Sets New Standard for End-to-End Machine
Identity Security
Provides Significant Top-Line Growth Synergies
and Expected to be Immediately Accretive to Margins
Expands CyberArk’s Total Addressable Market
with Complementary Machine Identity Solutions
CyberArk (NASDAQ: CYBR), the identity security company, today
announced it has signed a definitive agreement to acquire Venafi, a
leader in machine identity management, from Thoma Bravo. This
acquisition will combine Venafi’s best-in-class machine identity
management capabilities with CyberArk’s leading identity security
capabilities to establish a unified platform for end-to-end machine
identity security at enterprise scale.
Digital transformation and ongoing cloud migration have led to
an exponential increase in the number of machine identities, such
as workloads, code, applications, IoT devices and containers. The
number of machines is rapidly outpacing the growth in their human
counterparts, with more than 40 machine identities for every human
identity. Left unprotected, they serve as a lucrative hunting
ground for cybercriminals. These machine identities need to be
discovered, managed, secured and automated to keep their
connections and communications safe. This is made more complex by
shorter certificate lifecycles, from 398 to 90 days, and the need
to be quantum ready.
According to Forrester1, “Historically, enterprises have taken
less interest in managing machine identities compared with human
identities, in part because machine identities present different
requirements and more complicated lifecycle challenges. However,
the exponential growth of machine identities, both for devices and
cloud workloads, has brought attention and urgency to improving
machine identity management to reduce the risks stemming from this
expanded threat surface. Machine identity growth will outpace human
identities, necessitating advanced and automated approaches to
effectively manage machine identities and associated risks.”
The combination of Venafi’s certificate lifecycle management,
private Public Key Infrastructure (PKI), IoT identity management
and cryptographic code signing, with CyberArk’s secrets management
capabilities will enable organizations to protect against misuse
and compromise of machine identities, vastly improve security, and
stop costly outages. Having a breadth and depth of options for
machine identity security all in one solution – that can be
deployed as SaaS or hybrid – will enable faster risk mitigation for
organizations of all sizes looking to secure modern cloud
environments.
As an innovative leader in PKI and certificate management with a
robust presence in modern cloud environments, Venafi offers
complementary solutions that expand CyberArk’s total addressable
market (TAM) by nearly $10 billion to approximately $60
billion.
“This acquisition marks a pivotal milestone for CyberArk,
enabling us to further our vision to secure every identity – human
and machine – with the right level of privilege controls,” said
Matt Cohen, Chief Executive Officer, CyberArk. “By combining forces
with Venafi, we are expanding our abilities to secure machine
identities in a cloud-first, GenAI, post-quantum world. Our
integrated technologies, capabilities and expertise will address
the needs of global enterprises and empower Chief Information
Security Officers to defend against increasingly sophisticated
attacks that leverage human and machine identities as part of the
attack chain. Venafi brings world-class talent who shares
CyberArk’s customer-centric, people-first culture and a
security-first mindset. We are thrilled to work with the Venafi
team to capitalize on the tremendous growth opportunity in the
identity security market.”
“It has been a pleasure to work with the Venafi team, leveraging
our operational expertise to further cement Venafi as a leading
force in machine identity management,” said Chip Virnig, a Partner
at Thoma Bravo. “Over the course of our investment, Venafi has
accelerated SaaS growth, expanded margins, and successfully created
a best-in-class SaaS offering, setting the stage for continued
innovation. We believe CyberArk is a great partner for Venafi and
that the scaled end-to-end machine identity security platform
created by this strategic combination will deliver significant
value to shareholders.”
Details Regarding the Proposed Acquisition
CyberArk intends to acquire Venafi for an enterprise value of
approximately $1.54 billion in a combination of cash and CyberArk
shares (approximately $1 billion in cash and approximately $540
million in shares). The Boards of Directors of both CyberArk and
Venafi have each approved the transaction.
The transaction is expected to close in the second half of 2024,
subject to required regulatory approvals, clearances and other
customary closing conditions. Other details include:
- Venafi is expected to add approximately $150 million annual
recurring revenue (ARR).
- Venafi brings a strong business model with 95% in recurring
revenue, including SaaS and Term Based License Revenue.
- The transaction is expected to be accretive to margins
immediately2, with significant revenue synergies through
cross-sell, up-sell and geographic expansion.
- Venafi brings complementary capabilities to protect machine
identities and expands the Total Addressable Market (TAM) from $50
billion to $60 billion.
1 The Forrester Tech Tide™: Identity And Access Management
(IAM), Q1 2023 by Andras Cser, Geoff Cairns with Merritt Maxim,
Hailey DiCicco, Peggy Dostie, February 8, 2023
2 Expected to be accretive to non-GAAP margins
Advisors
Morgan Stanley & Co. LLC is serving as exclusive financial
advisor to CyberArk and Latham & Watkins LLP is serving as
legal counsel to CyberArk. Piper Sandler is serving as exclusive
financial advisor to Thoma Bravo and Kirkland & Ellis LLP is
serving as legal counsel to Thoma Bravo.
Conference Call Information
In conjunction with this announcement, CyberArk will host a
conference call on Monday, May 20, 2024 at 8:30 a.m. Eastern Time
(ET) to discuss the proposed acquisition of Venafi. To access this
call, dial +1 (646) 968-2525 (U.S.) or +1 (888) 596-4144
(international). The conference ID is 2727264. Additionally, a live
webcast of the conference call will be available via the “Investor
Relations” section of the company’s website at
www.cyberark.com.
Following the conference call, a replay will be available for
one week at +1 (800) 770-2030 (U.S.) or +(609) 800-9909
(international). The replay pass code is 2727264. An archived
webcast of the conference call will also be available in the
“Investor Relations” section of the company’s website at
www.cyberark.com.
About CyberArk
CyberArk (Nasdaq: CYBR) is the global leader in identity
security. Centered on intelligent privilege controls, CyberArk
provides the most comprehensive security offering for any identity
– human or machine – across business applications, distributed
workforces, hybrid cloud environments and throughout the DevOps
lifecycle. The world’s leading organizations trust CyberArk to help
secure their most critical assets. To learn more about CyberArk,
visit https://www.cyberark.com, read the CyberArk blogs or follow
on LinkedIn, Twitter, Facebook or YouTube.
About Venafi
Venafi is a cybersecurity market leader and the category creator
of machine identity management, securing machine-to-machine
connections and communications. Venafi protects machine identity
types by orchestrating cryptographic keys and digital certificates
for SSL/TLS, SSH, code signing, mobile and IoT. Venafi provides
global visibility of machine identities and the risks associated
with them for the extended enterprise—on premises, mobile, virtual,
cloud and IoT—at machine speed and scale. Venafi puts this
intelligence into action with automated remediation that reduces
the security and availability risks connected with weak or
compromised machine identities while safeguarding the flow of
information to trusted machines and preventing communication with
machines that are not trusted.
About Thoma Bravo
Thoma Bravo is one of the largest software-focused investors in
the world, with over US$138 billion in assets under management as
of December 31, 2023. Through its private equity, growth equity and
credit strategies, the firm invests in growth-oriented, innovative
companies operating in the software and technology sectors.
Leveraging Thoma Bravo’s deep sector knowledge and strategic and
operational expertise, the firm collaborates with its portfolio
companies to implement operating best practices and drive growth
initiatives. Over the past 20+ years, the firm has acquired or
invested in more than 465 companies representing approximately
US$260 billion in enterprise value (including control and
non-control investments). The firm has offices in Chicago, London,
Miami, New York and San Francisco. For more information, visit
Thoma Bravo’s website at thomabravo.com.
Cautionary Language Concerning Forward-Looking Statements
This release contains forward-looking statements, which express
the current beliefs and expectations of CyberArk’s (the “Company”)
management. In some cases, forward-looking statements may be
identified by terminology such as “believe,” “may,” “estimate,”
“continue,” “anticipate,” “intend,” “should,” “plan,” “expect,”
“predict,” “potential” or the negative of these terms or other
similar expressions. Such statements involve a number of known and
unknown risks and uncertainties that could cause the Company’s
future results, levels of activity, performance or achievements to
differ materially from the results, levels of activity, performance
or achievements expressed or implied by such forward-looking
statements. Important factors that could cause or contribute to
such differences include risks relating to: the ability of the
parties to consummate the proposed transaction on a timely manner
or at all; the satisfaction of the conditions precedent to
consummation of the proposed transaction, including the ability to
secure regulatory approvals on the terms expected, in a timely
manner or at all; the potential impact of the announcement of the
proposed transaction on the ability of CyberArk or Venafi to retain
and hire key personnel and maintain relationships with customers,
suppliers and others with whom CyberArk or Venafi do business, or
on CyberArk’s or Venafi’s operating results and business generally;
disruption of the current plans and operations of CyberArk and
Venafi as a result of the proposed transaction or its announcement,
including increased risks of cyberattacks; risks that Venafi’s
business will not be integrated successfully into CyberArk’s
operations; risks relating to CyberArk’s ability to realize
anticipated benefits of the combined operations; changes to the
drivers of the Company’s growth and its ability to adapt its
solutions to IT security market demands; fluctuation in the
Company’s quarterly results of operations due to sales cycles and
multiple pricing and delivery models; the Company’s ability to sell
into existing and new customers and industry verticals; an increase
in competition within the Privileged Access Management and Identity
Security markets; unanticipated product vulnerabilities or
cybersecurity breaches of the Company’s, or the Company’s
customers’ or partners’ systems; complications or risks in
connection with the Company’s subscription model, including
uncertainty regarding renewals from its existing customer base, and
retaining sufficient subscription or maintenance and support
service renewal rates; risks related to compliance with privacy and
data protection laws and regulations; regulatory and geopolitical
risks associated with global sales and operations, as well as
impacts from the ongoing war between Israel and Hamas and other
conflicts in the region, as our principal executive offices, most
of our research and development activities and other significant
operations are located in Israel; risks regarding potential
negative economic conditions in the global economy or certain
regions, including conditions resulting from financial and credit
market fluctuations, rising interest rates, bank failures,
inflation, and the potential for regional or global recessions; the
Company’s ability to hire, train, retain and motivate qualified
personnel; reliance on third-party cloud providers for the
Company’s operations and SaaS solutions; the Company’s history of
incurring net losses and its ability to achieve profitability in
the future; risks related to the Company’s ongoing transition to a
new Chief Executive Officer; risks related to sales made to
government entities; the Company’s ability to find, complete, fully
integrate or achieve the expected benefits of strategic
acquisitions; the Company’s ability to expand its sales and
marketing efforts and expand its channel partnerships across
existing and new geographies; changes in regulatory requirements or
fluctuations in currency exchange rates; the ability of the
Company’s products to help customers achieve and maintain
compliance with government regulations or industry standards; risks
related to intellectual property claims or the Company’s ability to
protect its proprietary technology and intellectual property
rights; and other factors discussed under the heading “Risk
Factors” in the Company’s most recent annual report on Form 20-F
filed with the Securities and Exchange Commission. Forward-looking
statements in this release are made pursuant to the safe harbor
provisions contained in the U.S. Private Securities Litigation
Reform Act of 1995. These forward-looking statements are made only
as of the date hereof, and the Company undertakes no obligation to
update or revise the forward-looking statements, whether as a
result of new information, future events or otherwise.
View source
version on businesswire.com: https://www.businesswire.com/news/home/20240520321942/en/
For CyberArk
Investor Relations: Srinivas Anantha, CFA CyberArk
617-558-2132 ir@cyberark.com
Media: Nick Bowman CyberArk +44 (0) 7841 673378
press@cyberark.com
For Thoma Bravo
Thoma Bravo Communications Megan Frank (212)
731-4778 mfrank@thomabravo.com
or
FGS Global Liz Micci / Abigail Farr (212) 687-8080
Liz.micci@fgsglobal.com / abigail.farr@fgsglobal.com
CyberArk Software (NASDAQ:CYBR)
Historical Stock Chart
From May 2024 to Jun 2024
CyberArk Software (NASDAQ:CYBR)
Historical Stock Chart
From Jun 2023 to Jun 2024