NEW YORK (The Deal) -- With the $8 billion sale of its Veritas storage unit to a group led by Carlyle Group (CG - Get Report) announced last week, Symantec Corp. (SYMC - Get Report) CEO Michael Brown said the cybersecurity company will likely use some of the proceeds to make acquisitions.
Brown is not alone.
Cybersecurity has been a bustling field for M&A. 451 Research reports that there were 82 security deals totaling $6.62 billion through the end of July, putting the sector on pace to top last year's record-setting total of 106 deals valued cumulatively at $5.44 billion. With all of the consolidation, 451 Research lists close to 1,200 security companies, indicating that that there is ample fodder for deals.
"The whole security space is so fragmented," said Dougherty & Co. analyst Catharine Trebnick.
FireEye Inc. (FEYE - Get Report) and Palo Alto Networks Inc. (PANW - Get Report) could emerge as consolidators, she suggested, though they would target different types of companies. In addition to Symantec, legacy tech companies such as IBM Corp. (IBM - Get Report) and the RSA unit of EMC Corp. (EMC) are also candidates to make acquisitions.
FireEye acquired forensic security group Mandiant Corp. for $1 billion last year. Mandiant comes in after an attack, and recommends which security options a company should deploy.
"They are really using the Mandiant piece as a Trojan horse," Trebnick said.
Centrify Corp., which has backing from Accel, Mayfield, Index Ventures, Sigma West, Samsung, Docomo and Fortinet, provides identity management security and could also fit with FireEye and Mandiant. FireEye and Certify declined to comment for this story. A representative from CyberArk could not be reached.
A hacker's first move, once breaking into a system, is often to seek higher credentials so he or she can more easily access sensitive parts of a company's network. The breaches at Sony Corp. (SNE - Get Report) and others underscore the importance of shielding sensitive data. "Why not take on privilege access management, because usually that's part of the problem?" Trebnick asks.
IBM has a foothold in privilege access management, and had $48.8 billion in cash at the end of the third quarter. Last year, IBM acquired CrossIdeas, which develops software to manage access to applications and data. Trebnick suggested that IBM could expand its position in privilege access management by picking up CyberArk, which has a market cap of about $2 billion. IBM did not respond to queries.
Palo Alto Networks may prefer smaller, tuck-in deals, Trebnick said, pointing to the $200 million acquisition of Cyvera, which protects "end points" such as servers, laptops, phones and other devices from attacks. The company is developing its cloud portal, the analyst suggested. An early-stage software developer might be easier to integrate into its platform. The company could scout targets in Israel, where it has a presence. "There are a tone of really good security companies that are in early phases in that region," she said. Palo Alto Networks declined to comment on M&A strategy.
EMC generated nearly $650 million in free cash flow million in the second quarter, putting its cash and investments close to $15 billion. The company acquired RSA Security for $2.1 billion in 2006, Trebnick said the company could take a role in consolidation. Elliott Management Corp. would have some say in how the company deploys its cash, however. The activist had pushed for divestitures, and reached a truce with EMC earlier this year. A spokesman for the company could not be reached.
With the frothy deal activity, valuations of many security companies have risen. Wells Fargo Securities LLC values CyberArk at 12.5 times projected 2015 revenue. Symantec, by comparison, trades at about 2.4 times.
With the high stakes involved in contemporary security breaches, companies that can prevent hackers from looting corporate data and other valuables may command a hefty ransom.