Identity security company CyberArk has announced that it is acquiring machine identity management specialist Venafi for US $1.54 billion from software-focused investor Thoma Bravo, which already manages US$138 billion in assets.
The acquisition is being seen by some market sources as the start of more highly-focused acquisition-driven growth in the increasingly sharply defined and specialized cybersecurity sector. The logic behind the Venafi acquisition is clear. According to CyberArk, the number of machines is rapidly outpacing the growth of their human counterparts, with more than 40 machine identities for every human identity. By adding Venafi’s machine identity management to its dominant identity security position, CyberArk expects to expand its total addressable market by almost US$10 billion to around US$60 billion.
Exponential increase in the number of machine identities
The digital revolution and ongoing cloud migration have already resulted in an exponential increase in the number of machine identities used in handling workloads, code, applications, and the growing number of devices now connected online by the Internet of Things (IoT). Left unprotected, these all present a lucrative hunting ground for cybercriminals. To be secure, machine identities need to be identified, managed, and automated to keep their connections and communications safe.
According to global market research company Forrester: “The exponential growth of machine identities, both for devices and cloud workloads, has brought attention and urgency to improving machine identity management to reduce the risks stemming from this expanded threat surface.”
The sheer number of online machine identities is also likely to rise even further with the enhanced sophistication of new artificial intelligence (AI) applications and when quantum computing eventually begins to impact the enterprise.
Matt Cohen, Chief Executive Officer of CyberArk., said: “By combining forces with Venafi, we are expanding our abilities to secure machine identities in a cloud-first, GenAI, post-quantum world. Our integrated technologies, capabilities, and expertise will address the needs of global enterprises and empower Chief Information Security Officers to defend against increasingly sophisticated attacks that leverage human and machine identities as part of the attack chain.”
