KBS - Cyber Security & I.T. Infrastructure - Market Insight

MARKET INSIGHT – CYBER SECURITY AND I.T. INFRASTRUCTURE

M&A ACTIVITY CONTINUES TO RISE WITHIN THE CYBER SECURITY AND I.T. INFRASTRUCTURE INDUSTRY

The UK cyber security and I.T. infrastructure industry is experiencing remarkable growth, with mergers and acquisitions (M&A) activity on the rise. The sector encompasses providers of essential tools and services that protect organisations’ digital assets, optimise IT operations and enable seamless infrastructure management. This includes solutions for threat detection, data protection, network monitoring, cloud optimisation and enterprise software integration. KBS Corporate’s extensive experience in managing successful transactions, allied to our ongoing engagement within this dynamic market, has provided us with a unique perspective. We have conducted an in-depth analysis of the company sales landscape within this sector, offering valuable insights into the key trends shaping sales activity. This includes the strategic moves of leading acquirers and the vital role of private equity in driving industry consolidation. We present significant industry transactions, highlighting notable deals and market dynamics that are reshaping the competitive landscape - along with a detailed overview of completed transactions facilitated by KBS Corporate - offering a practical look into real-world M&A examples within the cyber security and I.T. infrastructure space.

Security Services dominates the market

with a projected market volume of $97.30bn in 2024.

CURRENT LANDSCAPE Private equity-backed deals continue to dominate but after four consecutive quarters of activity growth, it appears PE investors are starting to see more trade competitors in the market.

PERCENTAGE OF PE-BACKED DEALS

2022

2023

2024

74%

71%

70%

67%

67%

66%

63%

67%

67%

64%

60%

Q1

Q2 Q3 Q4 Q1

Q2 Q3 Q4 Q1

Q2 Q3

6%

7%

13%

10%

7%

9%

36%

22%

65%

84%

11%

30%

Software Development

Software Distribution

Data Storage

Digital Transformation Consulting

IT Managed Services

Cloud Services

Communications

Cybersecurity

Business Intelligence/ Data Analysis/ AI

Print Managed Services

IT Hardware Distribution

Network/ Connectivity Services

KEY DRIVERS AND MOTIVATIONS FOR ACQUIRERS 1. INTEGRATION OF TECHNOLOGIES, SUCH AS THE INTERNET OF THINGS (IOT), MACHINE LEARNING AND CLOUD, TO DRIVE MARKET GROWTH Due to a rise in I.T. security threats, and hence the increased importance of I.T. security, companies need to invest in safer and more resilient systems. Core technologies, such as the Internet of Things (IoT), Machine Learning (ML) and Cloud, along with big data, are being utilised in security systems. AI is also helping to detect certain threats. The adoption of these technologies, in particular IoT, is a recent emerging trend. The I.T. security market is growing due to:

• The increasing importance of data privacy • Cyber security transformation due to AI and ML • Business strategy and security integration • Growing zero-trust architecture and approaching methods 2. THE UK I.T. SERVICES SECTOR IS ENTERING A GROWTH PHASE

Q3 2024 showed a significant increase in the number of deals being completed – 162, compared with the 151 transactions logged in Q2, an increase of 7%. That raised the total number of deals within the last three years to 1,687. The market was positioned for growth due to factors such as the improving economy, an expected reduction in interest rates and business owners predicting changes in the UK’s Capital Gains Tax regime. 3. THE GLOBAL I.T. SECTOR The global M&A market has withstood continuing economic uncertainties and geopolitical tensions, with total deal value reaching an impressive $9.2bn in Q3 2024, remarkably higher than the $2.2bn recorded in the equivalent 2023 quarter. 4. PE INVOLVEMENT IS HIGH – HOWEVER, TRADE BUYERS ARE ENTERING THE MARKET Private equity still accounts for most transactions, but the increasing percentage of non-private equity deals demonstrates that trade buyers are returning to the market. Overall in Q3 2024, of the 162 deals completed, 67% were backed by PE.

PE firms are pursuing a buy-and-build platform strategy for bolt-on acquisitions, focusing on acquiring new capabilities and expanding into new markets.

Various strategies have been pursued, including large buyouts such as Thoma Bravo acquiring Darktrace, a UK cyber security company, for $5.3bn. Thoma Bravo has the size and power to build platforms and buy established companies. In contrast, growth-stage investors will invest into technologies that will be scaled and then sold on, e.g. Tikehau Capital has set up a fund for cyber security software opportunities.

5. TRENDING: CYBER SECURITY Cybercrime was predicted to cause $9.5tn of damage in 2024. Consequently, there was a notable increase of 28% in the deals recorded from Q2 to Q3. Moreover, as a result of the COVID-19 pandemic, many organisations had been left vulnerable to an increase in cyber security attacks. This can be attributed to more remote work taking place as well as the shift to virtualised I.T. environments such as the infrastructure, data and network of cloud computing. Furthermore, global tensions, such as the Russia-Ukraine war, continue to accelerate cyber security spending and sharpen the priorities of organisations. 6. VENTURE CAPITAL FUNDING RISES Venture capital (VC) funding for cyber security companies rose 97.4% year-on-year in 2024 to $7.5bn. Moreover, deal volume also increased, rising 21.2% YOY to 446 VC-funded transactions, and is forecast to continue growing.

EBITDA MULTIPLE RANGES IN THE CYBER SECURITY AND I.T. INFRASTRUCTURE SECTOR For companies operating in the UK cyber security and I.T. infrastructure sector, EBITDA multiples have generally ranged between 10x and 15x, with some premium deals achieving even higher valuations. KEY VALUATION DRIVERS INCLUDE: • Cyber Security Specialists: Businesses offering advanced threat detection, incident response and managed security services often achieve multiples of 12x-15x, reflecting the critical importance of these services in the modern digital landscape. • Cloud and Infrastructure Software Solutions: Companies focused on cloud infrastructure management, DevOps tools and SaaS-based IT management platforms typically see multiples between 10x and 13x, with growth potential influencing the valuation. • Recurring Revenue Models: Firms with subscription-based or licensing revenue streams often achieve valuations at the higher end of the range due to predictable income and client retention. FACTORS DRIVING HIGHER VALUATIONS AND EBITDA MULTIPLES IN THIS SECTOR The cyber security and I.T. infrastructure and software solutions sector’s valuation metrics are driven by several critical factors that highlight scalability, innovation and market relevance: 1. RECURRING REVENUE MODELS Businesses with high levels of recurring revenue, such as subscription-based software-as-a-service (SaaS) or managed security services, are highly valued. Predictable income streams reduce revenue volatility, making these companies attractive to investors. 2. SPECIALISATION IN HIGH-DEMAND SEGMENTS (CYBER SECURITY, CLOUD AND AI) Companies specialising in areas such as ransomware prevention, endpoint protection, cloud management tools and AI-driven threat intelligence attract premium valuations. These services align with high-priority needs for businesses undergoing digital transformation. 3. SCALABILITY AND GROWTH POTENTIAL Investors value firms with scalable solutions, particularly those that integrate seamlessly with existing enterprise systems or offer cross-industry applicability. Businesses with a global client base or high potential for geographic expansion tend to see higher multiples. 4. OPERATIONAL EFFICIENCY AND PROFIT MARGINS Strong EBITDA margins are a key driver of value. Efficient operations, automation in service delivery and minimal customer churn are significant factors that boost profitability and overall valuation. 5. INNOVATION AND TECHNOLOGICAL DIFFERENTIATION Firms offering unique, patent-protected or highly differentiated technologies — such as zero-trust architecture, AI-driven automation or bespoke software solutions — command higher multiples. Innovation is particularly valuable in combating emerging cyber threats or addressing complex IT challenges. 6. PRIVATE EQUITY AND STRATEGIC CONSOLIDATION TRENDS The sector is highly fragmented, driving strong interest from private equity firms and larger consolidators. These acquirers are actively pursuing niche providers to integrate into broader portfolios, enhancing the value through economies of scale or complementary offerings.

STRATEGIC INTERESTS OF PRIVATE EQUITY AND INVESTMENT BUYERS IN THE CYBER SECURITY AND I.T. INFRASTRUCTURE SECTOR The cyber security and I.T. infrastructure sectors are attracting significant interest from private equity (PE) and investment buyers. This heightened attention is driven by the sector’s rapid growth potential, its critical role across multiple industries, and ongoing market consolidation efforts. KEY STRATEGIC INTERESTS: 1. HIGH GROWTH POTENTIAL The cyber security market is experiencing significant demand due to the rise in cyber threats. This makes it an attractive space for investors seeking substantial returns. With society’s ever-growing reliance on technology, the demand for robust cyber security solutions continues to grow, offering lucrative opportunities for investors. 2. MARKET CONSOLIDATION Private equity firms can leverage their capital to acquire and consolidate smaller cyber security companies. This creates larger, more comprehensive platforms with greater market reach and operational efficiencies. Consolidation can also lead to improved pricing power and enhanced competitive positioning. 3. OPERATIONAL IMPROVEMENTS Private equity firms rely on their expertise in operational efficiency which they can utilise to optimise the cost structures of target companies. By improving sales processes, streamlining operations, and enhancing profitability, PE firms can significantly increase the value of their investments. 4. ADD-ON ACQUISITIONS Once a core cyber security platform is established, private equity firms can further expand their product portfolio through strategic add-on acquisitions. These acquisitions can bring complementary technologies or services, enhancing the overall value proposition and market presence of the portfolio company. 5. INDUSTRY EXPERTISE Identifying and investing in companies with innovative cyber security solutions, especially those addressing emerging threats, is crucial for success. Investors seek companies with strong intellectual property, skilled management teams, and a track record of innovation. 6. RISK MITIGATION

Due diligence and proactive cyber security measures are critical for managing cyber risks within portfolio companies. Implementing advanced security protocols and continuous monitoring helps protect investor value and ensure compliance with industry standards. The strategic interests of private equity and investment buyers in the cyber security and IT infrastructure sectors are driven by the need to protect investments, capitalise on growth opportunities, and foster innovation. By prioritising cyber security and leveraging their expertise, PE firms can enhance their competitive edge and ensure the long-term success of their portfolio companies.

Venture capital (VC) funding for cyber security companies rose

97.4% year-on-year in 2024 to $7.5bn.

KEY ACQUIRERS AND INVESTORS Key acquirers driving mergers and acquisitions in this sector include: • Cyber Security Giants: Palo Alto Networks, Fortinet, Check Point Software Technologies

• IT Infrastructure and Cloud Players: VMware, Splunk, Datadog

• Private Equity-backed platforms: Investments by firms such as Thoma Bravo, Vista Equity Partners and Bain Capital highlight the growing focus on consolidating and scaling niche IT solution providers. These acquirers typically prioritise firms with cutting-edge capabilities, recurring revenue streams and established client bases in high-growth industries such as finance, healthcare and government.

WHAT TYPES OF BUSINESSES ARE STRATEGIC ACQUIRERS PURSUING IN THE CYBER SECURITY AND I.T. INFRASTRUCTURE SECTOR? The cyber security and I.T. infrastructure landscape is evolving rapidly, driven by increasing cyber threats, cloud adoption and stringent regulatory requirements. As organisations strive to protect their digital assets, strategic acquirers are actively seeking opportunities to enhance their capabilities and expand market reach.

KEY AREAS OF INTEREST FOR STRATEGIC ACQUIRERS 1. MANAGED SECURITY SERVICES PROVIDERS (MSSPS)

With cyber threats becoming more sophisticated, businesses are outsourcing their security operations to managed security services providers (MSSPs). Companies offering 24/7 threat monitoring, incident response and security analytics are highly attractive acquisition targets. Acquirers seek MSSPs with strong automation capabilities, AI-driven security operations and expertise in cloud security to meet the growing demand for scalable, proactive defence. 2. IDENTITY AND ACCESS MANAGEMENT (IAM) The rise of remote work and hybrid cloud environments has fuelled the demand for robust IAM solutions. Strategic buyers are targeting firms specialising in multi-factor authentication (MFA), single sign-on (SSO), privileged access management (PAM) and zero-trust security frameworks. Companies with innovative identity verification and behavioural analytics capabilities are especially appealing. 3. CLOUD SECURITY & SECURE ACCESS SERVICE EDGE (SASE) SOLUTIONS As businesses transition to cloud-based infrastructures, security threats targeting cloud environments are increasing. Acquirers are actively seeking firms offering Secure Access Service Edge (SASE), cloud-native security platforms and advanced cloud workload protection. Businesses that provide seamless integration with major cloud providers (AWS, Azure, Google Cloud) are in high demand. 4. ENDPOINT & NETWORK SECURITY Endpoint security remains a priority due to the growing number of remote devices and ever evolving ransomware threats. Companies offering Extended Detection & Response (XDR), Endpoint Detection & Response (EDR), and AI-driven threat detection are prime acquisition targets. Similarly, businesses with network security innovations, such as next-generation firewalls and intrusion prevention systems, are seeing increased interest. 5. COMPLIANCE & RISK MANAGEMENT SOLUTIONS With global data privacy laws (GDPR, CCPA, HIPAA, etc.) becoming stricter, enterprises need compliance focused security solutions. Acquirers are investing in firms that provide automated compliance management, risk assessment tools, and regulatory reporting solutions to help organisations navigate complex legal landscapes. 6. THREAT INTELLIGENCE & INCIDENT RESPONSE The ability to anticipate and respond to cyber threats in real time is crucial. Companies specialising in threat intelligence, advanced analytics and rapid incident response are key acquisition targets. Firms that leverage machine learning for predictive threat detection or provide tailored threat intelligence reports are especially valuable. 7. IT INFRASTRUCTURE & MANAGED SERVICES With digital transformation accelerating, enterprises are seeking robust IT infrastructure and managed services solutions. Acquirers are looking for firms offering hybrid cloud management, secure IT operations and infrastructure-as-a-service (IaaS) to support the growing need for scalable IT environments. As cyber security threats continue to evolve, strategic acquirers are prioritising businesses that offer cutting-edge technology, automation and scalable solutions. The M&A market in this sector remains highly active, with strong interest in companies that provide comprehensive security, compliance and managed IT services. Organisations positioned at the forefront of cyber security innovation will continue to attract strong acquisition interest as digital security becomes an ever-greater business imperative.

M&A ACTIVITY IN THE CYBER SECURITY AND I.T. INFRASTRUCTURE SECTOR

MITIGATE CYBER ACQUIRED BY CITATION GROUP

KBS DEAL

Mitigate Cyber, a trusted and highly reliable provider of cyber security services which offers testing, training and certification services across the UK through its innovative hub, was sold to Citation Group - which was making its sixth acquisition in less than two years.

ATLAS IDENTITY ACQUIRED BY INTRAGEN

Atlas Identity, one of the UK’s fastest-growing IAM service providers and recognised in The Sunday Times Hundred 2024, became the third acquisition made since July 2023 by Intragen, backed by specialist software and services-focused lower mid-market growth investor FPE Capital.

TELLEMACHUS ACQUIRED BY BEDROQ

KBS DEAL

Tellemachus, a long-standing provider of I.T. technology solutions with an enviable blue-chip client base, was sold to Bedroq, which continued its acquisition-via-growth strategy and extended its geographical footprint to Glasgow.

AT ON LINE COMPUTING ACQUIRED BY TELA TECHNOLOGY

KBS DEAL

At On Line Computing, a London-based provider of IT and information security managed services to SMEs in the UK, was sold to Tela Technology, a communication solutions and IT business services company which benefits from partnerships with multiple blue-chip companies and offices across the UK and wanted to diversify its service offerings.

PRIVATE EQUITY CONNECTIONS PE investments into cyber security and I.T. infrastructure companies are a highly significant part of the sector.

For example, a highly noteworthy transaction was Thoma Bravo’s acquisition of Darktrace, a global leader in cyber security artificial intelligence, which valued the company at approximately $5.3bn.

We maintain active relationships with many leading private equity houses that either hold or are actively seeking acquisitions in the cyber security and I.T. infrastructure space, and which also receive funds from institutional investors.

Other prominent private equity transactions in this sector include:

PHENNA GROUP INVESTMENT INTO IASME CONSORTIUM

KBS DEAL

IASME, which is committed to helping businesses improve their cyber security, risk management and governance through an effective and accessible range of certification schemes, received multi-million pound investment from Phenna Group, an investor and partner in selected niche, independent Testing, Inspection, Certification and Compliance (TICC) companies that serve a variety of sectors.

SOVEREIGN CAPITAL PARTNERS INVESTMENT INTO ACTICA

Actica, a specialist provider of digital transformation, cyber security and technical consultancy services to the public sector, received investment from UK private equity buy-and-build specialist Sovereign.

LDC INVESTMENT INTO ASPIRE TECHNOLOGY SOLUTIONS

Aspire secured significant minority investment from LDC, the UK’s leading mid-market private equity firm, in a transaction which valued the business at £85m.

BGF INVESTMENT INTO CELERITY

Preston-based hybrid cloud and I.T. managed services provider Celerity secured a £15million investment from UK growth capital investor BGF.

BGF INVESTMENT INTO PURECYBER

BGF also made a £5million investment into PureCyber, a Cardiff-based award-winning provider of a broad range of cyber security solutions across a range of sectors.

PHOENIX EQUITY PARTNERS INVESTMENT INTO LOGIQ

Logiq, a leading UK-based cyber security specialist with a particular presence in the defence sector, received backing from Phoenix to support the company’s growth plans.

BOWMARK CAPITAL INVESTMENT INTO TRANSPARITY

Transparity, the UK’s most accredited Microsoft partner delivering managed services in Cloud and artificial intelligence (AI), received investment to supplement its strong organic growth, to fuel growth via M&A in the UK and Europe and by creating new jobs to serve its growing customer base, and to address increasing customer complexity.

ALTERNATIVE/INSTITUTIONAL INVESTMENT ACQUISITIONS

MSP CORP ACQUIRED BY ALFAR CAPITAL AND WALTER CAPITAL PARTNERS

Alfar Capital and Walter Capital Partners completed the acquisition of MSP Corp, a renowned Canadian managed service provider group, in a transaction valued at over $100m. Post-acquisition, MSP Corp merged with Groupe Access, a leading managed service provider of technology and cyber security solutions to create a platform of managed services poised to lead the industry in digital transformation, cloud computing and cyber security solutions.

KNOWBE4 ACQUIRED BY VISTA EQUITY PARTNERS

KnowBe4, provider of the world’s largest security awareness training and simulated phishing platform, was acquired by Vista, a leading global investment firm focused exclusively on enterprise software, data and technology-enabled businesses.

MARKET INSIGHT • Revenue in the cyber security market was projected to reach $185.70bn in 2024

• Security Services dominates the market with a projected market volume of $97.30bn in 2024

• Revenue indicates an annual growth rate (CAGR 2024-2029) of 7.92%, resulting in a market volume of $271.90bn by 2029. The cyber security market can be considered in two segments - Security Services and Cyber Solutions. In 2023, the total revenue of the cyber security market reached $167.3bn. With around $90.2bn, Security Services represents the largest segment, comprising approximately 51% of worldwide revenues. Cyber security in developed countries is highly sophisticated, especially with integration of tools such as Machine Learning. Moreover, it is expected to grow in developing countries, as 20bn devices are predicted to be connected to the IoT globally by 2028.

Global revenue in the cyber security market in 2023: 1. UNITED STATES ($73BN) 2. CHINA (£13.04BN) 3. UNITED KINGDOM ($10BN)

300

271.90

255.70

250

238.10

221.80

202.99

200

185.69

167.29

150.16

150

139.89

121.92

115.21

102.74

100

89.72

In billion USD (US$) 83.32

50

0

2016

2018

2020

2022

2024

2026

2028

GROWING CYBER MARKET POTENTIAL: 1. MORE ATTACKS TARGETING SMALLER COMPANIES Fast-growing smaller organisations are exposed to proliferating digital touchpoints and ecosystem relationships. Moreover, the trust of customers can prove difficult to recover once a company has been breached. Mid-market entities are often targeted by criminals looking to exploit unsophisticated security tooling. 2. REGULATION Federal initiatives include the US National Defense Authorization Act, Executive Order 14028,5 and the extension of the False Claims Act to include the misrepresentation of an organisation’s cyber security programme and qualifications.

Rules around the world are equally stringent. The European Union’s General Data Protection Regulation, for example, may levy fines of up to 4% of global turnover against companies that fail to protect their customers.

Compliance to regulatory standards poses an increased challenge as new laws are put into place. Companies need to ensure they are equipped to meet the requirements and to protect their customers when it comes to cyber security concerns. 3. TALENT SHORTAGES A global cyber security talent shortage means companies have little choice but to do business with third-party service partners.

Across all segments, forecasted changes in allocated security spending are increasing as a percentage of services between internal and third-party services.

VC funding in infosec (information security) in North America and Europe is rebounding, driven by late-stage rounds. There was $8.8bn in VC funding through Q3 2024, putting the market well on course to surpass 2023’s total of $10.9 billion. The pre-seed stage is not prominent, lagging behind both the early and late stages. Moreover, the market is watching the recent listing of Rubrik, which went public in April 2024 and rose more than 45% by the end of the year. Therefore, the IPO pipeline is strong and has benefited from Rubrik’s performance.

Revenue in the cyber security market was projected to reach $185.70bn in 2024