NEW YORK (The Deal) -- The New Year has been auspicious for cyber security companies.
FireEye's (FEYE) agreement to pay nearly $1 billion for Mandiant in early January suggests that M&A activity will remain high in 2014. Companies such as KEYW Holding (KEYW), Palo Alto Networks (PANW), Imperva (IMPV), Proofpoint (PFPT) and Qualys (QLYS) have made double-digit percentage gains in share price since FireEye announced the purchase.
Meanwhile, the recent high-profile hacks of Target's (TGT) and Neiman Marcus' customer information, and of Yahoo!'s (YHOO) banner ads, underscore the capabilities of cybercriminals and the value of systems that can deter, detect and track data thieves.
"There is much need to innovate because the bad guys continue to innovate," said Imperva CEO Shlomo Kramer, who is a serial investor in the security industry. Kramer backed Trusteer, a malware and fraud protection software company that IBM (IBM) acquired last year. He holds stakes in companies such as WatchDox, Incapsula, Lacoon Security, TopSpin Security and SkyFence Networks and is a former investor in Palo Alto Networks, Sumo Logic and Check Point Software Technologies.
"Today the bad guys are the nation-states and organized criminals that are extremely sophisticated. There is a need to continue to innovate," Kramer said. "This makes information security a very dynamic environment with more segmentation and more acquisitions and more activity than other similar IT markets."
The pace of recent M&A has been steady. Following FireEye's purchase of Mandiant, Palo Alto Networks acquired Morta Security to improve its defenses against advanced persistent threats and campaigns intended to infiltrate a company's network in order to steal data.
Last summer, Cisco Systems (CSCO) bought network security SourceFire for $2.7 billion, a 30% premium to the closing price, paying nearly 10 times revenue.
IBM purchased Trusteer, which protects Web applications, computers and mobile devices, for a reported price of $700 million to $1 billion.
In short, more data stored in more places traveling to more devices will continue to draw more miscreants trying to steal it. The rapid development cycle of cyber attacks places a premium upon technology that defends against these new forms of incursions. The demand from businesses seeking that protection makes the price worth paying.