The persistence and evolution of cybercrime across the US is reshaping mergers and acquisitions (M&A) in the cybersecurity sector. Driven by escalating threats, increasing costs and liability to businesses, and a growing and more defined regulatory framework, the cybersecurity market is witnessing a flurry of dealmaking activity, with 2025 already outpacing last year.
Though conflict in the Middle East introduces great uncertainty to global dealmaking, the growing number of headline-making breaches, increasing regulatory fines and consumer settlements and intensifying demand for digital defenses have been leading investors and strategic acquirers to reposition to capitalize on the need for stronger security infrastructure.
A Rising Tide of Threats
Cybercrime cost victims more than $16bn globally in 2024, according to the FBI’s latest Internet Crime Report—a 33% increase over 2023. In the US, the nature of attacks has ranged from low-tech scams to highly coordinated ransomware campaigns that have disrupted critical infrastructure and public services.
The year began with a major ransomware strike on Change Healthcare, a unit of UnitedHealth Group, which ultimately cost the company more than $2.8bn in response and triggered more than $6bn in downstream assistance to affected providers.
Other incidents, such as the November 2024 attacks on US telecom giants AT&T, Verizon and Lumen Technologies by Chinese hackers Salt Typhoon, underscored sector-wide vulnerabilities and the geopolitical dimensions of cybercrime.
Meanwhile, Check Point Research reported a 70% year-on-year increase in attacks targeting US utilities—one of the most sensitive areas of national infrastructure.
These incursions are not just becoming more frequent, but also more complex. Reports of phishing attacks are estimated to have surged by more than 4000% since the release of ChatGPT in late 2022, driven by generative AI tools that make scams more convincing.
Internet of Things malware attacks were up 124% in 2024, and ransomware continues to impact a majority of businesses, with 59% of organizations affected last year.
Market on the Move
Given the scale and growth of the threat, it is no surprise that the US cybersecurity market is expanding in lockstep. According to Statista, the market is projected to reach $88.3bn this year, growing at a compound annual growth rate of 7.1% through to 2029, when it is expected to hit $116.2bn.
Some estimates are even more bullish, with one projection estimating the market will balloon to $166.7bn by 2032, from $73.1 bn in 2025—a 12.5% compound annual growth rate.
This rising demand is powering big-ticket and mid-cap dealmaking activity alike. In 2024, US cybersecurity M&As saw 77 transactions worth a combined $4.9bn, a slower year by historical standards but still significant given the macroeconomic backdrop.
Major deals included Mastercard’s $2.7bn acquisition of threat intelligence provider Recorded Future and CyberArk’s $1.5bn acquisition of Venafi, a machine-identity management company.
Activity measured by value rebounded sharply in 2025, thanks in large part to a standout megadeal: Google parent Alphabet’s acquisition of cloud security unicorn Wiz for $32bn including net debt.
At the tail end of March, EQT led a $500m funding round for Tampa-based ReliaQuest, a security operations platform focused on threat detection and response. Just days earlier, Island, an enterprise browser company, announced a $250m Series E financing round led by Coatue Management. These funding rounds highlight the continued financial interest in mid-market targets with differentiated IP and strong enterprise traction.
Alphabet’s acquisition of Wiz, which is not only the largest cybersecurity deal on record but also the technology giant’s biggest play to date, lifted cyber M&A value to $32.9bn in Q1, nearly seven times the value recorded in all of 2024, despite there being a relatively modest 14 transactions made in the three-month period.
Regulations Ramping Up
A number of powerful forces are propelling this activity. Chief among them is the regulatory shift underway in direct response to the Salt Typhoon attacks. The Federal Communications Commission (FCC) has called on US telecom companies to shore up their defenses, adopting new rules.
FCC chair Jessica Rosenworcel stated in January, “Our existing rules are not modern. It is time we update them to reflect current threats so that we have a fighting chance to ensure that state-sponsored cyber-attacks do not succeed.”
In March, the FCC established a new Council on National Security tasked with utilizing the agency’s full range of regulatory, investigatory and enforcement powers to address foreign threats, with a particular focus on risks posed by China to the US technology and telecommunications sectors.
Its goals include reducing reliance on foreign adversaries in supply chains and mitigating vulnerabilities to cyber-attacks and espionage.
A wider wave of compliance-focused scrutiny is likely to impact other critical industries in the coming months. There has been heightened activity in Congress, where legislation has been reintroduced in the House of Representatives aimed at assessing and mitigating cyber threats from China that target US critical infrastructure more broadly.
Congressional committees have been holding hearings and pressing federal agencies such as the Department of Homeland Security (DHS) and its Cybersecurity and Infrastructure Security Agency (CISA) on their response to these threats and the overall security posture of the nation.
In addition, the Department of Justice (DoJ) finalized rules at the end of 2024 imposing cybersecurity compliance requirements on US entities transferring or permitting access to sensitive data to certain countries, including China, Russia and Iran, with enforcement slated to begin on July 8, 2025.
The Road Ahead for Cybersecurity M&A
Despite the sector’s obvious tailwinds, cybersecurity M&A still faces some challenges. Macroeconomic growth uncertainty and elevated interest rates have curbed risk appetite, particularly for leveraged transactions.
Valuations in some parts of the market remain frothy, with heavy competition for assets creating mismatches between buyer and seller expectations. The escalating Middle Eastern conflict could also put the brakes on dealmaking.
For the time being, however, all signs point to an acceleration in dealmaking in the space. The scale, sophistication and impact of cyberattacks continue to grow, and AI is emerging as a key battleground. As attackers adopt new intelligent tools to breach systems and manipulate users, defenders will need to match them in capability and speed.
This demands ongoing investment, not just in technology but in talent and intelligence. M&A will remain the primary means for companies to acquire these capabilities at scale, while private equity is demonstrating sustained interest in this long-term growth area.
While macro conditions may dampen deal activity in other sectors, cybersecurity appears to be entering a new cycle of strategic urgency. With more and bolder breaches, rising regulatory scrutiny, and threat and response innovation constantly evolving, cybersecurity M&A in the US will be a key area of opportunity—and necessity.
Click Here For The Original Source.
