Get the latest market trends in your inbox

Stay on top of the latest market trends and economic insights with the Axios Markets newsletter. Sign up for free.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Catch up on coronavirus stories and special reports, curated by Mike Allen everyday

Catch up on coronavirus stories and special reports, curated by Mike Allen everyday

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Denver news in your inbox

Catch up on the most important stories affecting your hometown with Axios Denver

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Des Moines news in your inbox

Catch up on the most important stories affecting your hometown with Axios Des Moines

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Minneapolis-St. Paul news in your inbox

Catch up on the most important stories affecting your hometown with Axios Minneapolis-St. Paul

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Tampa-St. Petersburg news in your inbox

Catch up on the most important stories affecting your hometown with Axios Tampa-St. Petersburg

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Photo: Philippe Huguen/AFP/Getty Images

The market for cybersecurity startups is bubbling, but more of these new firms are choosing to sell out to larger companies than to grow into major independent players.

Between the lines: As a result, the big winners in cybersecurity investing right now tend to be founders and early-stage investors rather than larger venture capital and private equity (PE) firms.

There's strong interest from private equity firms: "Every color of private equity — VC, growth, and buyout — is chasing cybersecurity," says Kristjan Kornmayer, director of M&A Advisory Services with the Chertoff Group, a global security advisory firm. "But it’s especially tough for the big buyout shops. There are not enough mature, scaled opportunities to put real money to work."

  • Private equity firms often have large minimum investment amounts, but companies "get snapped up before reaching any significant size to be of interest to private equity," Kornmayer said.
  • Some PE firms are so interested in investing in cybersecurity firms, they're lowering their minimum investment expectations to get in the game before companies get acquired. "We are seeing some funds revisit their minimum equity checks to accommodate the realities of this market’s structure," Kornmayer tells Axios.

By the numbers: In the general market, PE firms normally invest a minimum of $100 million in a company. But in the cybersecurity market, PE firms' average investment, not their minimum, is approximately $80 million, per data PitchBook shared with Axios.

Driving the market: Cybersecurity firms are often formed to quickly meet and beat new threats as they emerge, and bigger firms are prone to snatching them up to show they are prepared to meet threats better than their competitors. "On the early stage side, corporate buyers are looking to add new technology capabilities as soon as the company proves itself," Kornmayer said.

The other side: The fast pace of acquisition is also rooted in how hard it is to make a cybersecurity solution that's relevant. RSA Security CTO Dr. Zulfikar Ramzan tells Axios that cybersecurity startups often end up "stumbling":

They haven’t been able to prove out they can do a proper go-to-market...By then their investors have sort of run out of patience and steam and they say 'Okay, we’re done, let's wind it down and sell the company for whatever we can get.'
— Dr. Zulfikar Ramzan, RSA Security's CTO

The bottom line: The pace of the market doesn't appear to be slowing anytime soon.

  • The cybersecurity M&A market is active and getting more active. Already in the first half of 2018 there were 101 M&As in the cybersecurity market, which is well on track to surpass the number of M&As that took place in all of last year, 178, per Momentum Cyber, a cybersecurity advisory firm.
  • Just this year, for example, cybersecurity firm Splunk has already acquired Phantom at $350 million and VictorOps at $120 million, and Palo Alto Networks has acquired Evident.io at $300 million and Secdo at $90 million.

What's next: PE firms are still hungry to invest in cybersecurity businesses — despite having to shift their expectations. "The industry’s size and growth justify the enthusiasm. We are talking about an $87 billion market growing 12% per year — that’s not easy to find," Kornmayer said.

Go deeper

25 mins ago - Technology

Exclusive: Facebook's blackout didn't dent political ad reach

Photo: Valera Golovniov/SOPA Images/LightRocket via Getty Images

Americans saw more political ads on Facebook in the week before the 2020 election than they did the prior week despite the company's blackout on new political ads during that period, according to Global Witness, a human rights group that espouses tech regulation.

Why it matters: The presidential election was a key stress test for Facebook and other leading online platforms looking to prove that they can curb misinformation. Critics contend measures like the ad blackout barely made a dent.

Wall Street wonders how bad it has to get

Illustration: Aïda Amer/Axios

Wall Street is working out how bad the economy will have to get for Congress to feel motivated to move on economic support.

Why it matters: A pre-Thanksgiving data dump showed more evidence of a floundering economic recovery. But the slow drip of crumbling economic data may not be enough to push Washington past a gridlock to halt the economic backslide.

2 hours ago - Health

Moderna to file for FDA emergency use authorization for COVID-19 vaccine

Photo illustration by STR/NurPhoto via Getty Images

Moderna announced that it plans to file with the FDA Monday for an emergency use authorization for its coronavirus vaccine, which the company said has an efficacy rate of 94.1%.

Why it matters: Moderna will become the second company to file for a vaccine EUA after Pfizer did the same earlier this month, potentially paving the way for the U.S. to have two COVID-19 vaccines in distribution by the end of the year. The company said its vaccine has a 100% efficacy rate against severe COVID cases.