The value of mergers and acquisitions (M&A) in the cyber security arena has been increasing since 2008 and through the first half of 2011 exceeded the total value of all cyber-related deals that were completed in 2010, says a new report by the international audit and consulting firm PricewaterhouseCoopers, LLP (PwC).
Moreover, the report says that spending on cyber security globally is expected to reach $60 billion this year and is forecast to grow at 10 percent annually during the next three to five years.
Of that spending, the United States accounts for more than half, with the government nearly equal to that spent by the private sector, according to the report, Cyber Security M&A: Decoding Deals in the Global Cyber Security Industry. Japan and Britain respectively are the next largest markets, it says.
The U.S. is the exception when it comes to the nearly equal source of spending for cyber security as typically the private sector accounts for the majority of this spending in other countries, PwC says.
While the report touches on growth in the cyber security market and related drivers, its main focus is on M&A activity here. In addition to increasing deal values, with one exception, deal activity has also been rising since 2008, the report says.
In 2008 there 77 acquisitions valued at $4.2 billion and in 2009 activity increased to 88 deals but the value declined to $1.6 billion, the report says. But in 2010 deal values increased along with activity to $5.9 billion and 106 respectively, it says.
While most of the deal activity since 2009 has been for smaller investments—less than $10 million—there have been a number of high priced acquisitions, which began pushing up the deal values in 2010 and the first half of 2011. From Jan. 2011 through June, there were 37 deals valued at $10.2 billion, with Intel’s [INTC] $7.8 billion acquisition of McAfee accounting for most of that and Dell Inc.’s [DELL] $612 purchase of Secureworks being the second largest deal in that period.
The report says that there has been a willingness of cyber security acquirers to pay a high price for their targets. Both the mean and median deal values have been about 15 times earnings before interest, taxes, depreciation and modernization between 2008 and June 2011, it says.
“While these values have been adjusted to omit some inflated values, they are clear indicators that acquirers are willing to pay a premium to buy cyber security companies,” PwC says.
The report cites a number of key drivers behind continued robust M&A activity, including the use of more mobile devices to connect to the Internet, the move to cloud computing, increased awareness of cyber threats, and actions by defense contractors to expand their capabilities for their government customers.
For the period covered in the report, the vast majority of the deals have been strategic and have been made by technology, information technology services, and aerospace and defense firms. Financial investors have accounted for about 25 percent of the deal volume and 15 percent of the value.
In terms of value, over 50 percent of the deals have been in the U.S. and a third in Europe, the report says. It attributes the attractiveness of the U.S. cyber market in terms of value to a strong technology industry and large defense and intelligence budgets. In terms of activity, the spread of deals is more global, the report says.