As the cybersecurity market continues to mature, SecurityWeek’s annual M&A report provides an essential roadmap for understanding how corporate consolidation is reshaping the digital defense sector.
SecurityWeek’s M&A tracker cataloged 426 deals in 2025, including 334 involving pure-play companies.
The 2025 figure of 426 represents a 5% increase over 2024, signaling that the sector is once again on an upward trajectory after two years of consecutive decline.
While the total number of deals is lower than the 2022 peak (455), the value and complexity of the deals appear to be higher. In addition, the market continues to move away from the ‘buying everything’ trend observed in 2021/2022 to a more strategic, international consolidation.
The 2025 data shows that the market has become significantly more globalized.
At 288 participations for 426 deals, the US remains involved in roughly 67% of all global cybersecurity M&A. This is a slight recovery from the 63% low in 2023, but still well below the 80% dominance seen in 2021.
The UK saw a decline from 70 deals (2021) to 48 (2023). However, it rebounded to 67 in 2024 and maintained that momentum with 64 deals in 2025. The UK has solidified its position as the clear #2 global hub for cybersecurity M&A.
After being overtaken in the rankings in 2024, Israel has reclaimed the 3rd position with 34 deals in 2025.
Ireland and Sweden saw fewer than 10 deals in 2024 after a strong 2023. In 2025, they bounced back to 12 and 11 deals respectively.
Capital allocation and valuation trends
Financial details were disclosed for 74 deals for a total disclosed value of $92.5 billion. This includes 63 deals involving pure-play cybersecurity companies, with a total disclosed value of $84 billion.
The total disclosed deal value has surged by approximately 82% year-over-year, which can largely be attributed to Google’s planned acquisition of cloud security giant Wiz for $32 billion.
The industry has sustained its appetite for billion-dollar acquisitions, with 11 deals exceeding the $1 billion mark.
In addition to Google-Wiz, seven deals involving pure-play cybersecurity firms surpassed $1 billion, including Palo Alto Networks acquiring CyberArk ($25B) and Chronosphere ($3.3B), ServiceNow’s acquisition of Armis ($7.7B) and Veza ($1B), Francisco Partners buying Jamf ($2.2B), Veeam Software acquiring Securiti AI ($1.7B), and Proofpoint acquiring Hornetsecurity ($1.8B).
This suggests that large-scale platform consolidation is now a permanent fixture of the landscape.
The $100M-$999M range was the primary engine of growth in 2025. This indicates that acquirers are focusing on mature, established cybersecurity companies rather than early-stage startups.
This also suggests that the industry is currently in a phase of strategic scaling, where medium-sized specialized leaders are being swallowed by larger platforms to create all-in-one security suites.
There has been a noticeable decline in the number of disclosed deals under $100M (down to 26 in 2025 from 32 in 2024). This implies that ‘tuck-in’ acquisitions of very small startups are either becoming less frequent or are less likely to have their financial terms disclosed compared to larger, more impactful deals.
Sector deep-dive and domain expertise
SecurityWeek data shows that 125 deals involved managed security solutions providers (MSSPs) in 2025, including 60 pure cybersecurity providers. This includes product distributors and companies that offer other products and services in addition to cybersecurity.
While activity involving MSSPs has increased from 119 deals in 2024, it remains significantly lower than the 150+ seen in 2022 and 2023.
After a sharp drop in 2024, the 2025 figure suggests the market has found its new normal. It is no longer in a freefall, but it hasn’t returned to the frantic buying spree of 2022-2023. The strategic value remains high as managed services continue to be the primary way small-to-medium enterprises consume security.
While it’s important to keep track of MSSP deals, we are tracking them separately in an effort to get a better view of the other categories.
Several core security sub-sectors experienced significant upward momentum in 2025, as acquirers seem to prioritize data sovereignty, identity integrity, and regulatory compliance.
With 82 deals, GRC (governance, risk, and compliance) reached a five-year peak in 2025. While it has always been a top category (averaging 65 deals from 2021-2024), the jump to 82 suggests that companies are prioritizing regulatory requirements over purely technical defenses.
Data protection recorded aggressive growth, surging from 44 deals in 2024 to 63 deals in 2025. This reflects an industry shift toward data-centric security.
While still a smaller category, AI security is showing a clear upward trajectory. It recorded 8 deals in 2024 and has increased to 13 deals in 2025, mirroring the broader tech industry’s focus on securing LLMs and AI pipelines.
After a significant slump in 2024 (dropping to 28 deals), identity has bounced back to 43 deals in 2025, returning to its historical levels from 2022 and 2023.
While several sectors saw record growth, four categories experienced a cooling in M&A activity, reflecting a pivot away from reactive tools toward long-term governance and data resilience.
One of them is incident response, which has seen a notable decline, dropping from a peak of 38 deals in 2024 to 25 deals in 2025.
Private equity-led acquisitions have also cooled significantly. They spiked to 37 in 2023 but dropped to 18 in 2025, returning to the levels seen in 2021 and 2022.
After a strong 2024 (16 deals), interest in companies specializing in industrial/OT cybersecurity appears to have leveled off, dropping back to 9 deals, the same number recorded in 2023.
Application security saw a steady rise in M&A deals through 2024 (reaching 31), but dipped slightly to 26 in 2025.
Two types of companies stand out for remaining steady throughout the years. Network security remains the most consistent category in the dataset. It has hovered almost exactly at the same level for four years, with roughly 40 deals announced every year between 2022 and 2025.
The government contractors segment is also remarkably stable, consistently recording between 36 and 38 deals annually (except for a slight outlier of 43 in 2021). It sits at 36 deals for 2025.
The 2025 data indicates a market shift away from reactive tools (incident response) and toward resilience and compliance infrastructure (GRC and data protection). While 2024 was a year of diversifying into specialized niches, 2025 appears to be a year of consolidation around the core pillars of governance and data privacy.
Monthly summaries of 2025 cybersecurity M&A deals: January, February, March, April, May, June, July, August, September, October, November, December.
Methodology: The data was collected through news distribution services, Google searches and pitches from PR companies. The data includes companies that issued press releases announcing or mentioning acquisitions, as well as deals that have been privately reported to SecurityWeek. All deals that had a cybersecurity component have been taken into account for this study. Mergers and acquisitions that did not have an English-language announcement may not be included. The data could also include some deals that may have not been completed after they were announced.
The GRC category includes governance, compliance, risk management, audit, assessment, vulnerability management, penetration testing, attack surface management, offensive security, and cyber insurance. Network security includes endpoint security, MDR, XDR, NDR, and SASE. Identity includes IAM, PAM, secure access, authentication, and authorization. Incident response includes SOAR, SIEM, SOC, and forensics. ‘Other (specialized)’ includes hardware, quantum, media and events, healthcare, brand protection, financial, online safety, SAP, recruiting, real estate, and automotive. Data protection includes encryption/cryptography, VPN, privacy, backup and blockchain. MSSP includes cybersecurity solution distributors and companies that do not develop their own products or solutions. The AI category only includes companies specializing in securing AI.
