the complexity of later stage Dino Boukouris Keith Skirbe Long Term Loyalty
Founding Member Founding Member
& Director & Director
& public companies throughout their
Sense of Humor
lifecycle – Incubation to Exit. 250+ Deals $250+ Billion
Momentum Cyber provides world-class M&A and strategic advice combined with unparalleled senior-level access to the Cybersecurity
ecosystem. We advise on a broad range of strategic activities, including mergers and acquisitions, board & special situations, corporate strategy
& development, corporate finance, and operational excellence. We are a mission driven firm with a passion for Cybersecurity.
Advice. Access.
▪ Mergers & Acquisitions 41%
Executives
- Sellside 59%
- Buyside
Board Members
- Divestitures
Sellside Buyside
- Joint Ventures
Investors
16%
▪ Board & Special Situation Advisory
30%
55% Entrepreneurs
▪ Corporate Strategy & Development
Policy Influencers
▪ Partnerships & Business Development <$100M $100M - $400M >$400M
$39.6 46
$36.1 32
$28.0 31
$19.7 29
$18.0 20
$15.5 19
$15.5 16
$14.2 16
$13.2 14
$13.0 14
$12.6 12
$12.4 12
$10.2 Other Notable Advisors (1) 9
$7.3 5
$6.5 $3.9B / 78 $1.4B / 33 $1.6B / 17 $4.5B / 14 4
Note: Only Includes Buy-side and Sell-side M&A Statistics (e.g., excludes fairness of opinions). All Advisers listed have advised on more than 1 Cyber Transaction. Return To Table Of Contents
No Advisor used on $6.8B of disclosed deal value & no Advisor used in 93 disclosed deals. 11
(1) Did not make ‘Top 15’ due to deal value, but generally active advisors in Cybersecurity.
Tremendous Advisory Track Record In Cybersecurity
Unrivalled Deal Experience And Comprehensive Coverage Across The Cybersecurity Landscape.
acquired by strategic investment in acquired acquired by acquired by acquired by acquired acquired acquired by
Undisclosed Consumer
Security Company
Security IoT Managed Security Network Network Web Managed Detection Consumer Security
Analytics Security Service Provider Security Security Security & Response Security Analytics
Network / Web Network Email Data Email Managed Security Intrusion Vulnerability Industrial IoT
Security Security Security Security Security Service Provider Detection Management Security
IPO
Mobile Email Application Network / Web Data Loss Web Endpoint Content Mgmt.
Security Security Control Security Prevention Security Encryption Software
Note: Deals with disclosed deal values greater than $25 Million. Return To Table Of Contents
13
Micro Focus Acquires Interset
Momentum Cyber Served As Exclusive Financial Advisor To Interset.
▪ “The combination of the Interset technology with Micro Focus’ broad security portfolio is a powerful combination that will Founded: 2012
has been acquired by produce a level of protection that will be unmatched in the market. Our ‘Data In, Intelligence Out’ methodology will deliver
an even-more complete set of benefits for our combined customers – allowing them to leverage near real-time information to $50M Series D
address both immediate- and long-term threats.” – Mark Smialowicz, Chief Executive Officer, Interset
Date: 08/14/18
Transaction Significance HQ: San Mateo, CA
▪ Interset’s predictive analytics technology adds depth to Micro Focus’ Security, Risk & Governance portfolio, and aligns with the Founded: 2013
Company’s strategy to help customers quickly and accurately validate and assess risk as they digitally transform their businesses
Investors:
▪ The Company’s technology will accelerate Micro Focus’ delivery of a more-robust UEBA offering, and help drive deeper data
insights across security and operations that are necessary to execute on the Company’s SecOps Analytics vision
acquires
▪ Interset will supplement Micro Focus’ Big Data analytics software, Vertica, and add additional value to Micro Focus ArcSight –
Momentum Cyber served as exclusive the world’s leading real-time correlation engine – to deliver a highly differentiated Cybersecurity solution Date: 08/28/17
financial advisor to Interset
▪ Key Attributes of the Interset technology includes: HQ: Baltimore, MD
- Extensible Analytics: The technology eliminates the need for expensive product consultations and customization
Founded: 2011
- Principled Math: Utilizes a growing library of 350+ proven machine-learning and advanced-analytics models, applying them
to both events and entities, to yield a highly accurate means of detecting, connecting, and quantifying high-risk behaviors EV: $60M
- Scalable Big Data: The flexible, open platform combines an advanced-analytics engine with open-source, big-data
acquires
technology and can be deployed in the Vertica, Hortonworks or Cloudera infrastructures, scaling to meet the needs of the
largest, most-sophisticated environments
Date: 02/28/17
Transaction Significance HQ: Israel
▪ Momentum Cyber acted as exclusive Financial Advisor to Interset
February 15th, 2019 Founded: 2011
▪ This transaction demonstrates Momentum Cyber’s continued success in advising innovative, next-generation Cybersecurity
companies and further establishes the firm’s leadership position as the ‘go to’ advisor exclusively focused on Cybersecurity EV: $105M
▪ On August 2nd, 2018, The ADT Corporation (“ADT”) announced it has acquired Secure Designs Inc. acquires
(“SDI”)
▪ “ADT and SDI are the perfect match; two companies dedicated to providing business owners with Date: 11/14/2017
peace-of-mind knowing their greatest investment is monitored and more secure. Cybercrime is a real
threat to the livelihood of small businesses across the country. It is imperative that we provide our HQ: Scottsdale, AZ
customers with a complete suite of solutions to help ensure every point of entry, whether physical or
has acquired
digital, is protected.” - Michael Keen, Vice President, ADT Cybersecurity
Founded: 2009
▪ “Together with ADT, we’ll now be able to extend our reach to give new and existing small business
customers the network security that is needed to operate in today’s world.” - Larry Cecchini, SDI
Owner & now Vice President / General Manager, ADT Cybersecurity Small Business acquires
▪ With SDI’s resources and technology, ADT will now be able to provide real-time insights to Internet HQ: Cincinnati, OH
risks and behaviors, coupled with bundled solutions to improve small business performance. Best of
Momentum Cyber acted as ADT’s all, solutions are customizable to suit the needs of a historically underserved customer segment
Founded: 2015
strategic Cybersecurity advisor ▪ ADT Cybersecurity services for small business will now include customization, installation,
monitoring, and management of enterprise-grade firewalls. This multi-layered security approach
provides active perimeter defense, vulnerability scanning and secure remote access to help eliminate acquires
data loss
Date: 08/21/2017
Momentum Cyber’s Role
HQ: Cambridge, Ontario
▪ Momentum Cyber acted as ADT’s exclusive strategic Cybersecurity advisor
▪ This transaction demonstrates Momentum Cyber's continued success in advising innovative, next- Founded: 2011
August 2nd, 2018 generation Cybersecurity companies and further establishes the firm's leadership position as the ‘go
to’ advisor exclusively focused on Cybersecurity EV ~$150M
▪ “In an era of constant connectivity and eroding boundaries between a professional and personal digital life, HQ: Tel Aviv, Israel
it is critical to have email protection that is both broad and deep. The acquisition of Weblife gives us greater acquired
ability to help protect our customers from today’s rapidly evolving cyberattacks, as cybercriminals look for Founded: 2014
has been acquired by new ways to abuse email channels. We are thrilled to welcome Weblife’s employees to the Proofpoint
team.” – Gary Steele, CEO, Proofpoint CEO: Guy Guzner
▪ “Organizations are having to confront the reality that employees will check their personal webmail from
$225 Million
the corporate network, and will also use their corporate devices to check their webmail at home after work,
on the road, and everywhere in between. By combining Proofpoint’s advanced threat detection capabilities
with our unique browser isolation solution, enterprises can now secure both corporate and personal email Date: 05/09/16
from advanced threats and compliance risks.” – David Melnick, CEO, Weblife
HQ: Los Gatos California
for total consideration of Transaction Significance acquired
Founded: 2012
▪ By combining Weblife’s web-isolation technology with Proofpoint’s industry leading threat detection and
$60M intelligence, companies can now secure both corporate and personal email from advanced threats and
CEO: Branden Spikes
compliance risks
Momentum Cyber acted as exclusive - Unique combination of web-isolation and advanced threat detection delivers comprehensive Undisclosed
financial advisor to Weblife protection from both malware and credential stealing phishing links
▪ The integrated solution will become part of Proofpoint’s Targeted Attack Protection advanced threat Other Primary Competitors
solution suite, and will be available in the first half of 2018
Company Headquarters Amount Raised
Momentum’s Role Mountain View,
$14.2M
California
▪ Momentum Cyber acted as exclusive Financial Advisor to Weblife
Baltimore,
November 29, 2017 ▪ This transaction demonstrates Momentum's continued success in advising innovative, next-generation Maryland
Undisclosed
Cybersecurity companies and further establishes the firm's leadership position as the ‘go to’ advisor
Menlo Park,
exclusively focused on Cybersecurity $35.5M
California
* Transaction Values were not disclosed at the time of announcement. Return To Table Of Contents
21
CYBERcloud | Momentum’s Proprietary Cybersecurity Industry Data Platform
Unparalleled Proprietary Access & Insights Provides A Significant Competitive Advantage For Our Clients.
1,000s Of Hours Dedicated To Building A Robust Cyber Data Platform | Deep Relationships, Strategic Market / Industry Insights , & Proprietary Content
CYBERscape
I. Established Network Via PREDATOR Contact List V. Proprietary Industry Content
(720+ Companies)
II. Transaction Database | 3,000+ Cybersecurity Transactions III. 3rd Party Data Sources
Over 1,000 Organizations In The US Alone Suffered From A Data Connected IoT Devices Will Continue To Be Targeted Given Their
Breach For The Third Straight Year, With Inadvertent Data Low Level Of Security And Exponential Growth; There Will Be More
Exposure As A Particularly Prevalent Cause Of Breach Significant IoT, OT, & ICS Security Incidents
Companies Invested Heavily Preparing For GDPR’s Institution In Third Party & Software Supply Chain Will Continue To Emerge As
May 2018 (88% Spent More Than $1 Million), Increasing Demand Critical New Threat Vectors Posing Some Of The Biggest
For Data-Centric Security / Privacy Solutions Cybersecurity Threats
Cloud Infrastructure Security Was A Focal Point For Investors & A Volatile Stock Market And Expanding Buyer Universe Will Make
Buyers As The Lift And Shift To Hybrid Cloud Infrastructure Rapidly Later Stage Companies View M&A As An Even More Attractive
Accelerated Alternative To An IPO, Further Increasing M&A Deal Volume
Private Equity Continued Its ‘Love Affair’ With Cybersecurity Across Security Services Providers Will Continue To Increase Market Share
Both Platform & Bolt-On Acquisitions, Including 5 Of The Top 10 As More Organizations Elect To Use Managed Solutions To Alleviate
M&A Deals Vendor Fatigue And The Growing Cybersecurity Skills Shortage
183 M&A Deals (All-Time High) $6.2B $15.5B Total M&A Volume
103% Increase In Deals From 2010 Projected Cyber Insurance Market
30 Deals ≥ $100M
Size In 2020 Driven Partially By
$6.2B Total VC Investments
5
Cloud Infrastructure
$175M Acquisition Of
32 IAM M&A
Transactions $6.0B Transaction Volume Led
By Tech Vendors 51 Risk & Compliance Capital Raises by by
Other Leading Cloud
Security Vendors
Cybersecurity Market Year In Review | 2018
Cybersecurity Remained One Of The Most Active Sectors Of Technology Across The Public & Private Markets.
I. Public Market Valuations II. IPO Activity III. M&A Activity IV. Financing Activity
▪ A volatile year for the public markets impacted sectors ▪ 5 Cybersecurity IPOs in 2018 after only 3 in 2017, ▪ 183 M&A transactions in 2018 was an all-time high ▪ Another record year of amount raised, increasing 15%
across industries, and Cybersecurity was not immune with the average IPO raising $364M in 2018 for activity, as total volume amassed $15.5B to $6.2B despite a 5% decline in activity to 408 deals
▪ Cybersecurity stocks still consistently outperformed the ▪ Average stock price increase from IPO was down over ▪ Thoma Bravo led all acquirers with 4 platform ▪ Overall median amount raised increased 33% to $8M;
S&P and other technology indices in 2018 80% in 2018 compared to last year, but average acquisitions in 2018, with a combined EV of over late stage (Series B+) activity and volume increased
revenue multiple at IPO increased 40% to 8.2x $3.7B 16% and 22% respectively
Cybersecurity vs. Benchmark Performance Avg. Increase From IPO Avg. Rev. Mult. At IPO M&A Deal Count & Volume By Quarter Financing Deal Count & Volume By Quarter
130 58 105 103 102 98
129.7% 44
8.2x 43
115 38
5.9x
100
22.4%
85
Dec-17 Apr-18 Aug-18 Dec-18 Q1 2018 Q2 2018 Q3 2018 Q4 2018 Q1 2018 Q2 2018 Q3 2018 Q4 2018
S&P 500 NASDAQ HACK 2017 2018 2017 2018 Volume ($B) $2.7 $2.5 $5.0 $5.4 Volume ($B) $1.0 $2.1 $1.5 $1.7
2018 Top Cybersecurity Stock Performance Stock Price Change Since 2018 IPO Most Active Buyers Financing Deal Volume By Stage (1)
* 4 142
3 103
149% 145% 90% 3 85
145% 7% 4% 2 60
2
79% 67% 62% 2
2
8% 29%
2
61% 30% 27% Early Stage Series A Series B Series C+
6 Others 2
Volume ($B) $0.5 $0.7 $1.4 $3.5
Source: Momentum Cyber Proprietary M&A & Financing Transaction Database.
Return To Table Of Contents
* Since IPO 26
(1) Excludes grants and straight debt / loan financings. Follow-on financings (e.g., A, A1) in same year combined to represent one deal for that stage.
The Cybersecurity Dashboard
$6.2 Billion 408 $15.5 Billion 183
2018 Financing Volume 2018 Financing Transactions 2018 M&A Volume 2018 M&A Transactions
Notable Financing Transactions 2018 Financing Activity Monthly Deal Count Pulse M&A Activity Notable M&A Transactions 2018
Financing M&A
Date Company Amt. ($M) $6.2 45 42 $20.3 Target Acquirer EV ($M)
$5.4 40 40 43
37 41 39 40
09/08/18 $295.0 39 35 35 37 37 $2,350.0
35 32 32 33 33 35 $15.5
29 27 29 33 33 33 31
29 27 31
10/03/18 200.0 25 27 26 27 26 26 1,814.7
23 22 24 21
19 19 18 18 19
14 18 14 15 16 17 17 18
06/19/18 200.0 15 13
14
15
13 13 14 1,400.0
8 13 11
8 12 13 9 10 10 10 11
10
05/15/18 175.0 5 950.0
2017 2018 Mar-16 Jun-16 Sep-16 Dec-16 Mar-17 Jun-17 Sep-17 Dec-17 Mar-18 Jun-18 Sep-18 Dec-18 2017 2018
06/19/18 168.7 Deal Value ($B) Public Comps Cyber M&A Volume Distribution Deal Value ($B) 830.0
Max 17.3x 2017 2018
06/19/18 120.0 428 408 178 183 800.0
Max 9.4x 7% 4%
Median 5.7x
06/04/18 115.0 14% 18% 750.0
30%
Median 5.6x
05/31/18 100.0 49% 600.0
Min 1.3x Min 2.0x
37% 20%
13%
11/29/18 100.0 525.0
2017 2018 8%
2017 2018 2017 2018
12/20/18 100.0 (EV / 2017E Rev) (EV / 2018E Rev) 525.0
Deal Count Multiple as of 12/31/17 Multiple as of 12/31/18 $0-$50M $50M-$100M $100M-$250M $250M-$1B $1B+ Deal Count
Source: Momentum Cyber Proprietary M&A & Financing Transaction Database. Market data updated as of December 31st, 2018. Return To Table Of Contents
Note: Denotes Momentum client. 28
v2.7
Network & Infrastructure Security Web Security Endpoint Security Application Security
Advanced Threat Protection ICS + OT Endpoint Prevention WAF & Application Security
Vicarius
Network Analysis & Forensics Endpoint Detection & Response
Application Security Testing
Network Firewall
Deception
Risk & Compliance Security Ops & Incident Response Threat Intelligence IoT Messaging Security
Risk Assessment & Visibility Security Ratings SIEM IoT Devices
Automotive
Pen Testing & Breach Simulation GRC Security Awareness & Training
Connected Home
Privileged Management
Cloud Security
Identity Governance Infrastructure CASB
Container
Consumer Identity
II. Cybersecurity
Industry
Perspectives
The Perfect Cybersecurity Storm
A Combination Of Conditions Have Created The Perfect Cyber Storm & Opportunity For Innovation.
Opportunity For
Innovation
Levels Of Danger Expand From
Legacy Security Providers Are Hacktivism To Crime To
Unable To Detect / Prevent Espionage To Terrorism To
Warfare
T E R R O R I S M
R U S S I A N
I N F O R M A T I O N
H I G H W A R
Q U A L I T Y + R A N S O M W A R E / E X T O R T I O N
R I S K
T A R G E T E D
Danger Levels
T H R E A T S
E S P I O N A G E
T H R E A T
H I G H G R E A T C H I N A
I P W A R
Q U A N T I T Y 5 , 7 7 1 C O N F I R M E D
C H I N A B A S E D A T T A C K S
T H R E A T S O N T H E U S A
C Y B E R C R I M E
H A C K T I V I S M
1 9 9 0 ’ S 2 0 0 8 2 0 1 6 2 0 1 8
A T T A C K S T A R G E T I N G I C S / O T E N V I R O N M E N T S
A T T A C K S T A R G E T I N G T R A D I T I O N A L I N F O R M A T I O N T E C H N O L O G Y E N V I R O N M E N TS
Offense
Visibility
Defense
DRONES & INDUSTRIAL ICS & SOCIAL & SATELLITE CONSUMER ID &
DOMES IoT DEVICES NETWORKS CLOUD IAAS
PHYSICAL CYBER
Return To Table Of Contents
34
A Race For The Future ASOC Reference Architecture
Vendors Across The Landscape Are Investing In & Modernizing Their Platforms To Create A Unified Platform To Empower The SOC.
The Modernization Of Security Operation Technology | SIEM + SOAR + IR + Case Management + Analytics Key Players & Strategic Activity
Key Benefits Platform Selected Strategic Moves
Fully Autonomous Platform That Addresses The Widening Full Enterprise Visibility: Identifies And Mitigates Advanced 02/27/18 | $350.0M | SOAR 07/09/15 | $190.0M | Analytics
Skills Gap, Reduces Fatigue, & Improves ROI Threats Missed By Single (Siloed) Tools
Faster Problem Triage: Reduction In Mean Time To Resolution
( ) OEM | Analytics
Advanced UEBA / Forensics Capabilities
(MTTR) & Alert Volume
Automated Data Enrichment & Contextualization 02/01/16 | $28.2M | IR 01/02/14 | $1.0B | IR
Advanced Correlation & Analysis Across Multiple Customer
Sources OEM | Analytics
Adds UEBA Application
Threat Advanced Incident Automated Knowledge Incident 07/29/18 | Analytics 02/29/16| $145.0M | IR
Reporting
Monitoring Analysis Threat Intelligence Management Response
07/10/18 | $600.0M | SIEM
Advanced Security
Operations Center 10/23/18 | $18.0M | Analytics 06/07/16 | $32.0M | SIEM
07/18/17 | $14.7M | IR
Total Amt. Raised
01/23/18 | N / A| Analytics $235.5M
Adds Case Management Module Total Amt. Raised
09/12/18 | Case Management $118.0M
Source: Momentum Cyber Proprietary M&A & Financing Transaction Database. Return To Table Of Contents
35
Lack Of Visibility Increases Risk & Severity Of Breaches…
After A Record Year For Hackers In 2017, Data Breaches Still Remain An Alarming Concern Through 2018.
Target
CarPhone
Yahoo
Warehouse European British Waterly
Central Airways
AshleyMadison.com Mozilla
Bank
3,000,000,000 70,000,000
AOL D&B, Altegrity
Korea Credit Japan Airlines
Facebook
Medical
Group Cellebrite development program
Neiman
50,000,000 Source: fortune.com
Apple Marriott Living Social Chegg
Marcus Twitter
500,000,000 50,000,000 40,000,000
Yahoo
Panera UbiSoft 300,000,000
Adobe 37,000,000
average cost of a data breach
36,000,000 1,000,000,000
$3.62 Million
decreased 10% over the past year
Year 2015 2016 2017 2018
Source: 2017 Study Ponemon institute
Demonstrate
Penalties: 4% of revenue Users may request a Controllers must comply
25 May 2018: GDPR enforcement of customer
or €20M (whichever is copy of personal data in with breach notification 2014 Baltimore, MD $19.0 Nick Culbertson
goes into effect consent for personal data
greater) a portable format windows
collection
Satisfy customer data portability Implement adequate technical Appointment of data protection 2016 Arlington, VA $13.1 Justin Antonipillai
Privacy risk impact assessments
support and enable right-to-be- and organizational measures to officer (DPO) will be mandatory
will be required where privacy
forgotten and erased from protect persons’ data and for companies processing high
risks are high
records systems volumes of personal data
2016 Seattle, WA $13.0 Kristina Bergman
2016 2017 2018 2016 2017 2018 ▪ High-profile incidents this year such as the Cambridge Analytica
Number of Deals Total Amount Raised ($M) scandal have also provided strong market tailwinds for Data 2015 Bellevue, WA $5.0 Nimrod Luria
Privacy companies
Source: Momentum Cyber Proprietary M&A & Financing Transaction Database, Report Buyer, Company Websites, Gartner, Company Websites, IT Governance, and EUGDPR.org. Return To Table Of Contents
37
The State of Israel’s Cybersecurity Market
Israel’s Cybersecurity Industry Continues Its Tremendous Growth.
Early stage companies raised more money than ever before to tackle emerging
security threats like protecting the proliferating number of internet-connected
devices and enabling blockchain technologies to thrive in more secure environments.
In 2018, the total amount of funding for Israeli Cybersecurity companies across all
stages grew 22 percent year-over-year to $1.03B. This closely matched the funding
trends of 2016 and 2017 that each saw 23 percent year-over-year growth in funding
amount. At the same time, 2018 saw 66 new companies founded, an increase of 10
percent over 2017, which represented a rebound after a dip last year (60 new
companies in 2017 vs. 83 in 2016).
The top emerging fields among new startups in 2018 included new verticals within
IoT security, security for blockchain and cryptocurrencies, cloud-native security and
SDP (Software Defined Perimeter). These nascent verticals drew considerably more
attention than more “traditional” cyber sectors such as network security, email
security and endpoint protection.
Source: Tech Crunch: The State of Israel’s Cybersecurity Market.. Return To Table Of Contents
38
Cybersecurity Labor Market Landscape
Large Demand For Cybersecurity Expertise While Global Cybersecurity Talent Shortage Persists Due To A Multitude Of Factors.
Global Workforce Shortage By Region Top Challenges Preventing Key Cybersecurity Initiatives
APAC
Global ~2.14M
▪ Inadequate Funding
Security Awareness Risk Assessment & Analysis Security Administration Network Monitoring
▪ Cost Of Formal Education
Incident Investigation & Response Intrusion Detection Cloud Security Security Engineering ▪ Not Enough Job Experience
Source: (ISC)2: (ISC)2 Cybersecurity Workforce Study 2018 . Return To Table Of Contents
39
Verizon 2018 Global Data Breach Investigations Report
Data Breaches Are Prevalent Across Industries, While Detection Of Threats Continue To Significantly Lag From Time Of Breach.
Financial
Only 3% are
146 598 discovered as quickly
Healthcare
536 750
Breaches
Information Months Weeks Days Hours Minutes Minutes Hours Days Weeks Months
109 1,040
Global Breaches by Pattern
Manufacturing
414 Web Applications
71 536
347 Miscellaneous Errors
Professional 324 Point of Sale
132 540 308 Everything Else
Breaches
Public 276 Privilege Misuse
304 22,788 171 Cyber-Espionage
Right To Portability Must export and import certain EU personal data in a user-friendly format All access requests must be exported in user-friendly format, but there is no import requirement Narrower
Right To Correction Right to correct errors in EU personal data processed No included in CCPA Absent
Right To Stop Processing Right to withdraw consent or otherwise stop processing EU personal data Right to opt-out of selling personal data only; must include opt-out link on website Narrower
Right To Stop Automated Decision-
making
Right to require human to make decisions that have a legal effect No included in CCPA Absent
Right To Stop Third-Party Transfer Right to withdraw consent for data transfers involving second purposes of special categories of data Right to opt-out of selling personal data to third parties Narrower
Right To Erasure Right to erase EU personal data, under certain conditions Right to erase personal data collected, under certain conditions Similar
Right To Equal Services And Price At most, implicitly required Explicitly required Broader
Private Right Of Action Damages No floor or ceiling Floor of $100 and ceiling at $750 per customer per incident Narrower
Regulator Enforcement Penalties Ceiling of 4% of global annual revenues No ceiling – $7,500 per intentional violation, $2,500 per negligent violation Broader
Source: PWC: Your readiness roadmap for the California Consumer Privacy Act (CCPA) Return To Table Of Contents
41
U.S. Airport Networks Putting Devices & Cloud Apps At Severe Risk
Wi-Fi Vulnerability At Airports Poses A Severe Threat To Devices & Cloud Applications.
Source: Attention All Passengers: Airport Networks Are Putting Your Devices & Cloud Apps At Severe Risk https://www.coro.net/airportthreats/, The 10 US Airports Where You’re Most Likely To Be Hacked, Bureau of Transportation Statistics
Return To Table Of Contents 42
+ | Whitepaper Summary
Momentum And Optiv Published A Joint Whitepaper To Highlight Ways Organizations Can Improve Their Technical And Operational Efficiency.
‘E’ Is For Efficiency: Five Trends To Relieve The Cybersecurity Skills Shortage
Whitepaper Overview
This report is advantageous for any organization that has experienced inefficiencies with their complex cybersecurity infrastructure, and demonstrates Optiv’s thought leadership as an expert in helping companies
build end-to-end cybersecurity solutions. Optiv helps clients plan, build and run successful cyber security programs that achieve business objectives through our depth and breadth of cyber security offerings,
extensive capabilities and proven expertise in cyber security strategy, managed security services, incident response, risk and compliance, security consulting, training and support, integration and architecture
services, and security technology. Optiv maintains premium partnerships with more than 350 of the leading security technology manufacturers.
75 1.8M 96%
▪ Expanding Attack Surface: Security risks to organizations are becoming increasingly complex
with the addition of cloud, mobile, social media, IoT, and big data
▪ Disparate Solutions: Organizations are unable to sufficiently configure, tune, or monitor
each disconnected security solution Average # Of Security Tools Forecasted Security Staffing Reduction In Triage Alert Time W/
▪ Cybersecurity Skills Talent Shortage: Triaging events and hiring more staff are not an option Per Enterprise Environment Shortages In The US By 2022 Automation, Orchestration Tools
▪ Consolidating the functionality of the security ▪ Vital for security infrastructures that are
infrastructure into a single platform constantly changing, and used to identify ill-
Platform Continuous Security
2 Consolidation ▪ Working with expert solution architects can 5 Validation
advised or poorly planned changes
help organizations ensure they are maximizing ▪ More efficient than manual regression testing,
the efficiencies of these integrated platforms and an easily repeatable process
is for
E’ ef·fi·cien·cy
In·tro·duc·tion
Efficiency has become the most sought after outcome for security operations teams. The ideal state is a self-
learning environment with automated analysis, triage, and remediation. Full attainment of this ideal will likely
forever remain out of reach, however incremental improvements in operational efficiencies are well in reach.
Nevertheless, unknowingly, many security operations teams seeking improvements move in an opposing
direction, negating the efficiencies they were aiming to gain.
Organizations have too many tools, few of which are integrated, generating too many alerts for understaffed
teams to triage. Strategies like this may have worked in the past to achieve incremental improvements in the
efficacy of the security program, but they are not guaranteed to continue working in the future.
Add to this the fact that cloud, mobile, social media, IoT and big data have profoundly expanded the attack
surface in the latest cyber super cycle, and it’s no surprise organizations continue to increase the number of tools
in their security infrastructure. Also no surprise is the amount of cybersecurity spending growing at over a 29%
CAGR (Momentum Cyber) yet organizations are barely keeping up with the increasing threat landscape.
Spyware / Rootkits
Worms
2000-2004 Strategic Activity ($B) 2005-2009 Strategic Activity ($B) 2010-2018 Strategic Activity ($B)
2000 2001 2002 2003 2004 2005 2006 2007 2008 2009 2010 2011 2012 2013 2014 2015 2016 2017 2018
Financing M&A
Source: Momentum Cyber Proprietary M&A & Financing Transaction Database. Return To Table Of Contents
47
Optiv regularly observes client security operations built
from a patchwork of multiple-dozens of different tools.
Organizations don’t have enough resources to configure,
75
tune, and monitor the toolsets that comprise their security
infrastructure. CSO Online states the average enterprise is
running 75 security tools in their environment.
Meanwhile, all of these diverse toolsets create data and
alerts without context of the environment as a whole.
6%
172-811
11% 26%
812-1,342
1,343-2,032
16%
2,033-3,322
3,323-7,722 24%
16%
7,723-12,813
Optiv has found that while most tools have APIs, many
Security Tech. Integration of the APIs are limited, some do not have adequate
documentation or simply do not work in a manner that
is congruent with the goals of the integration. Buyers
should increase the weight of the importance of API
It is inherently inefficient to review alerts and gather data functionality when performing product selection.
from several systems for every new alert.
Yet, this activity is commonplace. Even with the assistance of SIEMs aggregating
and enriching data with threat intelligence, effective triage still requires an
abundance of manual information gathering. Often this requires logging into Predict Prevent
and reviewing data in several consoles. As an alternative to manually extracting
data, most cyber security technologies have Application Programming Interfaces
(APIs). Solution providers claim that security practitioners can just tap into the Continuous
API, where data can be pushed or pulled, to achieve outcomes that extend the Monitoring
system’s native capabilities. While the potential of creating an integrated & Analytics
solution exists, it can be difficult to achieve.
Automation &
landscape will accelerate the move toward
Orchestration and Automation of SOC activities.
Orchestration
$1.7B
By 2020
15%
Strategic Activity
SAO tools are rapidly being included into traditional SIEM/analytics feature sets.
Financing Activity
The benefits of implementing these tools can include threat prioritization, 14 13
capability amplification, labor reduction, and consistent workflow. 79.6
$148.2
The major incumbents in the SAO sector include IBM (Resilient), Splunk
(Phantom), and Microsoft (Hexadite) while some of the top private contenders 2017 2018 2017 2018
Next Gen.
✓ Consistency- Containment, machine driven methodology and speed
Security
Operations
✓ Complex and unique detection capabilities
Advanced Business
Controls KPIs
✓ Integration of tools
✓ Broken access
Software-Driven
✓ Workbench- Efficient, unified user interface and case management Capabilities
▪ Cybertech is the most significant conference and Gartner Security & Risk ▪ Gartner Security & Risk Management Summit
exhibition of cyber technologies outside of the provides attendees with proven practices and
Management Summit
United States, bringing together global corporates, strategies needed to maintain cost-effective security
January 28-30, 2019 June 17-20, 2019
Tel Aviv, Israel SMBs, start-ups, investors, experts, and clients National Harbor, MD and risk programs to support digital businesses
Tel Aviv Convention Center Gaylord Convention Center
▪ RSA Conference provides an opportunity to learn ▪ Team8’s Rethink Cyber CIO & CISO Summit
about new approaches to info security, discover the provides opportunities for exclusive meetings with
March 4-8, 2019
latest technology and interact with top security June 19-23, 2019
security pioneers, sessions led by Team8’s Research
San Francisco, CA leaders and pioneers Tel Aviv, Israel Labs, CISO-to-CISO discussions, and start-up-led
Moscone Center workshops
▪ Global Cyber Innovation Summit is an inaugural ▪ Cyber Week brings together international
event that is intended to match the top-tier level of Cyber Week cybersecurity experts and enthusiasts, Cyber Week
May 1-2, 2019 policy and business discussion found at the annual June 23-27, 2019 provides the opportunity to gain insight into the latest
Baltimore Maryland World Economic Forum held in Davos Tel Aviv, Israel global developments in cybersecurity
Sagamore Pendry Hotel Tel Aviv University
▪ Cyber Investing Summit is an all-day conference ▪ Black Hat is the world's leading information security
focusing on the financial opportunities, trends, event, providing attendees with the very latest in
challenges, and investment strategies available in the research, development and trends, including four
May 16, 2019 August 3-8, 2019
New York, NY high growth cyber security industry Las Vegas, NV days of technical training followed by a two-day
Convene – Financial District Mandalay Bay conference
▪ Infosecurity Europe is the region's number one ▪ SINET Showcase provides a platform to identify and
information security event featuring over 400 SINET Showcase highlight “best-of-class” security companies that are
June 4-6, 2019 exhibitors showcasing the most relevant information November 6 & 7, 2019 addressing the most pressing needs and
London, UK security solutions and products to 19,500+ Washington DC requirements in Cybersecurity
Olympia London information security professionals National Press Club
Dave DeWalt (Founder & Chairman of Momentum Cyber) will be giving the opening remarks at the RSAC Innovation &
Entrepreneur Seminar on March 4th, 2019, kicking-off the opening day of the RSAC and followed by an impressive group of
security experts and investors that will dive into topics that highlight unique aspects of the entrepreneur’s journey.
This half-day info-rich seminar will explore how to start a company from stealth to exit, find funding and financing in today’s
competitive marketplace, provide an inside view of what makes a CISO take a shot on a startup, give tips and insights from brand
Dave DeWalt
makers and marketing gurus on how to rise above the noise. Each segment includes an opportunity for audience members to ask
Founder, Chairman
questions of the panelists and a networking break to meet with fellow entrepreneurs and speakers.
How to Get the CISO’s Attention - WSJ PRO Rob Sloan Geoff Belknap Tim McKnight
10:00 AM – 10:40 AM
Interviews 2 Leading CISOs
How to Rise Above the Noise - Industry Expert Mark Kraynak CP Morey Choo Kim-Isgitt
10:55 AM – 11:35 AM
Interviews 2 Successful Startup Marketing Executives
How to Find the Money - CrunchBase Interviews 2 Gene Teare Sarah Guo Ariel Tseitlin
11:40 AM – 12:20 PM
Leading Venture Capitalists
Source: RSA Conference Website Return To Table Of Contents
60
RSA Drinks & Hors d'Oeuvres
Hosted By , ,& .
Hosted By:
Trust used to be a one-dimensional concept. The rules of the game have changed.
Today trust is multi-dimensional and depending on the context, different models apply. Rethink Trust will explore the evolving l oss of trust in the modern
business world. Where can trust be reconstructed, redefined and where must it be transcended?
Agenda Cocktail Reception | 4:30PM - 5:00PM Keynotes | 5:00PM - 7:00PM Networking Dinner | 7:00PM - 10:00PM
Event Highlights
If you can’t trust your own environment, how do you manage your IP? If cloud implies relinquishing trust on your applications, how do you justify it? If you can’t trust the other
Models Of Trust
side with your data, how do you take leverage AI and ML? It is time to take on a more dynamic approach to trust.
The Most Fundamental In so many cases we have seen the race to leverage data outpace the sensitivity around privacy. How does a once trusted brand — whose product experience has earned it a
“Truth Of All” – People place in customer’s everyday lives, regain their trust after a breach?
Recent headlines around “the big hack - how china used a tiny chip to infiltrate US companies…” have left us all with a confused perception of what, if anything, can be trusted
Trust In Supply Chain
and given the increased sophistication and audacity of attackers, it is critical to rethink the security strategy for what happens if your supply chain is attacked.
A (brutally) honest panel - where are we over-spending? What is being neglected? Why does technology investment not always lead to improved security? By bringing these
Mythbusting Cyber unique perspectives to the forefront, we will offer an extremely relevant perspective in how to keep focused in an increasingly complex environment. The audience may be
integrated to join this “mythbusting” discussion to create a great interactive dynamic.
Partners
Return To Table Of Contents
62
III. Public Company
Trading Analysis
Cybersecurity Multiples Remain Strong
Recent Correction Of Public Market Valuations Slowed Momentum Of Large Gains From 2018 Trough To Sept Peak.
Min % Change Median % Change Max % Change Company EV / 2017E Revenue EV / 2018E Revenue % Change
The Trough 1.3x 3.9x 8.0x
44.0% 75.7% 50.6% 9.4x 17.3x 83.1%
The Peak 1.8x 6.9x 12.1x
1.3x 2.4x 82.6%
2018
EV / 2017E Revenue 4.5x 6.9x 53.0%
Multiple as of 12/31/17 Max 17.3x
3.7x 5.7x 52.6%
2017
4.3x 5.8x 36.2%
Max 9.4x
8.5x 9.4x 10.7%
83.1% Increase 3.3x 3.6x 9.1%
6.3x 6.4x 1.5%
6.5x 6.4x 1.3%
Number Number
175%
of Companies 12 of Companies
33 Growth in Number of Public
Cybersecurity Companies
Stock
Performance 517% 545% 348% 523% 19% 363% 68% 95% 236% 21% 275% 18% 96% 145% 29% 7% 4% 8%
(since IPO)
EV / LTM Rev
9.1x 6.6x 6.7x 9.8x 3.7x 7.3x 3.5x 5.9x 6.8x 2.5x 18.7x 3.3x 8.3x 21.0x 3.8x 6.4x 7.3x 7.7x
(Current)
Total Raised
$230M $82M $260M $91M $304M $86M $554M $103M $78M $112M $187M $116M $240M $192M $152M $765M $251M $375M
(From IPO)
Source: Capital IQ. Stock performance and valuation multiples as of December 31, 2018. Return To Table Of Contents
66
The IPO Pipeline | 2019
The Current Backlog Of Well-Funded Companies Positions 2019 As A Potential Banner Year For Cybersecurity IPOs.
Network &
2009 San Francisco, CA Matthew Prince $252M
Infrastructure Security
Source: Momentum Cyber Proprietary M&A & Financing Transaction Database. Return To Table Of Contents
67
Cybersecurity vs. The Benchmarks
Public Cybersecurity Stocks Reached Their Peak In September Before Experiencing A Dip In Q4, But Have Rebounded.
180
Benchmark 3 Months 6 Months 12 Months
140 39.4%
120
6.5%
100
(3.9%)
(3.9%)
(6.2%)
80
Dec-17 Jan-18 Feb-18 Mar-18 Apr-18 May-18 Jun-18 Jul-18 Aug-18 Sep-18 Oct-18 Nov-18 Dec-18
High Growth Cyber Low Growth Cyber S&P 500 NASDAQ Composite Index HACK Index
Source: Capital IQ. Public Market Data as of December 31st, 2018. Return To Table Of Contents
Note: *PureFunds ISE Cybersecurity ETF. 68
Public Cybersecurity Companies Stock Performance
Company Stock Performance.
$20 $120
$90 $61 $40
$18 $30
$22 $35 $30 $15 $8 $5
$16 $25
$18 $30 $25 $10 $6 $4
$14 $20
Source: Capital IQ. Public Market Data as of December 31st, 2018. Return To Table Of Contents
Note: Charts pertaining to Zscaler (March 2018), Carbon Black (May 2018), Avast (May 2018), Tenable (July 2018), & SolarWinds (October 2018) reflect monthly stock prices from their respective IPO dates & prices. 69
The Correlation Of Value To Growth & Profitability Remains Strong…
Public Markets Today Value A Balance Of Growth & Profitability – Back To Basics.
10.0x
9.0x
$2,943M
$15,495M $16,035M
8.0x
$2,674M
$2,062M
7.0x
$4,287M
$2,065M
EV / Revenue 2019E
6.0x
$4,580M
$2,020M
$1,473M
5.0x
$3,442M
4.0x $3,138M $7,740M
$17,871M
$911M $2,305M $11,999M
3.0x
$1,114M $12,072M
2.0x R2 4Q18: 53.5%
Source: Capital IQ. Public Market Data as of December 31st, 2018. Return To Table Of Contents
Note: Size of the bubble indicates Market Cap. In USD. % represents 2019E Revenue Growth + 2019E Operating Margin; the multiple represents EV / 2019E Revenue. 70
…While The Correlation To Growth Alone Is Not Valued As Highly
Public Markets Today Value A Balance Of Growth & Profitability – Back To Basics.
10.0x
9.0x
$2,943M
8.0x $15,495M
$16,035M
$4,287M
$2,062M
7.0x
$17,871M
6.0x $2,674M
EV / Revenue 2019E
$3,442M $2,020M
$2,065M
5.0x
$7,740M
$12,072M
4.0x $4,580M
$1,473M
$11,999M
3.0x
$2,305M
$911M
$3,138M R2 4Q18: 6.7%
2.0x
$1,114M
: 32.2%, 13.1x
$1,380M $416M
$517M : 32.4%, 14.4x
1.0x
Above 2 companies have been excluded
from R2 calculation
0.0x
0% 10% 20% 30%
2019E Revenue Growth
Source: Capital IQ. Public Market Data as of December 31st, 2018. Return To Table Of Contents
Note: Size of the bubble indicates Market Cap. In USD. % represents 2019E Revenue Growth; the multiple represents EV / 2019E Revenue. 71
Trading Multiples: High Growth & Low Growth
Valuation Multiples For High Growth & Low Growth Cybersecurity Companies.
19.1x
17.3x
14.4x
13.1x
ZS OKTA SPLK SAIL CYBR TENB MIME PANW PFPT RPD CBLK FSCT QLYS SWI CHKP AVST FTNT TREND FEYE SOPH SYMC BB SCWX OSPN FSC1V ZS OKTA SPLK SAIL CYBR MIME TENB PANW PFPT RPD CBLK FSCT QLYS CHKP SWI AVST FTNT TREND FEYE SOPH SYMC BB SCWX OSPN FSC1V
51%
49%
41%
38% 37% Median: 32% 32% 32%
32% 32%
30% 29% 29% 27%
26% 24% 24%
21% 23% 23% 23% Median: 23%
21% 21% 20% 20%
20% 20% 20% 20%19% 19% 17%
12% 11% 11% Median: 11% 14%
9% 12% 12% 11% Median: 11%
7%
3% 9%
8% 7% 6%
4% 3%
OKTA ZS TENB PFPT SPLK MIME FSCT SAIL PANW CBLK CYBR RPD AVST SOPH QLYS FTNT FSC1V SCWX FEYE TREND OSPN CHKP SYMC BB
(3%)
ZS OKTA TENB SPLK PFPT CBLK SAIL RPD MIME FSCT PANW CYBR QLYS FSC1V FTNT OSPN SWI SOPH SCWX TREND FEYE AVST CHKP SYMC BB
(12%)
High Growth Low Growth High Growth Low Growth
Source: Capital IQ. Public Market data as of December 31st, 2018. Return To Table Of Contents
Note: High Growth represented by companies with >20% revenue CAGR; Low Growth represented by companies with <20% revenue CAGR. 72
Security Benchmarking Analysis
Ranking Based On Metrics That Are Principal Valuation Factors.
149% 145%
90% 79%
1-Year 67% 62% 61%
30% 27% 26% Average: 22%
Stock 17% 14% 7%
Performance * * * *
*
(1%) (4%) (4%) (6%) (7%) (8%) (19%) (29%) (33%) (36%)
(37%) (43%)
14.4x 13.1x
7.9x 7.2x
EV / CY19E 6.7x 6.7x 6.7x 5.8x 5.5x 5.4x 5.4x 5.3x 5.0x 5.0x 4.7x 3.8x Average: 5.3x
3.4x 3.2x 3.0x 2.9x
Revenue 2.6x 2.5x 2.2x 1.8x 1.7x
32% 32%
27%
24% 23% 23% 23%
Revenue 20% 20% 20% 20% 19% 19%
15% 14% Average: 16%
Growth 12% 11% 10% 9% 8% 7% 7%
4%
(CY19E) 3% 2%
Source: Capital IQ. Market data updated as of December 31st, 2018. Return To Table Of Contents
Note: NM – Not Meaningful, NA – Not Available. *Price performance from IPO price. Symantec LTM Revenue Growth Not Meaningful (NM) due to acquisition spree in 2016; Avast LTM Revenue Growth Not Meaningful (NM) due to AVG acquisition in 2016. 74
Public Company Trading Analysis: Operating Metrics
High Growth & Low Growth Cybersecurity.
Revenue ($M) Revenue Growth (%) EBITDA ($M) EBITDA Margin (%)
Company
LTM 2018E 2019E LTM 17-18E 18E-19E LTM 2018E 2019E LTM 2018E 2019E
Source: Capital IQ. Market data updated as of December 31st, 2018. Return To Table Of Contents
Note: NM – Not Meaningful, NA – Not Available. Symantec LTM Revenue Growth Not Meaningful (NM) due to acquisition spree in 2016; Avast LTM Revenue Growth Not Meaningful (NM) due to AVG acquisition in 2016.. 75
IV. M&A Activity In
Cybersecurity
Cybersecurity M&A Activity | 2010-2018
Cybersecurity M&A Totaled $110B Across 1,225 Deals Since 2010.
Annual M&A Deals And Volume Quarterly M&A Deals And Volume
($B) (2010 – 2018) ($M) (Q1 2010 – Q4 2018)
$25.00 200 $11,384
Q4'13
Q3'17
Q1'10
Q2'10
Q3'10
Q4'10
Q1'11
Q2'11
Q3'11
Q4'11
Q1'12
Q2'12
Q3'12
Q4'12
Q1'13
Q2'13
Q3'13
Q1'14
Q2'14
Q3'14
Q4'14
Q1'15
Q2'15
Q3'15
Q4'15
Q1'16
Q2'16
Q3'16
Q4'16
Q1'17
Q2'17
Q4'17
Q1'18
Q2'18
Q3'18
Q4'18
Private Co. Volume ($B) Public Co. Volume ($B) Number of Deals Volume ($M) Number of Deals
▪ Cybersecurity M&A deal volume of 183 transactions sets new record; ▪ Over the last eight quarters financial and strategic buyers have completed $36.0B in M&A transactions
previous high of 178 set in 2017 ▪ Q4’18 M&A activity has remained relatively constant over the two prior years, with 44 M&A transactions, but M&A transaction volume was down
▪ 96% of deals in 2018 involved targets that were private companies or compared to the two prior years at $5.4B
assets ▪ Thoma Bravo / Imperva, Blackberry / Cylance, and Thoma Bravo / Veracode accounted for 78% of total Q4’18 disclosed deal value, with a total
of $4.2B
For Additional Analysis & Insights On M&A Activity, Please Contact Momentum Cyber At almanac@momentumcyber.com.
Source: Momentum Cyber Proprietary M&A & Financing Transaction Database. Return To Table Of Contents
Note: Includes private and public company M&A transactions including acquisitions of public companies and divestures of assets / operations / business units from public companies. 77
Top 10 M&A Deals By Volume By Period | 2007 – 2018
The Top Echelon Of M&A Deals Has Increased Massively In Transaction Volume Over The Past Decade.
Median: $1,402M
Min: $350M Min: $197M Min: $232M Min: $600M Min: $650M Min: $950M
2007 - 2008 2009 - 2010 2011 - 2012 2013 - 2014 2015 - 2016 2017 - 2018
Source: Momentum Cyber Proprietary M&A & Financing Transaction Database. Return To Table Of Contents
Note: $ in USD thousands. 78
M&A Transactions
With Disclosed Values
Notable Cybersecurity M&A Transactions | 2016 – 2018
Cybersecurity M&A Transactions With Disclosed Transaction Values.
The Buyers
Sentinel
Management
Source: Momentum Cyber Proprietary M&A & Financing Transaction Database. Return To Table Of Contents
80
Notable Cybersecurity M&A Transactions | 2016 – 2018
Cybersecurity M&A Transactions With Disclosed Transaction Values.
The Sellers
(MBO)
Source: Momentum Cyber Proprietary M&A & Financing Transaction Database. Return To Table Of Contents
81
M&A Transactions With
Non-Disclosed Values
Notable Cybersecurity M&A Transactions | 2016 – 2018
Cybersecurity M&A Transactions With Non-Disclosed Transaction Values.
The Buyers
For Additional Information on Backup Supporting Transaction Data, Please Contact Momentum Cyber At almanac@momentumcyber.com.
Source: Momentum Cyber Proprietary M&A & Financing Transaction Database. Return To Table Of Contents
83
Notable Cybersecurity M&A Transactions | 2016 – 2018
Cybersecurity M&A Transactions With Non-Disclosed Transaction Values.
The Sellers
Breaker 101
Infosecurity
HotSkills
Group
Junco
LogicNow
Technologies
Overvault
For Additional Information on Backup Supporting Transaction Data, Please Contact Momentum Cyber At almanac@momentumcyber.com.
Source: Momentum Cyber Proprietary M&A & Financing Transaction Database. Return To Table Of Contents
84
V. Financing Activity
In Cybersecurity
Cybersecurity Financing Activity | 2010 – 2018
Cybersecurity Startups Have Raised $26.9 Billion Across 2,358 Deals Since 2010.
Annual Investment Deals And Dollars Quarterly Investment Deals And Dollars
($B) (2010 – 2018) ($M) (Q1 2010 – Q4 2018)
425 121
408 450 $2,056
98
359 400 106 101 105
$1,775 $1,745
$6.2 98 100
301 350 88 103 102
277 80 $1,548 $1,534
$5.3 $1,432 $1,451
300 74 76 93 88
70 70 71 $1,158 $1,301
201 $4.5 250 59 63 $1,154
51 49 $962
$3.8 47 $917 66
156 200 40 $835 42 $893 $850
120 35 33 36
108 150 27 30 28 30 31 $524
$618
$599
$2.5 23 24 $510 $515 $509
$446 $427 $483
100 $259
$264
$1.7 $236 $219 $242 $248 $269 $261
$1.2 50 $197$212 $141 $130
$0.8 $0.9
0
Q3'10
Q4'12
Q1'10
Q2'10
Q4'10
Q1'11
Q2'11
Q3'11
Q4'11
Q1'12
Q2'12
Q3'12
Q1'13
Q2'13
Q3'13
Q4'13
Q1'14
Q2'14
Q3'14
Q4'14
Q1'15
Q2'15
Q3'15
Q4'15
Q1'16
Q2'16
Q3'16
Q4'16
Q1'17
Q2'17
Q3'17
Q4'17
Q1'18
Q2'18
Q3'18
Q4'18
2010 2011 2012 2013 2014 2015 2016 2017 2018
▪ $6.2B was raised across 408 transactions in 2018 ▪ Over the last eight quarters investors have poured $11.6B into Cybersecurity
▪ 2018 outpaced 2017 by $850M in funding volume ▪ There was once again over $1B invested in Q4 2018 ($1.7B), making it 6 of the past 7 quarters with over $1B invested;
while 2017 still holds the record by number of deals $504M raised in December (26 deals), $557M raised in November (37 deals), and $683M raised in October (35 deals)
funded
▪ 2018 had the 2 of the 3 largest funding quarters over the past 8 years by funding volume
For Additional Analysis & Insights On Financing Activity, Please Contact Momentum Cyber At almanac@momentumcyber.com.
Source: Momentum Cyber Proprietary M&A & Financing Transaction Database. Return To Table Of Contents
86
U.S. Cybersecurity Funding By State
Investments Are Still Concentrated In Traditional Hubs, But New Hubs Are Continuing To Attract Investment.
Top 10 Most Active States By Investment Funding Ranking Detail – 267 Total Investments In USA In 2018
Total $ Invested
Ranking State # of Investments
($M)
1. California 99 $2,693
3. Massachusetts 18 362
4. Virginia 18 127
5. Colorado 16 93
6. Maryland 15 265
7. Texas 13 94
8. Washington 10 93
9. Florida 9 138
Source: Momentum Cyber Proprietary M&A & Financing Transaction Database. Return To Table Of Contents
87
Financing Transactions
Notable Cybersecurity Financing Activity | 2016 – 2018
Minority Investments >$10M.
$100M+
For Additional Information On Backup Supporting Transaction Data, Please Contact Momentum Cyber At Total Amount Raised ($M) $13,860.4
Source: Momentum Cyber Proprietary M&A & Financing Transaction Database. Return To Table Of Contents
89
Notable Cybersecurity Financing Activity | 2016 – 2018
Minority Investments >$10M.
Xindahanshi
Capital
$100M+
HCH Group
Company
USVC
For Additional Information On Backup Supporting Transaction Data, Please Contact Momentum Cyber At almanac@momentumcyber.com.
Source: Momentum Cyber Proprietary M&A & Financing Transaction Database. Return To Table Of Contents
Note: Represents total size of funding rounds participated by each lead investor. 90
VI. Investor Spotlight
NightDragon Security
Senior Level Access & Strategic Advice Gained From Deep Operational And Executive Experience.
▪ Veteran CEO, advisor, and investor who has led companies, from startups to the ▪ Executive Access: Strong, senior level access to executives at leading
Telcos, MSSPs, and resellers provides the horsepower needed to
Fortune 500, on a transformational journey of success accelerate go-to-market relationships
▪ Focused on Technology and Cybersecurity, Dave has created more than $20
▪ GTM Acceleration: Access to expert deal makers constructs powerful go-
Billion of shareholder value during his 15 plus years as President & CEO for to-market relationships from OEMS, to technology alliances, to all flavors
Documentum, McAfee, and FireEye of strategic partnerships
Dave DeWalt ▪ Fundraising: Deep relationships with capital providers to accelerate later
stages of growth
Bob Ackerman Pete Bodine Dave DeWalt Spencer Tall Current Cybersecurity Portfolio
Managing Director Managing Director Managing Director Managing Director
& Founder
Founded 1996
Source: Firm Press Releases, Company Websites, & Momentum Cyber Proprietary M&A & Financing Transaction Database. Return To Table Of Contents
93
Highly Specialized Cybersecurity Focused Investors
Deep Domain Expertise With Decades Of Successful Cybersecurity Operating & Investing Experience.
Selected VCs
VC
Focus Early, Growth, & Late Stage Early & Growth Stage Early, Growth, & Late Stage Early & Growth Stage Incubation & Early Stage Seed Stage
▪ Invests in transformative ▪ Focused on investing in ▪ Leverages its own center ▪ Specialized venture ▪ Builds companies ▪ Invests in early-stage
companies providing Cybersecurity, Enterprise of excellence to identify, capital firm exclusively developing transformative Israeli companies focused
Cybersecurity, industrial Software, & consumer / nurture and build the dedicated to helping technologies, rooted in on Cybersecurity,
security and critical enterprise crossover next wave of cybersecurity companies Cybersecurity and data Enterprise Software, &
Overview infrastructure security companies globally Cybersecurity and big thrive science, through Autonomous Vehicles
through its two funds data companies to research, recruiting, and
▪ Invests through joint
emerge out of Israel go-to-market capabilities
investment alliance with
KKR
Select Investments
Source: Firm Press Releases, Company Websites, & Momentum Cyber Proprietary M&A & Financing Transaction Database. Return To Table Of Contents
94
Team8 Forms International Coalition To Raise $85M Fund
Cross-Industry Coalition Will Accelerate Digital Transformation Initiatives Currently Inhibited By Security Challenges.
Technology
Select Testimonials
Risk Score Telecommunications
Banking Financials Nadav Zafrir
“The synergy and insight from each industry leader combined with our unrivalled cyber and data expertise
Co-Founder &
CEO at Team8 will enable companies to adopt new data-driven methods of working, ensuring they can retain
their competitive advantage and thrive, in spite of cyber threats.”
Eric Schmidt “We are proud to partner with Team8 as it Michael Zerbs “Participating in Team8’s new security
Founder & Group Head
Partner
expands beyond cyber to solve imminent & CTO
partnership is an important part of Scotiabank’s
threats around data sharing, collaboration ongoing work to build advanced, resilient
and machine learning” security into our digital transformation”
Matthew Gyde Marcus “The pace of Team8’s agile company-building
“Investing in Team8 will ultimately shape the
Group Weldon model and pre-market validation of their
Executive - future of enterprise security / Cybersecurity CTO
forward-thinking solutions is unrivalled and our
Security and the capabilities that align to future and
continued partnership will enable us to stay a
current client needs”
step ahead in this new era of connectivity”
Return To Table Of Contents
95
About Team8
Israel's Leading Cybersecurity Think Tank And Company Creation Platform.
Company Overview Platform Overview
Team8 is a leading think tank and company creation platform specializing in cyber resilience and data The Team8 innovation process combines a research team with intimate knowledge of Cybersecurity, access
analytics. Leveraging the expertise of formers leaders from Israel’s elite military intelligence Unit 8200, to the best cyber talent, and a global network that gives Team8 companies access to customers, partners
Team8 is supported by an in-house team of top researchers, engineers and analysts. Team8 combines its and key influencers. The result is a cyber innovation platform uniquely engineered to create category-
Description leading Cybersecurity companies that scale quickly and tackle the biggest problems in Cybersecurity today.
in-depth understanding of the attacker perspective, data science AI to develop disruptive technologies
and category-leading companies that enable businesses to reap the benefits of digital transformation in an
agile and secure manner. Research Research team consists of Team Deep ties to Unit 8200 Go-To- Through Team8’s global
cyber experts with over 50 Building provide access to the best Market network, its teams have access
years of collective experience cyber talent & actively help to customers, partners and
in cyber warfare and deep ties Team8’s teams recruit diverse key influencers
to Unit 8200 teams from Israel’s best and
Leadership brightest
Nadav Zafrir Yuval Shachar Liran Grinberg Israel Grimberg Lluis Pedragosa Assaf Mischari
Co-Founder & Executive Co-Founder & Co-Founder & CFO Head of
CEO Chairman CMO CIO Research The Team8 Process
Founded 2014 Exploration | Team8 and its research team work with exceptional entrepreneurs to identify truly big problems in
Cybersecurity
HQ New York, New York; Tel Aviv, Israel
Ideation | Team8’s research team and exceptional entrepreneurs develop truly innovative solutions. The solution has
Amt. Raised Over $260M to have the potential to be the foundation of a category-leading company and is not merely iterative before it can
move to the next stage
The Team8 Portfolio
Validation | Team8 leverages its network and work with market leaders, design partners and potential customers to
Company Founded Raised CEO Description test its solutions and confirm marketability and scalability. It is during the validation stage that it accelerates recruiting
Shachar Sygnia is a cyber technology and services company, providing high-end efforts and form the foundations of the team that will be responsible for driving the company forward
2015 $4.3M
Levy consulting and incident response support for organizations worldwide
Execution | This innovation process ensures that Team8 builds category-leading Cybersecurity companies that scale
Amir Claroty’s mission is to secure and optimize the industrial control networks quickly and tackle the biggest problems in Cybersecurity today. At launch, Team8 becomes a co-founder of the
2014 $93.0M
Zilberstein that run the world company & finances the company’s Series A round
2016 $4.0M
Alon Duality enables secure analysis and AI on data while it is encrypted, A Unique Global Cyber Syndicate
Kaufman deriving insights from sensitive data without ever exposing the data itself
Tal
Hysolate is re-architecting endpoints so a breach no longer matters. It Team8 Collaborates & Is Backed By Prominent Investors & Technology Leaders
2016 $36.0M enables companies to perform seamless isolation between different
Zamir
environments without compromising the user experience
Illusive Networks is pioneering deception-based Cybersecurity technology
Ofer
2014 $33.0M that neutralizes targeted attacks and Advanced Persistent Threats (APT) by
Israeli
creating a deceptive layer across the entire network
Portshift introduces a paradigm shift for application security departing from
Not Ran
2018 IPs, ports, protocols, labels and traditional firewalls while enabling DevOps
Disclosed Ilany
to operate freely
Source: Firm Press Releases, Company Websites, & Momentum Cyber Proprietary M&A & Financing Transaction Database. Return To Table Of Contents
Note: denotes the Company has been acquired. 96
Corporate VCs Focused On Cybersecurity
Leading Global Technology Companies Remain Actively Involved In Investing Cybersecurity.
Select Cyber Partners Karim Faris Dave Flanagan Rashmi Gopinath, Mony Hassid Jeff Karras
▪ Cybersecurity, Life Science, Healthcare, ▪ Hardware, software, and services across ▪ Series A – C; $2M – $10M check size ▪ $100K – $20M check size
AI, Robotics, Transportation, and sectors including Security, AI, Big Data,
▪ North America, Israel, Europe, & India ▪ Seed to Early Stage Growth
Agriculture and IoT
Investment Philosophy
▪ Enterprise Cloud Infrastructure, ▪ Global mandate
▪ Consumer and Enterprise market focus ▪ Stage agnostic
Cybersecurity, AI / ML, DevOps,
Drones, Quantum, etc.
▪ Helps companies interface with Google, ▪ Intel Capital Technology Day: Portfolio ▪ Every portfolio company receives ▪ Focuses on technologies and solutions
providing unique access to the world’s companies present their products and licenses to MS technologies—including that lead to quantum changes in
best technology and talent solutions to corporate business decision Azure and Office network capabilities, next-generation
Other Notes makers in customized face-to-face devices, digital content services, and
▪ Invested in more than 300 companies ▪ Proactively connects teams with
meeting formats designed to meet enablers to enhance customer
Microsoft customers, partners, and,
specific customer requirements. experience
internal resources
Representative Cyber
Investments
Source: Firm Press Releases, Company Websites, & Momentum Cyber Proprietary M&A & Financing Transaction Database. Return To Table Of Contents
97
VII. Buyer Spotlight
In-Depth Buyer Profiles
Detailed Profiles On A Select 25 Of The Top Cybersecurity Public Company Buyers.
Source: Momentum Cyber Proprietary M&A & Financing Transaction Database, CapitalIQ. Market Data as of December 31, 2018. Return To Table Of Contents
99
VIII. Sectors In Focus
Sectors In Focus
A Deep Dive Into 24 Sectors Across The Cybersecurity Landscape.
Deception
Cloud Security CASB
Network & Infrastructure Security Deception
MSSP Data Security Mobile Security
Traditional MSSP A dv a nced M SS & M DR E nc r yption
DLP D a ta Privac y D a ta Centri c Secur ity
Security Operations & Incident Response Security Analytics Advanced MSSP & MDR Encryption Data Privacy Data-Centric Security
Endpoint Security Endpoint Detection & Response R i s k Assess ment & Visibili ty
Security Ratings S IE M
IoT Devices
Security Operations & Incident Response SIEM Pe n Testing & Brea ch Sim ulation GRC Security Awareness & Training Threat Intelligence Automotive
Pen-Testing &
Risk & Compliance Risk Assessment & Visibility Breach Simulation Connected Home
Security Operations & Incident Response Security Incident Resposne Security Incident Response Digital Risk Mgmt. Security Consulting & Services
Authentication
Digital Risk Management -
Blockchain Fraud & Transaction Security
Blockchain
Cloud Security Container Pr i v ileged M anage ment
Application Security Application Security Testing Consumer Identity Container Infrastructure CASB
For Additional Information On Sectors In Focus, Please Contact Momentum Cyber At almanac@momentumcyber.com
Dave DeWalt Michael Tedesco Eric McAlpine Ken Gonzalez Keith Skirbe Dino Boukouris
Founder & Founder & Founder & Partner Founding Member Founding Member Cyber Exit Savvy – Deep Unparalleled Access Across the Unrivalled Thought
Chairman Managing Partner Managing Partner & Director & Director Expertise Selling to Strategic & Cybersecurity Ecosystem with Leadership Through Insightful
Financial Buyers Executives, Board Members, Research, Market Reviews, &
250+ Deals $250+ Billion Investors, & CISOs Speaker Engagements