The rapid proliferation in M&A in the threat intelligence market

In the post Covid-19 business landscape, the global threat intelligence market size is projected to grow from $7.3 billion in 2020 to $20.6 billion by 2027 with a compound annual growth rate of 16% over the next 5 years.

Anthony Platt

Anthony Platt, co-Head of Technology at finnCap Cavendish, takes a look at the reasons for this growth and what businesses should consider to stay ahead of the game.

The macroeconomic climate

This increasing proliferation of the threat intelligence market is due to a number of factors. Covid-19 was a major catalyst for a surge in demand for threat intelligence solutions. Recent data suggests that, as of February 2022, 84% of workers who took up working from home due to the coronavirus pandemic plan to continue with hybrid work in the future. This upsurge in remote working has increased network vulnerability allowing threat actors to take advantage of their weaker networks whilst working from home.

This is coupled with the current heightened geopolitical environment and escalating tensions with Russia. The war in Ukraine has seen the Russian hacking of Ukrainian satellite systems, energy companies and other critical infrastructure. According to a report published by Microsoft, the Kremlin is likely to expand its cyber-attacks against Ukraine’s allies and neighbours to destroy both military and humanitarian supply chains reaching the country.

Due to these factors, the regularity of cybercrimes worldwide has seen significant growth and shows no sign of slowing down. Indeed, in 2022 global businesses faced a ransomware attack every 11 seconds – a 20% increase on 2019. Research by CyberSecurity Ventures has predicted that this unnerving increase in cybercrimes will have cost global business in excess of $10 trillion by 2025.

Defining ‘threat intelligence’

As a result, one of the most significant trends in cybersecurity which is gaining considerable investment interest is threat intelligence. This is the data that is collected, processed, and analysed to understand a threat actor’s motives with the aim of enabling more informed data-backed security decisions. This could perhaps be better understood as the ultimate computer game that pits good versus evil and is played almost constantly on screens all around the world. However, this is no recreational sport, and instead adversaries bid to outmanoeuvre each other with millions of dollars on the line.

What makes this form of cybercrime so dangerous to businesses is that the threat landscape is constantly evolving, and therefore requires meticulous monitoring on an almost constant basis. This landscape is now any Chief Information Security Officer’s biggest headache and Executives’ biggest area of weakness for their business. To show the magnitude of this risk, IBM in their ‘Cost of a Data Breach’ report calculated that the average cost of a cyber security breach surpasses $4m. This includes forensic costs, lost business, reputational damage, regulator fines, and more.

Hackers are consistently one step ahead so simply putting up a firewall and waiting for an attack is not sufficient anymore. Businesses need to take the necessary steps to understand these threat actors daily. If they do not, they could risk losing millions of pounds in revenue and reputational damage, and may also face financial penalties.

Kevin McMahon, CEO of Cyjax, a growing UK-based threat intelligence platform comments: “I think threat intelligence – shared widely in an organisation – raises security awareness, reinforces security policy, and is a powerful way of building a robust security culture. Properly leveraged and operationalised, it can ‘side-step’ impactful cyber-attacks on the organisation and support the business case for the adoption of improved cyber security controls.”

Corporate activity is heating up within the cyber security market

Businesses are in dire need of intelligence platforms that offer the following three things: integral insights into identifying the threat actors, a coherent assessment of the risks they pose and the ability to address these threats quickly and efficiently.

M&A is beginning to play an increasingly important role as cybersecurity platforms and providers move from primarily delivering network-based security solutions, into attack surface monitoring and further into threat intelligence. Some key transactions include Thoma Bravo’s investment in Intel 471, Cybersixgill’s $50m Series B fundraise, Reliaquest’s acquisition of Digital Shadows for $160m, and IntSights being acquired by Rapid 7 in July 2021 for $335m.

Deal activity and valuation multiples in this sector have increased rapidly due to the spike in cyber attacks during the Covid-19 pandemic. This has provided an opportunity for innovative UK players to leverage access to social media forums and dark web marketplaces, and equip businesses with intelligence and monitoring on threat actors and malware attacks.

Although the world of threat intelligence is constantly evolving, the opportunities are endless for firms that are truly focused on innovation and staying ahead of the game.

(1)https://www.reportlinker.com/p06361359/Global-Threat-Intelligence-Industry.html?utm_source=GNW

(2)https://www.ons.gov.uk/employmentandlabourmarket/peopleinwork/employmentandemployeetypes/articles/ishybridworkingheretostay/2022-05-23

(3)https://www.politico.com/news/2022/12/03/microsoft-warning-russian-ukraine-cyberattack-00071908