PE firms flock to cybersecurity investment opportunities despite industry vulnerabilities; 3i Group launches new biologics-focused CDMO

Investors take on the multi-headed cybercrime beast.

Good morning, readers!

Today we’ve got a fascinating and timely deep dive from Milana Vinn on the proliferation of private equity investment in cybersecurity, which has surpassed more than $135 billion in deal value, including both buyouts and growth equity investments, since 2016, according to data compiled by PitchBook. The last two years saw the biggest increase as the health crisis closed the economy.

Cybersecurity will be one of the biggest recipients of private equity and venture capital investment, but GPs and LPs have to come to grips with just how much risk is acceptable, Milana writes.

“SolarWinds drew much wider attention to a problem that really has been an epidemic for quite a while,” Hugh Thompson, managing partner at Crosspoint Capital, tells PE Hub. “This trend of, ‘How do we ensure the integrity of the platform that we’re working on,’ is such a critical one,” he says.

According to Thompson, who spent his entire career in cybersecurity and previously held positions as chief technology officer at Symantec and chairman of the RSA Conference, the cause of this epidemic is the lack of integrity in software coding.

The hack of SolarWinds, the full extent of which came into the public awareness in April, revealed that not even the highest levels of the US government are safe from cyber intrusions. SolarWinds was backed by Silver Lake and Thoma Bravo. The two firms cashed out of their interests in the companies one day before the hack was publicly revealed, selling a 5 percent stake to Canada Pension Plan Investment Board.

Among various other topics explored, industry experts also spoke to Milana on the rise of investment through the pandemic months:

“Because everybody was remote, because workforces were disparate, and people were no longer gathering in central locations to work, there were so many more failure points in access points into an organization that provided security risks,” says Seth Boro, managing partner at Thoma Bravo.

From a macro perspective, investors are not expecting this pace to slow down. They are predicting quite the opposite, and believe the security industry will continue to experience hyper growth, Boro says: “Public cloud infrastructure and cloud infrastructure, in general, has made it more complex and has created more avenues, more threats, and it also provided our companies with the ability to deliver incremental products.”

Elsewhere, Max de Groen, partner at Bain Capital, comments that the cybersecurity industry operates in what’s called a zero-trust paradigm, where the assumption is that someone, somewhere has already found a way into the enterprise network and there has probably been some sort of a breach.

“We’re seeing in all types of security, especially with these advanced breaches, the focus is more around identifying and completely containing threats before they have a chance to do any significant damage,” de Groen says.

For more insights from Crosspoint’s Thompson and Greg Clark, Thoma’s Boro, Bain’s Groen, as well as West Monroe’s Sean Curran and ContinuServe’s Paul Lennick, check out Milana’s feature on PE Hub.

That’s it! Have a great rest week ahead, and as always, write to me at with any tips, feedback or just to say hello!