Cybersecurity vendor Sophos is buying rival Secureworks in a $859 million all-cash deal that is aimed at bulking up its managed and extended detection and response capabilities.
The UK-based company announced the deal on October 21, saying it plans to fold Secureworks’ Taegis security operations platform into its own MDR and XDR portfolio to help enterprises and SMBs harden their cybersecurity posture through expanded AI-based threat intelligence and security controls backed by decades of expertise.
That includes using Secureworks products to expand Sophos' offering in areas such as identity detection and response (ITDR), security information and event management (SIEM), operational technology (OT) – a growing target of nation-state threat groups from countries such as China, Russia, and Iran – and vulnerability risk prioritization.
It also will bolster the combined company’s presence in the channel, given the partner communities they each bring to the deal. Those partners will now have a much broader portfolio to offer their clients. Sophos runs its business almost exclusively through the channel.
Jay McBain, chief analyst at Canalys, told MSSP Alert that Secureworks has lost money for a number of years and cut about a third of its staff.
“Sophos takes them back private to clean up the books and puts them in a partner-first and partner-trusted brand to turn things around,” McBain said. “A good move on both sides.”
Sophos CEO Joe Levy said in a statement that “Secureworks’ renowned expertise in cybersecurity perfectly aligns with our mission to protect businesses from cybercrime by delivering powerful and intuitive products and services.”
Sophos, Secureworks Deal: A 28% Premium on Shares
The deal, which is expected to close in early 2025, will pay each Secureworks shareholder – including Dell Technologies, which owns 79.2% of the company and controls 97.4% of its voting stock – $8.50 per share, a 28% premium. Secureworks’ channel programs includes service providers and MSSPs.
Sophos is backed by private equity firm Thoma Bravo, which bought the company in 2020 for $3.9 billion. Meanwhile, Secureworks, which was founded in 1999 and is based in Atlanta, was bought by Dell in 2011 in an effort to build out the larger company’s security-as-a-service solutions, including managed security services, security and risk consulting services, and threat intelligence.
However, in recent years, Dell has been shedding some of its businesses to put a greater focus on its core offerings. Dell initially tried to sell Secureworks in 2019, but was unsuccessful. Reuters reported in August that the IT giant again had put the security company on the selling block, having Morgan Stanley and Piper Sandler go into the market and gauge interest.
Secureworks also has struggled financially in recent years, as noted by McBain. The company in August 2023 shed 15% of jobs, or more than 300 employees. It now has about 1,700 employees. In the most recent quarterly earnings, Secureworks pulled in almost $82.1 million in revenue, a drop from the almost $93 million in the same quarter in 2023.
Sophos, Secureworks Deal: Complementary Portfolios
In a blog post about the deal, Secureworks CEO Wendy Thomas wrote that “Sophos’ experience and reputation as a leading provider of managed security services and end-to-end security products, including endpoint protection — combined with Secureworks’ security operations expertise transformed into the Taegis platform, will further deliver complementary advanced MDR and XDR solutions for your immense benefit.”
Secureworks unveiled Taegis in 2021 and has since added to the platform, including in recent months with such tools as ManagedXDR Plus for midmarket companies and Taegis NDR (network detection and response). At the same time it initially announced Taegis, Securworks – building off of its history as an MSSP – added an MSSP track to its global partner program.
The new track included security operations center (SOC) development, training, and financial incentives.
XDR and MDR: Booming Markets
The deal is being made at a time when both the XDR and MDR markets are surging, as organizations look to be more proactive and less reactive to cybersecurity threats. According to analysts with Market Research Future, the global XDR space will jump from $2.2 billion in 2022 to $31. 3 billion in 2032, fueled by such trends as the increasing enterprise use of the cloud, an expanding attack surface, greater regulatory compliance pressures, and a skills gap that continues to grow.
Meanwhile, the global MDR space will expand from $1.89 billion this year to $8.59 billion by 2032, driven by many of the same factors, according to Fortune Business Insights analysts. In addition, MDR offerings increasingly are being aided by the integration of AI and machine learning capabilities.
“Cyberattacks are rising at a rapid pace across the world,” the analysts wrote. “Due to all such increasing threats, businesses are investing significantly in robust detection and response services capabilities to identify and respond to cyberattacks. Moreover, the COVID-19 pandemic also highlighted the necessity for robust MDR capabilities to overcome uncertain business dynamics.”