Cybersecurity M&A Roundup: PhishMe, Phantom AcquiredPhishMe Becomes 'Cofense' After It's Purchased; Splunk Buys Phantom
Cybersecurity company mergers and acquisitions continue. Among the major deals: The sale of PhishMe to a privacy equity syndicate and Splunk's purchase of Phantom. But these are just the latest in a series of moves so far this year as consolidation continues.
"PhishMe was founded to challenge the cliché that people are the weakest link in security," says Rohyt Belani, Cofense's CEO. Instead, he said, employees can be "conditioned to be less susceptible to cyberattacks" as well as provide useful intelligence on unfolding attacks.
The company previously raised a total of about $58 million, including $42.5 million in series C funding in 2016.
Cofense says it has more than 1,700 customers in more than 50 countries; its PhishMe Reporter software, which gathers user reports of suspicious emails, runs on more than 10 million end users' workstations.
Proofpoint Grabs Wombat
Security awareness firms seem to be hot properties. On Feb. 6, cloud-based cybersecurity firm Proofpoint announced an agreement to purchase Wombat Security Technologies, a phishing simulation and security awareness training provider, for $255 million.
"Because threat actors target employees as the weakest link, companies need to continuously train employees and arm them with real-time threat data," says Gary Steele, Proofpoint CEO. "The acquisition of Wombat gives us greater ability to help protect our customers from today's people-centric cyberattacks, as cybercriminals look for new ways to exploit the human factor."
The deal is expected to close by the end of March. It follows Proofpoint last November closing a deal to acquire Cloudmark, a messaging security and threat intelligence provider, for $110 million.
Splunk Grabs Phantom
Splunk, a San Francisco-based firm that builds software designed to search, monitor and analyze machine-generated big data, announced Tuesday a deal to acquire Phantom Cyber Corp. for approximately $350 million.
Phantom is a provider of so-called security orchestration, automation and response platforms. Adding SOAR capabilities to Splunk's big data platform will help security and IT teams to "further cut down the time it takes them to eliminate threats and keep the business running," says Oliver Friedrichs, CEO of Phantom.
Security orchestration is an up-and-coming space that was well-represented at the 2017 RSA conference in San Francisco. Information security veteran Bruce Schneier, CTO of IBM's Resilient Systems, which offers security orchestration capabilities, said in a blog post last year that security orchestration "represents the union of people, process and technology," ideally automating as many security management activities as possible while not letting the rest slip through the cracks.
"It's computer automation where it works, and human coordination where that's necessary," Schneier said. "It's networked systems giving people understanding and capabilities for execution. It's making those on the front lines of incident response the most effective they can be, instead of trying to replace them. It's the best approach we have for cyber defense."
CyberX Secures $18 Million in Funding
In other cybersecurity corporate activity, on Tuesday, industrial internet of things and industrial control system security firm CyberX announced that it had closed $18 million in series B funding, led by Norwest Venture Partners, bringing its total funding to $30 million (see World's Most Common Industrial Control Protocol Dates From 1979).
M&A advisory firm Momentum Cyber predicts the industrial control system market will grow from $10.2 billion in 2017 to $13.9 billion by 2022, "driven primarily by exponential rise in cyberattacks and network security threats, huge investments in smart technologies, and support from government organizations," including for smart manufacturing and smart grid efforts (see Hardware Flaws Delay Smart Nation Projects in Singapore).
Big firms in the space, Momentum says, include New York-based Claroty, which has raised $32 million to date; Maryland-based Dragos, which has raised $11.2 million; Israel-based Aperio, which has raised $6.5 million; and Dutch firm Security Matters, which has raised an undisclosed amount.
Threat Metrix Acquired
In January, the biggest cybersecurity deal involved Threat Metrix, which was snapped up by RELX Group, the parent company of global data technology and advanced analytics firm LexisNexis Risk Solutions, for $830 million. Threat Metrix provides software-as-service anti-fraud services, including customer identity management and authentication.
Another notable deal announced in January, according to Momentum Cyber, was Amazon's AWS cloud business spending $40 million to acquire cybersecurity startup Sqrrl, which enables security analysts to hunt for and investigate advanced threats. Also, Cisco announced the purchase of Skyport Systems, a privately held firm that provides providing cloud-managed services designed to run and protect business-critical applications, for an undisclosed amount. And Barracuda annnounced that it had purchased PhishLine, a SaaS platform for social engineering simulation and training, for an undisclosed amount.
Among the larger venture capital deals in January, according to Momentum Cyber, are French blockchain security firm Ledger, which raised $75 million in series B funding, led by Draper Esprit; California-based threat management firm Anomali raising $40 million in series D funding, led by Lumia Capital; and New Jersey-based security policy management vendor AlgoSec seeing a $36 million investment from private equity firm Claridge Israel.