SPACInsider contributor Eric Weidemann this week compiled his three favorite potential SPAC cybersecurity targets. We look at why they are compelling and why each could be a fit for a blank-check merger.
One of the more inconspicuous trends accelerated by the COVID-19 pandemic is the growth in the need for cybersecurity. With more and more workers logging in remotely and evermore enterprise software systems moving to the cloud, companies have shown that they’re moving beyond the name brand virus-detectors to secure their data.
Even absent the sudden work-from-home change, consumers have been continually adding smart connected devices to their orbit, each of which provides a new avenue of attack on individuals and organizations. Meanwhile, intrusions were on the rise with one in five businesses reporting unauthorized access to their cloud in the past year according to a 2019 SANS Institute report.
The sector is expected to grow by a CAGR of 10% through 2027 and the past month has brought a series of investments shining a light in the sector as cybersecurity firms absorb capital to keep up with demand. Infrastructure cybersecurity company Dragos raised a $110 million Series C this week, while Menlo Security boosted its valuation to $800 million with a $100 million Series E in November. SentinelOne also raised a $267 million Series F last month at a valuation of $3.1 billion, nearly tripling the valuation it received in February.
Competition in specific slices of the cybersecurity market have been a major impetus for funding. One such battleground has been in software security information and event management, or SIEM, which consists of analyzing and responding to security alerts logged throughout a system.
Splunk (NASDAQ:SPLK) has held a strong hold on the SIEM since its IPO in 2012, but, younger firms are increasingly gunning for them.
One rising challenger is Exabeam, which is expected to be an IPO candidate in 2021 after reaching a valuation of $820 million in its last capital raise in May 2019. Its SIEM approach is to analyze all of a client’s past and present log data with machine-learning tools to achieve a baseline of “normal” activity within days in a process that normally takes weeks.
It estimates that this also allows it to detect and react to cyber attacks 51% faster than competitors.
Exabeam has already laid down the gauntlet stating it intends to take Splunk’s spot at the top and has raised a total of $190 million through five rounds since its 2013 founding in an effort to do so.
In February, it touted a win rate of over 70% in replacement deals against “legacy vendors,” including Splunk, IBM, McAfee, RSA, LogRhythm and Micro Focus. It also notched $100 million in sales for 2019, ranking it as Deloitte’s 44th fastest-growing Bay Area company.
So, while Exabeam seems to have all of the ingredients in place for an eventual IPO, the eagerness its management team has shown for aggressive growth also makes it a strong SPAC candidate.
The other acronyms expected to feature heavily in skyrocketing cybersecurity players are CASB and SASE.
Cloud access security brokers (CASB) provide software that sits between cloud applications and users to monitor and enforce security policies. CASB software was a hot ticket when it was initially debuted by a series of startups in 2015, but a frenzy of acquisitions by tech giants left hardly any standalone CASB players by 2017.
The next smorgasbord is set to be for companies with secure access service edge (SASE) features. SASE is an innovation that first got its name in 2019 and connects security architecture to individual workers, machines and applications.
If a there is to be a single standalone SASE player to list and compete with the big dogs rather than get gobbled up by them, there’s a good bet it will be NetSkope. It is already one of the only standalone CASB players that maintained its dogged independence through the rapid consolidation of the past few years.
NetSkope is also one of just five vendors named as a CASB leader in Gartner’s Magic Quadrant, alongside Bitglass and giants Microsoft, McAfee and Symantec.
The advantage of SASE is that it allows companies to expand networks, add services and make updates without having to wait for cybersecurity barriers to catch up because the security is baked into the system.
Only about 1% of companies were estimated to have adopted SASE to their networks in October 2019. It was then predicted about 40% of companies would adopt SASE features to their networks by 2024, but the pandemic has accelerated this trend even further. In a recent survey, Nemertes found that 62% of organizations said they planned to deploy SASE by the end of 2020.
NetSkope received a valuation of just under $3 billion in a $340 million Series G led by Sequoia Capital Global Equities in February.
There are a whopping 44 SPACs currently searching for a combination target in the software or technology sectors of some form, excluding fintech. Because cybersecurity is a sector that overlays nearly every sector in the 21st century, however, suitors would be less defined by sector fit than how well their teams understand the opportunity and which ones can afford NetSkope.
If a cyberattack or intruder is able to get past the CASB and SASE defenses, Vectra could be the company to be hunting it down.
Its Cognito Detect software leverages artificial intelligence for network detection and response (NDR) tools to neutralize hidden cyberattacks once they have gotten inside of cloud, data center or enterprise network.
Vectra has raised a total of $222.5 million with its last round coming in the form of a $100 million Series E in June 10, 2019. It has held its financial figures close to the vest over the past two years, but it announced revenue growth of 181% in 2017 and 104% in 2018.
The latest news with the company also suggests that it is right at the much-sought after inflection point that SPACs look for to time their combinations.
In October, Vectra announced it was partnering with cybersecurity leader CrowdStrike to integrate Cognito Detect with CrowdStrike’s Falcon Insight software to reduce periods of time users are locked out of cloud functions while breaches are dealt with.
This partnership appears to mostly pull CrowdStrike tools into the Vectra platform, but it opens the door to potential integrations flowing the other direction, giving Vectra access to CrowdStrike’s much larger client base.
A potentially even larger opportunity was opened with Vectra’s release of an optional integration with Microsoft Office 365, which is estimated to have more than 200 million monthly users.
Now is also a prime time for a SPAC to strike to before valuation expectations rise alongside new cybersecurity IPOs. Among the companies pressing for a 2021 listing is Vectra’s NDR competitor Darktrace, which is reportedly lining up banks for a $5 billion IPO in London.