In Europe, cyberattacks are on the rise, exacerbated by rising digitalization – particularly in the context of remote working during the pandemic – and, more recently, renewed threats following Russia’s invasion of Ukraine.
Cyberattacks: rising up
The European Union Agency for Cybersecurity logged 304 significant cyberattacks in 2020 against critical sectors, including transport, energy, digital infrastructure, and healthcare, more than twice as many as it recorded the year prior. In the UK, according to the Cyber Security Breaches Survey for 2022 published in March and run by the government’s Department for Digital, Culture, Media, and Sport, 39% of all UK businesses reported a cyber attack in the preceding 12 months.
Cybersecurity M&A: picking up pace
Against this challenging backdrop, cybersecurity-related M&A picked up pace as companies looked to plug gaps and imbue confidence in their systems. According to specialist news outlet SecurityWeek, 2021 featured 435 publicly announced cybersecurity M&A deals globally, of which Europe accounted for 130, the bulk of those coming in the UK, followed at some distance by Germany and third-place Ireland.
The trend has continued in 2022 on the back of ongoing demand for high-quality assets, a strong pool of cybersecurity start-ups, and the growing comprehension that cyber issues permeate all facets of a business.
In February, UK-based software company Darktrace, which specializes in machine learning for cybersecurity, moved to acquire Netherlands-based Cybersprint. The following month, Italian cybersecurity company HWG was bought by Bahrain-based technology investor Investcorp. In mid-May, French defense and technology group Thales, which focuses on providing systems for the civil aerospace market, struck a deal to acquire cybersecurity companies S21sec, based in Spain, and Excellium, headquartered in Luxembourg.
Risk, regulation, and obligation
Rampant digitalization, the difficult geopolitical circumstances in which Europe finds itself, and increasingly strict regulation around companies’ cybersecurity and data privacy obligations mean M&A in this space will continue to grow in importance. In this day and age, no company can afford to ignore it.