Just as funding has sputtered to cybersecurity startups in recent quarters, the main exit avenue for startups and investors also has been narrowing.
As one of the largest cybersecurity gatherings kicks off this week in San Francisco — the RSA Conference, where deals have often been announced — M&A deal-making in the cybersecurity space continues to slow with only 13 deals announced for VC-backed startups in the first quarter of the year, per Crunchbase data.
Search less. Close more.
Grow your revenue with all-in-one prospecting solutions powered by the leader in private-company data.
The number represents a 58% drop from a year ago when 31 VC-backed companies were snapped up by strategics and private equity in Q1. The number also puts M&A deal-making on pace to have its slowest year since 2017 — when only 52 VC-backed cyber startups were snapped up by acquirers.
That would be a dramatic decline from the 82 deals witnessed last year and the 125 deals done in 2021.
Few deals big or small
The largest deal in Q1 by far in cyber was Hewlett Packard Enterprise’s acquisition of San Mateo, California-based cloud security company Axis Security for what was reported to be less than $500 million last month.
The next two largest deals for the quarter were much smaller by comparison:
- Tech giant Cisco acquired Israel-based Kubernetes security firm Lightspin for a reported $200 million in March.
- Rapid7 bought Israel-based endpoint security startup Minerva Labs for approximately $38 million in cash and stock, also last month.
The slowdown in deal-making comes against the backdrop of a significant decline in funding to startups in the sector. Venture-backed startups in cybersecurity saw nearly $2.7 billion in the first quarter of this year, per Crunchbase data — which was a slight uptick from the $2.4 billion in the final quarter of last year, but also a 58% drop from the $6.5 billion such startups saw in Q1 2022.
What’s next?
The simultaneous drop in funding and deal-making is important to note because it begs the question: What will cyber startups do when their cash runways end?
Many startups are likely facing that dilemma right now. While they may still have money after raising significant sums in the salad days of 2021 and even early 2022, that cash is probably drying up. They also likely have inflated valuations that make a sale a no-go for would-be acquirers.
It’s interesting to note the three largest deals last quarter all involved Israel-based or -founded startups — which normally have lower valuations than many of their Silicon Valley brethren.
It is likely many big acquirers are sitting on the sidelines, waiting for valuations of targets to continue to come down, while also waiting for their own share prices to come back up, in order to negotiate better deals that may involve stock.
Large would-be buyers like Zscaler, Splunk and Palo Alto Networks all have watched their share prices creep up this calendar year.
While it may be true that some cyber startups are still sitting on the war chests they built up in 2021-22, that money will last only so long, even with many becoming more cash-efficient through layoffs and operational changes.
One would think deal-making will have to kick in sometime in the next few quarters as venture dollars become scarcer.
Maybe that will start this week in San Francisco.
Methodology
Cybersecurity is defined by the industries of network security, cloud security and cybersecurity, according to Crunchbase data.
Further reading:
Illustration: Dom Guzman
Stay up to date with recent funding rounds, acquisitions, and more with the Crunchbase Daily.
67.1K Followers