How a private equity firm is buying its way to the fore of the cybersecurity market

The massive challenge in delivering comprehensive cybersecurity to enterprise has driven the growth of hundreds of companies providing all manner of solutions and all vying for the ear of senior enterprise stakeholders. One private equity firm is riding that trend to the fore of the cyber market with a flurry of investments and purchases in recent years – Thoma Bravo.

Based in the Bay Area and tracing a lineage back to the heady days of leveraged buyouts in the late 1980s, Thoma Bravo has built massive value over the years investing primarily in software and software security companies.

Yesterday, the firm made overtures towards cybersecurity giant – and internet grand-daddy – Symantec Corporation, about a possible acquisition. That on the heels of news from just a couple days ago that they would acquire application code-auditing firm Veracode (spun off from Broadcom’s acquisition of CA Technologies) for $950 million. Earlier in the month, the firm announced a $2.1 billion acquisition of Imperva, a growing leader in the space offering a variety of security products and services to large enterprises. That’s a pretty busy 30 days.

But there’s more – back in June they became the majority investor in LogRhythm, a large SIEM player that’s made moves into the nascent operation automation & response market. In May they acquired Barracuda Networks for a purported $1.6 billion.

And in the spring they became the majority investor in Identity-as-a-service company Centrify. I’m starting to sense a trend here.

Back in 2017 it acquired a majority stake in DigiCert, one of the few trusted digital certificate authorities (digital certificates being crucial in establishing and maintaining trust on the internet), and Riskonnect, a company focused on providing solutions in the Integrated Risk Management (IRM… and formerly GRC for Governance, Risk and Compliance) space.

In 2016 it acquired Imprivata, producer of a SSO platform primarily in use in the Healthcare industry. Earlier in the year they were one of two players to take an 88% piece of another SIEM player, SolarWinds. In 2014 it invested in SailPoint.

In fact, many of Thoma Bravo’s financial concerns touch some aspect of enterprise or SMB cybersecurity – in addition to C-suite and strategic business focused Riskonnect, other companies mentioned above provide solutions in endpoint protection and firewalls, privileged access management, secured identity & trust, on-prem storage, cloud deployments, log & event management, managed services and more.

A brief perusal through Thoma Bravo’s portfolio also shows a play in other important aspects of securing business – supply chain management, application security and data analysis.

And while the Symantec news today is just a first step in a deal that may or may not be finalized, it still points to a willingness to spend billions of dollars for the private equity firm to buy its way to the top of the massive cybersecurity market. An acquisition of Symantec in particular might raise a few additional antitrust issues to be worked out before any deal comes to fruition, considering the firm also has a small stake in Symantec’s largest competitor, McAfee.

At any rate, Cyber Observer has technical partnerships with all but two of the companies mentioned above (In the interest of Fair Use of their names and logos, I’ll leave the particulars of which two up to the reader to ponder)… so Thoma Bravo, if you’re reading, Cyber Observer might be the fabric you use to knit all those assets into one beautiful, unified, comprehensive cybersecurity solution for Enterprise. Just a suggestion.

Related posts