Geopolitical events have heightened the need for robust cybersecurity, potentially creating opportunities as the industry moves toward consolidation.

Key Points

  • The threat environment has come to the fore following Russia’s invasion of Ukraine and is likely to remain elevated for the foreseeable future, leading to structural thematic tailwinds for cybersecurity providers.
  • The cybersecurity industry is gradually consolidating as enterprise clients seek to reduce their number of vendors.
  • Lower valuations could accelerate merger and acquisition activity, allowing multi-product, platform companies to augment their leadership positions.

Russia’s invasion of Ukraine has accelerated the deterioration of the cyber threat environment as cyber-attacks surge worldwide. This challenging environment has led companies to invest more than ever to ensure their digital safety, which has bolstered the cybersecurity industry. In particular, we believe that opportunities within the industry lie with companies that offer multiple services or products, as companies look to consolidate their vendors. Finally, we believe that the private markets offer a preview of what is to come in larger, public-market companies, as the smaller private companies are typically on the cutting-edge of technology enhancements.

Shields Up

The groundwork for these security threats was laid a few years ago as the pandemic-driven shift toward remote work led companies across all industries to increase their use of software-as-a-service (SaaS) applications. This technology created a larger ‘attack surface’ through which hackers could potentially access an enterprise’s systems, resulting in a significant rise in the number of reported cyber-attacks. In 2021, 623 million ransomware attacks were recorded globally, up 105% versus 2020 and 230% versus 2019.[1]

We believe this trend should strengthen following identified vulnerabilities in the widely used Log4j software, in addition to Russia’s invasion of Ukraine. Security providers reported a significant number of cyber-attacks against the Ukrainian government at the outset of the conflict. Additionally, escalating geopolitical tensions led the US government to issue a “Shields Up” notice in an effort to prepare organizations for potential retaliatory attacks. Digital transformation has shifted the battleground from the physical world into cyberspace, dramatically increasing the importance of effective cybersecurity solutions.

The Cost of Unpreparedness

Not only is the attack surface increasing, but data breaches are also becoming more costly. Globally, the total average cost of a data breach was $4.2 million in 2021, with companies taking an average of 287 days to identify and contain a data breach.[2] Crucially, cybersecurity solutions have been shown to reduce these costs. Additionally, companies with fully deployed security artificial intelligence and automation reported an average cost of a data breach which was almost 60% lower than companies that had not deployed those solutions. With this in mind, we believe there are numerous thematic tailwinds surrounding cybersecurity, which are likely to drive sustained increases in demand.

The Multiple Benefits of Multiple Products

While demand dynamics have been strong, the constantly changing threat environment has resulted in cybersecurity underperforming the broader technology index on average over the long term (although it has still outperformed the market). It should also be noted that there has been a significant dispersion in performance between innovative, long-term winners and companies that are left behind as threats evolve. Additionally, vendor consolidation is an ongoing trend within the sector. Enterprise clients typically have many security providers and would prefer to reduce their number of vendors in an effort to lower costs and decrease operational complexity.

With this in mind, we typically find the greatest value in companies that provide multiple products to their customers, leading to more durable relationships and making them less vulnerable to technological disruption. In a similar vein, we seek to avoid companies with a single product or narrow set of solutions, which can become vulnerable when the threat environment changes. We also favor companies with a ‘land and expand’ strategy (for example, selling additional solutions to the existing customer base) rather than those providers that continuously need to acquire new customers, which can be costly.

Private Markets as Testing Ground

Investment into privately held cybersecurity companies has ballooned in recent years, reaching almost $25 billion in 2021 alone.[3] This increased investment matches the vastness of the opportunity created by the burgeoning threat profile.

Plot, Diagram, Plan

Companies that are created and funded in the private markets are developing cutting-edge solutions to better manage legacy threats and protect against emerging threats stemming from changes in the workplace and advancements in technology.

We believe it is equally important to monitor these private companies for potential threats to incumbent cybersecurity providers and new opportunities. These opportunities can benefit certain incumbents, particularly more acquisitive platform companies, as they pursue mergers and acquisitions to expand their capabilities. Another prospect for public-market investors arises simply from new public companies that eventually come from this private-market funding. We believe our attention on these companies, ahead of their potential initial public offerings (IPOs), allows us an advantaged position during our analysis of their IPOs.

Text, Plot, Page

Finding Value in Consolidation

It is estimated that that the global cybersecurity market was worth $155 billion in 2021 and is set to grow at a 10% compound annual growth rate through 2026.[4] This large and growing market is also extremely fragmented. The largest global player has just a 6% market share, and the top-ten companies account for just over one-third of the market.[5]

However, market-share consolidation has increased in recent years, driven by the shift toward platform solutions. With the sector having derated year to date, valuations for many companies are now in line with or below historical merger and acquisition multiples, suggesting we could see an acceleration in consolidation activity. The deteriorating funding environment for smaller private companies could act as a further stimulus for mergers and acquisitions.


We believe that robust thematic tailwinds may lead to durable long-term growth for the cybersecurity industry, with recent market dislocations offering an opportunity for the strong to become even stronger. The continuing shift from the physical world to the digital world, accelerated by the Covid-19 pandemic, is making individuals, enterprises and governments increasingly vulnerable to cyber-attacks. We believe the threat environment could remain elevated and dynamic for the foreseeable future, leading to structural thematic tailwinds for cybersecurity providers in the period ahead. The recent pullback in public and private-market valuations has increased investor focus on the sustainability of companies’ business models and is likely lead to an acceleration in mergers and acquisitions, notably involving private companies. In our view, this should allow multi-product, platform companies to augment their leadership positions, creating additional value for shareholders over the long term.

[1] SonicWall, “SonicWall Threat Intelligence Confirms Alarming Surge in Ransomware, Malicious Cyberattacks as Threats Double in 2021.” February 17, 2022.

[2] IBM, “Cost of a Data Breach Report 2021.”

[3] PitchBook Data, Inc.

[4] Gartner

[5] Gartner


Robert C Zeuthen

Robert C Zeuthen

Head of secular pod, portfolio manager

PAST PERFORMANCE IS NOT NECESSARILY INDICATIVE OF FUTURE RESULTS. Any reference to a specific security, country or sector should not be construed as a recommendation to buy or sell this security, country or sector. Please note that strategy holdings and positioning are subject to change without notice. Newton manages a variety of investment strategies. Whether and how ESG considerations are assessed or integrated into Newton’s strategies depends on the asset classes and/or the particular strategy involved, as well as the research and investment approach of each Newton firm. ESG may not be considered for each individual investment and, where ESG is considered, other attributes of an investment may outweigh ESG considerations when making investment decisions. For additional Important Information, click on the link below.

Important information

For Institutional Clients Only. Issued by Newton Investment Management North America LLC ("NIMNA" or the "Firm"). NIMNA is a registered investment adviser with the US Securities and Exchange Commission ("SEC") and subsidiary of The Bank of New York Mellon Corporation ("BNY Mellon"). The Firm was established in 2021, comprised of equity and multi-asset teams from an affiliate, Mellon Investments Corporation. The Firm is part of the group of affiliated companies that individually or collectively provide investment advisory services under the brand "Newton" or "Newton Investment Management". Newton currently includes NIMNA and Newton Investment Management Ltd ("NIM") and Newton Investment Management Japan Limited ("NIMJ").

Material in this publication is for general information only. The opinions expressed in this document are those of Newton and should not be construed as investment advice or recommendations for any purchase or sale of any specific security or commodity. Certain information contained herein is based on outside sources believed to be reliable, but its accuracy is not guaranteed.

Statements are current as of the date of the material only. Any forward-looking statements speak only as of the date they are made, and are subject to numerous assumptions, risks, and uncertainties, which change over time. Actual results could differ materially from those anticipated in forward-looking statements. No investment strategy or risk management technique can guarantee returns or eliminate risk in any market environment and past performance is no indication of future performance.

Information about the indices shown here is provided to allow for comparison of the performance of the strategy to that of certain well-known and widely recognized indices. There is no representation that such index is an appropriate benchmark for such comparison.

This material (or any portion thereof) may not be copied or distributed without Newton’s prior written approval.

Explore topics