Uncertainty and instability marked the end of 2022 for many in the tech sector, a trend that bled into the beginning of 2023. Following on the heels of a drought in IT talent came mass layoffs at many of the world’s biggest tech companies as predictions of recession loomed and war in Ukraine dragged on with no end in sight.

Global concern over cybersecurity has never been higher, with attacks coming fast and furious and in ever-growing numbers, and 65% of organizations planned to increase cybersecurity spending in 2023. That means CISOs may be pressured to do more with what they have as budgets shrink even as demand for security increases. And they should be aware of what could change if one of their vendors is acquired in this climate.

Corporate deals have dropped from the highs of 2021 as well as investors proceed with caution, eyeing interest rate increases and the possibility of a recession. There were some indications that cybersecurity might be an outlier in 2023—that M&A activity might remain a little more robust than in other parts of the tech world. “There are abundant opportunities for innovation in cybersecurity as new technology breakthroughs, such as the near-human capabilities of ChatGPT, introduce new and largely unaddressed security risks,” DataTribe noted in its fourth-quarter 2022 Insights.

While recognizing the ever-growing importance of cybersecurity and the ever-growing demand to protect against increasingly sophisticated—and numerous—bad actors, dealmakers are likely to be active but cautious in the year to come.

Below are the deals that CSO has selected as the most significant of the year. (This list is updated periodically as new deals are announced.)

Cisco agrees to buy Lightspin Technologies

March 29: Software and service giant Cisco has agreed to buy privately held cloud security software Lightspin Technologies for an undisclosed amount. Lightspin offers end-to-end cloud security posture management (CSPM) across cloud-native resources. The company will join Cisco’s emerging technologies and incubation (ET&I) business.

Mastercard acquires Baffin Bay

March 20: Mastercard has bought Swedish cybersecurity firm Baffin Bay to increase its cloud-based protections. The company will integrate Baffin Bay’s cloud-based solution that uses AI technology to automatically filter and counteract malicious internet traffic into its current offerings. “The addition of Baffin Bay Network’s instantaneous, predictive and cloud-based  AI technology to our existing analytical capabilities will deliver a leading, singular cyber solution,” Mastercard said in a statement.

HPE acquires Axis Security

March 2: Hewlett Packard Enterprise (HPE) agreed to buy cloud security services provider Axis Security, its third acquisition since January, to deliver a unified secure access service edge (SASE) offering. The acquisition is aimed at incorporating the Axis security service edge (SSE) platform into HPE’s edge-to-cloud network security capabilities with to deliver integrated networking and security solutions as-a-service. HPE plans to integrate Atmos, an SSE offering by Axis Security, into Aruba, its platform for edge-to-cloud networking with AI-based network automation. “The convergence of Aruba and Axis Security solutions will transform edge-to-cloud connectivity with a comprehensive SASE solution that provides enterprises with the highest levels of security for both IoT devices and all users’ access across geographically distributed locations,” Phil Mottram, executive vice president and general manager, HPE Aruba Networking said in a statement.

Online auction giant eBay Acquires 3PM Shield

February 13: eBay acquired 3PM Shield, a provider of monitoring solutions designed to prevent the sale of counterfeit items, unsafe products and illegal goods. The purchase will help provide sellers and buyers with a safe and trusted platform and enhances eBay’s ability to address suspicious or harmful seller behavior and potentially problematic items. “3PM Shield has been a valued and effective external partner in helping eBay tackle these challenges and we look forward to unlocking additional capabilities as we bring their technologies in-house,” eBay Chief Risk Officer Zhi Zhou said in a statement.

Accenture buys Brazil-based Morphus

February 13:  New York-based Accenture has acquired privately held cyber defense, risk management, and cyber threat intelligence services provider Morphus for an undisclosed amount. Brazil-based Morphus provides red and blue team services; governance, risk, and compliance services; enterprise risk management; cyber strategy; threat intelligence; and managed security services. “The acquisition brings more than 230 highly skilled professionals, making Accenture one of the largest cybersecurity professional services providers in Brazil,” Accenture Security global leader Paolo Dal Cin said in a statement. The acquisition launches Accenture’s cyber industry practice in Latin America.

Vista Equity Partners completes acquisition of KnowBe4

February 1: Investment firm Vista Equity Partners completed its acquisition of security awareness training and simulated phishing platform KnowBe4 for $24.90 per share in cash, valuing the company at about $4.4 billion. “The human element remains one of the most important yet neglected aspects of cybersecurity,” Michael Fosnaugh, co-head of Vista’s Flagship Fund and senior managing director, said in a press release. “The opportunity to scale a business that is truly mission-critical to enterprises around the world is core to Vista’s investment approach and value creation efforts.” Vista focuses exclusively on acquiring enterprise software, data, and technology-enabled businesses.

Radiant Logic signs definitive agreement to acquire Brainwave GRC

February 1: California-based Radiant Logic entered into a definitive agreement to acquire French identity governance and analytics company Brainwave to accelerate the companies’ shared vision of an identity data fabric using data science to ensure the right information is in place to make the right policy decisions. “Demand is increasing for cybersecurity, governance, and compliance solutions that help companies address the continually evolving security threats, especially as regulatory environments and fines become more prevalent,” said Joe Sander, CEO of Radiant Logic, in a press release. The companies said the acquisition will strengthen their market positions as identity, analytics, and intelligence experts and provide a zero-trust and identity-first security foundation to deliver enhanced data security, reduced audit and compliance costs, and improved understanding and visibility of malicious activity.

Veridos becomes majority shareholder in NetSeT

January 30: Berlin-based Veridos has acquired a majority stake in NetSeT Global Solutions, a move the company says will strengthen its position as a full-service provider of integrated identity solutions. NetSeT, based in Serbia, develops information systems for the management of citizen data and information security. In 2017, Veridos acquired a minority stake in NetSeT, which will now be integrated into the Veridos Group. “With this acquisition, we are expanding our position as a provider of holistic identity solutions to cover the entire value chain: from citizen registration to the creation and personalization of ID documents and the management of citizen data to document verification,” Veridos CEO Marc-Julian Siewert said in a press release. The move comes after 20 years of collaboration between Veridos and NetSeT. In joint projects, the companies have co-operated in providing the ID system for northern Macedonia, ePassport systems for Bangladesh, Venezuela, and the United Arab Emirates, and a driver’s licence system for Uganda.

Simeio acquires identity and access management firm PathMaker

January 10: Specialized identity and access management (IAM) services provider Simeio acquired Texas-based identity governance firm PathMaker Group in a move that will enhance Simeio’s consulting services and SailPoint implementation capabilities, the company said. “This acquisition solidifies our commitment to integrate future-ready technologies to protect and secure identities. “Simeio CEO Chris Schueler said in a press release. “I am very confident in the unmatched identity security services that our clients can take advantage of as a result of this acquisition.” Simeio operates a portfolio of end-to-end services in advisory, building, and managing identity security solutions. PathMaker’s IAM MAP assessment process and methodology will be incorporated into          Simeio’s proprietary identity orchestration platform Simeio IO, allowing customers to continuously measure and assess the maturity of their identity programs. Simeio’s managed identity security services delivered through Simeio IO will also be accessible to PathMaker clients.

Resource : https://www.csoonline.com/article/3687668/top-cybersecurity-manda-deals-for-2023.html