LogRhythm, a security intelligence and analytics firm owned by Thoma Bravo, will merge with competitor Exabeam, which provides AI-driven security operations. Exabeam is also owned by Thoma Bravo. The merged company aims to enhance R&D investments, product innovation, service coverage, and customer support. The deal will close in the third quarter of 2024, with financial terms undisclosed.
Mergers and acquisitions play a critical role in shaping cybersecurity prevention strategies. However, mergers and acquisitions also burden organizations and managed security service providers (MSSPs).
ForeNova, a managed detection and response (MDR) provider based in the European Union (EU), understands the importance of minimizing service disruptions affecting its clients. Its choice of service offerings and platforms to deliver its offerings understand the need to maintain consistency and innovation to support its clients.
Like many in the tech space, ForeNova pays close attention to companies acquired by private equity or large companies.
Are you concerned about disruptions to your current cybersecurity protection portfolio?
Click here to schedule a discussion with ForeNova's solutions experts to assess your current capabilities and identify potential future risks.
What is the Role of Privacy Equity (PE) in Cybersecurity?
“The global information technology sector is still highly concerned about cybersecurity in 2024, especially after a significant increase in security incidents last year. After experiencing a decline of over 18% in cybersecurity mergers and acquisitions in 2023, experts predict a strong and dynamic M&A environment for 2024.”
The role of cybersecurity in private equity is critical. PE investments become a driver of sustained growth and credibility. PE firms prioritize cybersecurity in their investment approaches to ensure their financial security and improve the strength of the industries they influence.
PE Firms Continue To Be Targeted By Global Hackers
Private equity firms face significant risks from potentially malicious actors as they handle vast amounts of personal and financial information. Therefore, they must enhance their cybersecurity practices and technology while fostering a security-conscious culture within the company.
“Navigating the cybersecurity landscape in private equity investments comes with its own set of challenges. Limited visibility into the cybersecurity postures of portfolio companies, the growing nature of cyber threats, and the varying degrees of cybersecurity maturity among target companies pose significant hurdles.”
Despite advancements in enterprise risk management, consignees' knowledge of cybersecurity risks needs to be improved. The absence of standardized practices in the private equity sector makes implementing leading cybersecurity frameworks uniformly challenging. Private equity funds face dealing with increasing industry-specific compliance obligations while also implementing a standardized risk management framework across their portfolios.
PE Firms Prone to Ransomware and Email Phishing Attacks
Because equity firms use sensitive information, such as bank account numbers, personal addresses, or account information, ransomware is a common form of malware in the industry.
Email phishing is a problem for private equity firms, resulting in business email compromise, financial fraud losses, data exfiltration breaches, and identity theft.
“The primary way that hackers use phishing to attack PE firms is through impersonation emails asking for private data like financial information that is personally identifiable.”
PE Firms Acquiring, Repacking, and Realigning Cybersecurity Assets
Thoma Bravo is one of the leading PE investment firms, with over 40 years of experience acquiring cybersecurity startups, established companies, and technology capabilities that are still in incubation.
The company will hire industry-leading CEOs with experience rebuilding and realigning their investments for a future initial public offering or merger with another Thoma Bravo asset.
PEs make several financial adjustments to newly acquired assets, including laying off employees, reducing employee benefits, and phasing out underperforming products and services.
These decisions are driven by the organizations' expectations of return on their investments and the desire to capture a critical piece of a specific or broad market segment.
Specifically, the merger of LogRhythm and Exabeam is an excellent example of this financial strategy. Thoma Bravo combined two portfolio assets and focused the new company on the product and brand name that was currently more successful in acquiring new clients and their solutions with clear market leaders.
Overview of LogRhythm and Exabeam Merger
The newly formed company has adopted Exabeam's New-Scale cloud SIEM product because of its strong market performance since its launch in October 2022, leading to the discontinuation of LogRhythm's Axon offering. “With the success of New-Scale, the company will now operate under the Exabeam name, with Chris O'Malley - former leader of Thoma Bravo-owned LogRhythm since February 2022 - as the top executive.”
New-Scale SIEM is a vital security tool on the Exabeam platform that helps security teams worldwide with advanced threat detection and response.
Going Forward With Exabeam
“Nearly 600 organizations have adopted Exabeam New-Scale in just 21 months.”
“O'Malley said the product helps CISOs transform generalists into Level 1 analysts, continuously improve their security operations, and effectively communicate value to justify investments. Specifically, he said, the New-Scale SIEM product portfolio boosts investigative capabilities with AI and behavioral analytics, provides maturity assessments, and helps benchmark progress.”
How Will the Exabeam and LogRhythm Change M&A Activity in the SIEM Market?
LogRhythm, a 20-year veteran company in the SIEM space, struggled to maintain growth and profitability in recent years. Exabeam merged in 2013, focusing on being an ecosystem partner for SIEM solutions. In 2020, Exabeam also came to market with its own SIEM offering. Their solution embedded two innovative capabilities in attack chain visualization and threat analysis. However, in recent years, even Exabeam’s sales began to slow.
At least on paper, the merge will help Thoma Bravo reduce costs in two portfolio assets while merging the most compelling features into a next-generation solution. Even with this strategy, the new merged solution will face an uphill battle against market leaders like Microsoft Sentinel. Currently, Microsoft touts close to 20,000 customers globally.
Another vendor gaining marketing share in the SIEM space is Devo. Along with Google Cloud, cloud-based host SIEM solutions will continue to evolve beyond their current feature functionality. Recently acquired by Cisco, Splunk will become the foundation for the company's artificial intelligence and observability of product and service offerings.
How Will the Consolidation of the SIEM Effect Managed Detection and Response Market?
Managed detection and response (MDR) service providers continue to follow the consolidation happening in the SIEM market. Many MDR providers also offer a managed SIEM offering based on either an in-house solution or one of the market leaders. Organizations previously invested in LogRhythm or legacy Exabeam solutions face an uphill challenge of either staying on their current offering until the product becomes end-of-life, fork-lifting to the new merged solution or considering a complete displacement with a competing product. For MDR and hosted SIEM providers, this situation is far more complex.
Host SIEM service providers supporting several clients using multi-tenancy have several challenges if they move away from the legacy LogRhythm or Exabeam solutions. Migrating several instances to a new solution without disrupting their client's log analysis, event correlation, and detection response services will require careful planning and execution.
Another more critical point is that hosted SIEM service providers will need to evaluate if PE will soon acquire or sell off tools they are currently consuming.
CIOs and CISOs also share the same concerns.
What is the Risk to CISOs and CIOs?
CIOs and CISOs continue to invest in SIEM solutions, extended detection and response (XDR) powered by AI, and managed services to help manage these solutions. Suppose a solution these leaders have invested in, including financial and human capital, becomes part of a PE investment portfolio or is acquired by a large player.
The SIEM and XDR are critical in the organization's security operations (SecOps) strategy. These tools are also essential for the organization to maintain its compliance, regulatory mandates, and reporting requirements.
What risk does this pose to their organization?
Why ForeNova?
CIOs and CISOs are growing concerned with the constantly changing cybersecurity landscape and need to evaluate what kind of managed SIEM and MDR services align with their three-to five-year strategy.
ForeNova, a global provider of MDR and hosted SIEM-Lite offerings, understands the risk they pose to their clients if they choose solutions or develop offerings that become subject to disruptions. ForeNova's expertise in the European Union market, especially in German small-medium enterprises (SMEs), understands the importance of solution consistency and delivery.
ForeNova continues to evaluate and assess new offerings and its current tool portfolio to ensure minimal disruptions as mergers and acquisitions change the cybersecurity landscape.
Do you want a second opinion for your cybersecurity detection and response or SIEM strategy and the possible to risk due to M&A activities?
Click here to schedule your first consultation with the ForeNova team today!
.svg)
.svg)
