Uncertain Markets May Drive Cybersecurity ConsolidationExperts: This Week's 'Black Monday' Likely to Accelerate Security M&A Activity
After a week of ups and downs, Wall Street took another plunge on Monday, bringing technology companies and cybersecurity firms along for the ride for what turned out to be one of the worst U.S. stock market days in history.
By the end of the trading day on Monday, the Dow Jones Industrial Average and S&P 500 recorded their worst days since the infamous "Black Monday" crash of 1987. The Dow fell 12.9 percent over the course of the day, while the S&P fell by 12 percent. At the same time, as CNBC reports, the Nasdaq Composite had its worst day on record, falling 12.3 percent.
Monday's Wall Street sell-off came after the U.S. Federal Reserve announced late Sunday that it would slash interest rates to near zero as well as start a $750 billion asset-purchasing program designed to help alleviate the economic fallout from COVID-19. But the rapid rise of the disease worldwide, uncertainty that it poses to the social fabric, apparently inadequate early containment efforts in some countries - including the U.S. and U.K. - and impact of social distancing and quarantines continue to rattle global markets (see: COVID-19 Complication: Ransomware Keeps Hitting Healthcare).
In line with the broader market dive, technology and cybersecurity stocks took a hit on Monday too. IBM stock, for example, took an 8 percent hit and ended the day at $99.08. Another technology sector bellwether, Microsoft, saw its stock fall over 14 percent, while Amazon dipped more than 5 percent and Alphabet, the parent company of Google, declined by about 11 percent.
Cybersecurity stalwarts also took big hits. CrowdStrike stock fell over 16 percent, while Palo Alto Networks and FireEye stock dipped, respectively, by 9.5 percent and 18.9 percent. Okta, Zscaler, Tenable, Fortinet and numerous other security firms also recorded Monday stock declines.
Some observers believe that that these large-scale disruptions to Wall Street and global markets are likely to accelerate current trends in the cybersecurity marketplace - namely consolidation and fresh merger and acquisition deals.
"The wave of consolidation that had already begun in cybersecurity is going to be accelerated by the events of the past week," Hank Thomas, CEO of Strategic Cyber Ventures, a Washington-based venture capital firm, tells Information Security Media Group.
What's likely to emerge are larger companies with platforms and tools that can address multiple security concerns instead of addressing niche issues, Thomas says.
"Multidimensional platforms are going to play a much bigger role in enterprise security in the coming years," Thomas says. "We are going to see the number of vendors the average CISO has in their ecosystem drop as these more capable platforms emerge. Increased M&A activity is going to drive the development of these platforms."
Much of this deal-making and M&A activity will play out against a backdrop of ongoing uncertainty as businesses try to assess the overall economic damage from the COVID-19 outbreak, according to BlackRock Investment Institute. What the financial firm does not see, however, is a repeat of the crisis of 2008, where credit markets locked up and investment fell.
"Stringent containment and social distancing policies will bring economic activity to a near standstill, but provided aggressive fiscal and monetary policy actions are taken to bridge businesses and households through the shock, activity should return rapidly with little permanent economic damage," according to BlackRock's analysis.
Reflecting on current market volatility, Art Coviello, a partner at Rally Ventures who formerly served as CEO of RSA, last week told ISMG that technology and cybersecurity stocks will flow with the market. But he predicts that firms with solid fundamentals and security offerings will not only survive but thrive in the new environment.
"If the virus becomes more severe, it could cause a slowdown in the economy but the fundamentals prior to the coronavirus were good, so a near-term bounce back would be probable," Coviello says. "All of this may have an ameliorating effect on the already high security valuations but I believe the cream will rise."
To illustrate that point, on Monday, Checkmarx, an Israeli security company known for its DevOps and application security testing tools, announced that its current owner - Insight Partners - is selling the company to another private equity firm, Hellman & Friedman, in a $1.15 billion deal. "My prediction is that we are going to see a lot of consolidation and exits (both good and bad) in the coming weeks," Joseph, Krull, an analyst with Aite Group and a former CISO, tells ISMG (see: Security Firm Checkmarx Getting New Owner).
Looking at both the cybersecurity market and broader technology space, businesses destined to beat the competition when Wall Street settles will be the players that either address very specific business problems that security can solve, including helping organizations muster and secure employees who are increasingly working remotely - outside the corporate firewall - and thus more vulnerable to online attacks, says Chris Pierson, CEO of cybersecurity firm BlackCloak.
"All the same controls, services, and capabilities that were needed last month are still needed. On top of that, additional remote cybersecurity and connectivity services and platforms will be needed as remote work increases," Pierson tells ISMG.
In other words, crises can bring opportunities for businesses that are able to help their customers solve them. "It is all about solving the problems that exist and are emerging that will enable a team's success over the next few months," he says.
Arguably, some organizations are already better positioned than others. As Investor's Business Daily recently noted, cybersecurity firms that have already begun to embrace cloud computing services, and "borderless" security concepts such as zero trust, are arguably much better-positioned to survive whatever impact COVID-19 ultimately has on the long-term economy, because they'll be giving the many organizations that increasingly rely on employees working from home the type of protection they need.
So it's good news that among the many hot-button topics and technologies discussed at last month's RSA 2020 conference in San Francisco, zero trust and securing cloud computing were some of the most frequently heard topics of discussion (see: Can a 'Zero Trust' Approach Work in the Supply Chain?).
Another area ripe for growth is anything to do with 5G, says Dan Ives, a financial analysts with Wedbush Securities. In a note to clients seen by Barron's, Ives predicts that security and software markets in general will continue to consolidate, but he notes that cybersecurity and technology embracing trends such as the cloud and 5G remain well-poised for growth.
"Looking past the fear and panic - and a potential, short-lived economic dent/softness - we believe these high-priority areas of spending and business models have attractive risk/rewards looking ahead and we would be buying these tech names at current levels," Ives says.
Executive Editor Mathew Schwartz contributed to this report.