U.S. Cybersecurity Sector Recap

Ropes & Gray LLP
Contact
LinkedIn
Facebook
X
Send
Embed

Ropes & Gray LLP

Key Takeaways

  • M&A activity in the cybersecurity sector is on pace to exceed 2024 volume by 10% in 2025, with continued consolidation as larger firms acquire niche players to enhance capabilities or expand product offerings.
  • The cybersecurity sector is experiencing a trend toward larger transactions, with a rising proportion of deals over $250 million, as both strategic buyers and private equity investors focus on acquiring high-quality, mature assets to build comprehensive platforms and address the growing complexity of cyber threats.
  • The integration of generative and agentic AI is accelerating innovation in threat detection and automation, while heightened regulatory and geopolitical factors are shaping deal structures and strategic decisions across the cybersecurity M&A landscape.

U.S. Cybersecurity M&A + PE Deal Activity

  • Deal count: In Q2 2025, deal count fell below the prior quarter as well as the quarterly average of the past four years. However, strong volume in Q1 and healthy volume in Q2 bodes well for an elevated full-year deal count, as sector dealmaking tends to accelerate in H2.
  • Deal value: In Q2 2025, deal value was muted, with no megadeals and many deals without disclosed values.
  • Cumulative deal value: In 2023, cumulative deal value reached unprecedented levels due to several deals valued between $1 Bn – $5 Bn, along with Broadcom's $69 Bn acquisition of VMware.

 

Top 5 U.S. Cybersecurity Deals by Size YTD

Date Acquiror Target Deal Value ($ Mn) Company Description
March Alphabet WIZ $32,000 A cloud security platform that provides agentless visibility into security risks across clouds, containers, and workloads, enabling businesses to identify vulnerabilities.
February Sophos, Thoma Bravo Secureworks $859 Provides technology-driven SaaS and professional services to help organizations prevent, detect, and respond to cyber threats.
April Palo Alto Networks Protect AI $700 Uses zero-trust principles to scan and profile both third-party and in-house AI models for security threats.
May Leidos Kudu Dynamics $300 Software for businesses and national security that mitigates cyber domain asymmetries through firewalls, intrusion detection systems, and endpoint protection platforms.
June Cellebrite Corellium $170 Develops security research software focused on ARM device virtualization for mobile security research, mobile app testing, and IoT device modeling.

U.S. Cybersecurity VC Deal Activity

  • Deal count: In Q2 2025 deal activity decreased from last quarter and is slightly below the quarterly average, mirroring the general wait-and-see mode of the broader market. If this pace is maintained, projected year-end 2025 deal count will be in line with last year, suggesting some cautious optimism for the rest of the year.
  • Deal value: In Q2 2025, VC deal value increased compared to last quarter despite being slightly below the four-year quarterly average. The largest VC deal of Q2 was Cyera’s $540 Mn Series E funding round.

 

U.S. Cybersecurity VC Deal Size

  • In H1 2025, the proportion of VC deals with disclosed deal values between $5-$25 Mn were 11 percentage points above the five-year average (2020-2024), while the proportion of deals smaller than $5 Mn decreased.
  • The majority of deals with disclosed values in H1 2025 were below $25 Mn, in line with the five-year trend.

Top 5 U.S. Cybersecurity Deals by Size YTD

Date Lead Investor(s) Target Deal Value ($ Mn) Company Description
May Georgian, Greenoaks, Lightspeed Ventures CYERA $540 Data security platform that helps organizations discover, classify, and protect sensitive data across their cloud environments.
April IVP, Kleiner Perkins Chainguard $356 Creates and maintains secure base container images to help developers build software with packages free of vulnerabilities.
May Coatue Island $250 Developed the Enterprise Browser, a Chromium-based solution designed to integrate advanced security, governance, and visibility directly into the browsing experience.
January Founders Fund, Ribbit Capital persona $200 Provides a customizable identity verification platform, enabling businesses to securely verify users through automated processes.
March Madrone Partner, Ten Eleven Ventures AURA $140 Offers an all-in-one digital safety platform that provides identity theft protection, financial fraud prevention, device security, and AI-powered parental controls for individuals and families.

Public Company Financials

Company Vertical EV
($ Bn)		 Market Cap
($ Bn)		 TTM Sales
($ Bn)		 Price (7/7) Price as %
of 52-Week High		 EV / Free
Cash Flow		 EV /
Revenue
Palo Alto Networks Diversified $126.60 $134.30 $9.60 $201.40 96.70% 42.2x 13.2x
Crowdstrike Extended Detection & Response $122.20 $126.00 $4.90 $505.50 98.30% 119.1x 24.9x
Fortinet Network Security $77.80 $81.60 $6.80 $106.70 93.10% 37.7x 11.4x
Cloudflare Network Security $66.40 $66.80 $3.00 $192.90 98.50% 278.4x 21.8x
Zscaler Cloud Security $47.30 $49.10 $3.60 $315.50 100.00% 68.5x 13.1x
Gen Consumer & SMB $25.90 $18.70 $4.30 $30.10 95.00% 21.5x 6.0x
CHECKPOINT Network Security $21.20 $24.20 $2.50 $223.00 95.50% 19.5x 8.4x
CyberArk Identity Access Management $19.10 $19.90 $1.30 $401.50 96.90% 76.0x 14.5x
f5 Network Security $16.20 $17.20 $3.30 $299.30 96.30% 18.3x 4.9x
Okta Identity Access Management $15.30 $17.10 $2.30 $97.40 76.50% 19.0x 6.7x
TREND Cloud Security $7.90 $9.20 $1.90 $65.60 82.80% 24.0x 4.1x
SentinelOne Extended Detection & Response $5.30 $6.10 $0.90 $18.20 60.70% 298.3x 6.2x
Varonis Data Security $5.30 $5.70 $0.70 $51.10 85.20% 44.8x 7.2x
Qualys Vulnerability Analytics $4.70 $5.30 $0.70 $146.90 71.40% 17.8x 6.4x
Tenable Vulnerability Analytics $4.10 $4.20 $0.90 $34.30 66.00% 16.9x 4.5x
BlackBerry Endpoint Security $2.50 $2.60 $0.60 $4.30 71.00% - 4.1x
Rapid7 Vulnerability Analytics $2.10 $1.50 $0.80 $23.90 38.90% 12.4x 2.6x
secunet Cybersecurity Services $1.70 $1.70 - $263.40 96.70% 31.0x -
Radware Network Security $1.00 $1.30 $0.40 $30.30 99.20% 15.0x 2.3x
NCC Group Cybersecurity Services $0.70 $0.60 $0.50 $2.00 82.10% - 1.4x
OneSpan Identity Access Management $0.60 $0.70 $0.30 $17.80 88.10% 11.6x 2.0x
F-Secure Endpoint Security $0.60 $0.40 $0.20 $2.20 85.30% 16.3x 3.2x
Mitek Identity Access Management $0.50 $0.50 $0.20 $10.30 69.50% 10.2x 2.2x
WITH Secure Endpoint Security $0.20 $0.20 $0.20 $1.20 87.80% - 1.2x
Telos Network Security $0.20 $0.20 $0.20 $3.10 65.70% - 1.2x

U.S. Cybersecurity Trends

M&A Dealmaking: M&A activity in the cybersecurity sector is expected to remain strong in 2025, driven by the growing need for comprehensive solutions amid the increasing prevalence and complexity of cyber attacks. It is likely that 2025 will continue to see consolidations between larger firms and niche players to enhance their capabilities or expand product offerings.

Venture Capital: VCs have been focused on proactive threat prevention, identity and cloud security, and regulatory alignment. As underlying technologies evolve and agentic AI reshapes everything from threat detection to team workflows, there is a shift in VC strategy to focus on proactive defense rather than reactive response. Early-stage funding investment in seed and Series-A start-ups continues to lead the funding landscape in 2025.

IPO: Driven by demand tailwinds that include escalating threats and digital sovereignty needs, there is cautious optimism for cybersecurity IPOs in H2 2025 despite high interest rates and tariff uncertainty. SailPoint's IPO in February (valuing the company at $12.8 Bn), has set the stage for other mature cybersecurity firms to follow suit.

Industry Growth: Global cybersecurity spending is expected to surpass $1.75 Tn cumulatively between 2021 and 2025, with $459 Bn allocated in 2025 alone.

Zero-trust and cloud adoption have been popular due to increased demand in identity and access management and privileged access management as identity risks amid non-human identities increase.

Additionally, the industry will continue to seek out talent as there is a global shortage of an estimated 2.8 million cybersecurity professionals.

July 8, 2025 - Pinpoint

“Investors are placing larger, more selective bets — evidenced by eight rounds exceeding $100 million accounting for 55 percent of all Q2 funding. But macro headwinds persist, with ongoing tech layoffs and enterprise budgets under scrutiny. Success in the second half of 2025 will require cybersecurity companies to demonstrate clear value propositions, strong go-to-market execution, and measurable outcomes rather than flashy features.” – Founder and Managing Partner, Pinpoint.

May 20, 2025 - Palo Alto Networks

“The volume and complexity of threats are not slowing down either. Bad actors are using AI to move faster than ever. Recently, our Unit 42 team was able to simulate an entire ransomware attack in under 25 minutes using AI at every stage of the attack chain. That's a staggering increase in speed, powered entirely by AI.” – CEO, Palo Alto.

May 2, 2025 - McKinsey & Company

“For many clients, cybersecurity is a ‘layered’ solution, in which a variety of different products and services leads to better security. The growing shortage of workers with cybersecurity skills makes organizations particularly dependent on layered services to compensate for the lack of talent available.”

March 11, 2025 - Secureworks

“I think in 2025 we’ll see more M&A and industry consolidation. I think there is still, when it comes to M&A, a lot of niche players [and] too much confusion in the marketplace. I think you’re going to still see M&A as a driving mechanism in 2025.” – Director, SecureWorks.

U.S. Cybersecurity Outlook

AI and Automation Integration: Generative and agentic AI are being leveraged to enhance threat detection, automate patching, and improve cloud security. The market is projected to grow at a 33.4% CAGR, reaching $40.1 Bn by 2030, fueled by AI’s ability to detect sophisticated threats, generate secure code, and accelerate DevSecOps cycles.1

Platformization and Consolidation: Experts predict continued M&A activity, with major companies consolidating smaller players to form comprehensive platforms, as demonstrated by Palo Alto’s acquisition of Protect AI in April. This trend is driven by enterprises seeking integrated solutions for endpoints, cloud workloads, and identity security.

Cloud Security and Zero-Trust Architecture: The shift to cloud-first strategies is accelerating demand for cloud security tools and zero trust frameworks, where identity and data protection is key. Companies like AWS, Microsoft, and Google are centralizing security in their ecosystems, while companies like Palo Alto and CrowdStrike are adapting their offerings to align with cloud-native and SaaS-based approaches.

Adversarial Adaptation: Organizations face a dynamic and evolving threat landscape, from deepfake impersonations to the development of highly sophisticated AI malware capable of adapting in real time to security protocols, making detection more difficult. Additionally, large language models (LLMs) are being exploited to automate large-scale social engineering attacks, enabling more convincing scams across email, messaging apps, and even virtual assistants. Notably, credential phishing attacks increased by 703% in the second half of 2024, largely due to the advent of AI.2 As deepfake and LLM attacks evolve, defenders must adopt proactive and real-time adaptive AI to stay ahead.

Military and Defense Sector Investment: Increased spending on cybersecurity by defense and military organizations is expected over the next five years due to evolving threats and zero-trust mandates. For example, the U.S. Coast Guard has updated its maritime security regulations recently by establishing minimum cybersecurity requirements for U.S.-flagged vessels. The Department of Defense now mandates zero-trust implementations, while companies like Shift5 expect it to become standard in aircraft systems by 2030.

Carveouts and Divestitures: Cybersecurity companies are carving out assets that no longer align with core offerings or address technological shifts. For example, WithSecure divested its cybersecurity consulting business to Neqst in February. Sector players are expected to continue to sell off non-core assets for strategic realignment amid the technological shift triggered by the advent of AI.

Tariff and Regulatory Implications

Potential Digital Services Tariff: The Trump administration called for a renewal of the digital service taxes (DST) investigation. A new tariff policy could draw more uncertainty to the future of cybersecurity companies, disrupting costs and pricing.

Digital Sovereignty: The push for digital sovereignty is driving demand for domestic cybersecurity solutions amid geopolitical tension.

1 SentinelOne Expert Call, 2Slash Next

  1. Unless otherwise noted, charts compiled using Mergermarket data for June 2025 as of July 7, 2025. Aggregate deal values by dollar amount are calculated from the subset of deals with disclosed values.
  2. Medical industry classification principally includes medical devices/technology/services, excluding biotech and pharmaceutical deals.
Send Print Report

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations. Attorney Advertising.

© Ropes & Gray LLP

Written by:

Ropes & Gray LLP
Ropes & Gray LLP
Contact
more
less

PUBLISH YOUR CONTENT ON JD SUPRA NOW

  • Increased visibility
  • Actionable analytics
  • Ongoing guidance

Ropes & Gray LLP on:

Reporters on Deadline

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign Up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
Custom Email Digest
- hide
- hide