Ukraine’s membership of NATO has become the hottest of geopolitical hot potatoes. Last week, officials from the country met for the first time with the steering committee of the NATO Cooperative Cyber Defence Centre of Excellence (CCDCOE).

Ukraine first applied to join the CCDCOE in August 2021. In March—just over six months and one Russian invasion later—the application was unanimously approved.

Defensive plays

Traditional warfare is increasingly converging with battlefields online, which is driving M&A. For example, having already struck up a strategic alliance in recent years, European aero and defence major Airbus has spent the past few weeks considering a potential acquisition of cybersecurity firm Atos.

But peace is usually more conducive to M&A. This may explain why deal activity in the European cybersecurity space is, as with other sectors, off to a slow start in 2022, according to Dealogic.

Nonetheless, last year saw a burst of activity—there were 71 deals in Europe’s cybersecurity sector in 2021 valued at an aggregate €13.3 billion. Last year alone accounted for more than half of deal activity since 2010. This is likely to continue rising over the long term, given the growing demands for cybersecurity among private corporations and governments alike.

The largest tie-up last year was a proposed €6.6 billion merger between Czech internet security player Avast and US-listed peer Norton LifeLock—though the UK competition regulator’s referral for a phase 2 investigation in March 2022 caught the market off guard.

On a budget 

While governments and companies are generally tightening their belts to address public deficits following mass pandemic-recovery spending, defence departments are an exception.

NATO members are scaling up their defence budgets to 2% of GDP. At last count, of the 30 countries that are part of the alliance, only 10 were at or above this target, leaving plenty of upside to come.

Last December, Ian West, chief of the NATO CCDCOE, said there are plans for the organisation to spend several hundred million euros on cyber defence capabilities in the next few years.

This renewed appetite for bolstering defences incentivises contractors to position themselves as experts in emergent cyber threats.

Sponsored talk 

Much of the buy-side activity in cybersecurity thus far has been concentrated among private equity (PE) and venture capital firms. The upside of having these cybersecurity assets in PE hands is that buyers from the defence industry will have a stock of companies to pick off, many of which will have been put through their paces by sponsors.

Earlier this month, Mergermarket identified five European cyber companies that have been held by PE firms for more than 49 months and could be ripe for an exit: Nordwind Capital’s Drivelock, Monterro’s Outpost24, C5 Capital’s ITC Secure, Norvestor Equity’s NetNordic, and Capiton’s CymbiQ Group.

When those defence budget increases come online, PE should have little trouble finding exit liquidity for its current cyber holdings.