Main menu


M&A Technology Stalwart Dedicated to Cybersecurity — Mergers and Acquisitions

Already heavily invested in cybersecurity growth prospects – as threats continue to hit and risks are higher than ever – Thomas Bravo Announced all-in with Ping Identity in early Augustis a leading provider of identity access management services to businesses worldwide. Ping’s mission statement is to protect your customers and suppliers, as well as your employees, and ensure that all digital interactions are secure and seamless. Not without competition, it’s a bustling space fueled by digital transformation and a move to the cloud.I interviewed Thomas Bravo chip burnig under.

“Ping Identity is well positioned to take advantage of opportunities in this space,” he said. chip burnig, partner of Thoma Bravo. Virnig goes on to say that the market Ping competes in represents one of the fastest growing segments of the broader $170 billion cybersecurity industry.

Ping’s private deal, worth $2.8 billion, is expected to close by the end of the year. It follows several high-profile acquisitions, including the recent acquisition of Thoma Bravo. Sophos (next generation endpoint and network security), proof point (email security category killer) and Sailpoint Technologies (Identity Governance and Management).

chip burnig

In a phone interview the day the deal with Ping was announced, Virnig said: “Yes, we are betting big. It is a huge industry going nowhere. All the issues ten years ago are all still relevant today. , remote work, ransomware, and more.

Wilnich brown university After graduating, gained experience as a multi-industry analyst in the investment banking division. Merrill LynchHe moved to Thomas Bravo in the summer of 2008. That was just weeks before Merrill went bankrupt due to the global financial crisis. bank of americaAmong Virnig’s first big deals at Thoma Bravo was the $2.4 billion acquisition of the mainframe giant. Compuware 2014. In 2019, Thoma Bravo spun out. dyna trace Successful IPO from Compuware, then Compuware BMC software, KKRA company focused on total IT solutions owned.

Over the past 14 years, Thoma Bravo has emerged as one of the most active investors in cybersecurity and shows no sign of slowing down.

Vernig took the time to talk Mergers and AcquisitionsThey discussed some of the emerging trends in cybersecurity, including the optimistic side of the cybersecurity field and the factors that keep him up at night.

What would it be like if you were the CISO and were building cybersecurity for a large enterprise from scratch?

Burning: No one builds these things from scratch, but hypothetically they would start by securing their networks and endpoints via next-gen endpoints and next-gen firewalls. It spawned the cybersecurity market more than a decade ago and remains the largest category of cyber spending to this day. From there, you need to go through a myriad of subcategories, such as managing identities, securing applications, encrypting data, hardening public cloud posture, securing email/digital communication channels, and more. That means we would need at least 35+ vendors to cover today’s current threat landscape. It is not uncommon for large companies to deploy 50 unique cybersecurity his solutions in a given year. “Oh sorry I got hacked. I was just trying to strengthen the relationship.” This is an area where best-of-breed matters and there is no excuse for trying to save money.

Will we see some consolidation in the end?

Burning: Our thesis is that this will remain highly siled for the foreseeable future. Yes, but I haven’t seen a vendor that works well as a “one-stop-shop” for all things cyber.

How will the move to the cloud affect cybersecurity?

Burning: For nearly 50 years, large and complex enterprises have built policies and protocols specific to their heterogeneous on-premises infrastructure needs. These same companies are also in the early stages of moving to the cloud, but the question is how do they apply the same policies and protocols that have protected them? [on-premises] Do you want to migrate your decades-old infrastructure to a new and rapidly growing cloud infrastructure? It gets even more complicated. There is nothing scarier from a security perspective than maintaining best-in-class cybersecurity in a hybrid plus multicloud environment. Unfortunately this is not seamless. Machine learning and AI have a role to play in assessing threats and helping teams be more proactive in detecting them, but it’s a pretty daunting to-do list. While the move to the cloud has taken hold and IT has become much more efficient, it is important to note that the threat landscape in the cybersecurity industry has increased significantly. No magic bullets.

Cybersecurity threats are growing with the complexity of trying to counter them, and the bad guys seem to know this… could the good guys even win?

Virnig: Businesses know that cyber breaches can never be prevented 100%. They will settle at 95 percent. The real question is, if hacked, how quickly can the team figure out what happened? And how long will it take for a response to defuse the situation? When I read about a hack, companies often don’t disclose this for weeks. These guys are too good. The damage has already been done. What’s really scary is that the underground industry of selling personal data has grown so large that it motivates smart programmers to create their own malware and sell it to cybercrime gangs. Now the incredibly talented software he engineer has effectively become a “digital arms dealer”. So it’s not about if you’ll be hacked, but when. As such, cybersecurity is now firmly embedded in corporate budgets.

Given what we know about the sector and the number of rising threats, what are the worst-case scenarios?

there is no shortage of them. Nothing is off limits given that all this is a world of ‘connected’ devices. I’ve read stories that show hackers can control everything from cars to pacemakers. We’ve seen real-world hackers compromise gas pipelines and national power grids.I don’t want to paint a doomsday scenario, but without effective cybersecurity, we could be in trouble. James Cameron movie. “Judgment Day” is not such a big deal. Nation-state attacks have increased significantly over the years. Most recently, during the early stages of the war, the entire cyber industry witnessed a massive increase in targeted Russian campaigns. It’s all you can imagine, and unfortunately we still can’t even figure it out.

What subsectors should I focus on besides cloud security and identity?

One thing that has become very clear since the pandemic is that even the best-in-class cybersecurity solutions in place are only as strong as the weakest link. People-centric security solutions cannot be overlooked. This goes beyond identity access management. Over the past five years, the email security market has been very bullish. Barracuda Networks And most recently, Proofpoint. During the pandemic, the number one source of ransomware was targeted spear-phishing attacks via email. Email security has been around for a long time, but it’s more important than ever. All it takes for a world-class CISO to completely undermine his best-of-breed cybersecurity infrastructure is for one employee to click one inappropriate link in an email. Another category we strongly believe in is dev sec ops. The paper there is that every company is becoming a software company, so their digital footprints are becoming more and more under attack.

Hackers can now break into banks by finding vulnerabilities in the underlying code of bank websites. Fifteen years ago it wasn’t so dangerous.