Don More, Managing Director in Lincoln’s Technology, Media & Telecom Group, recently shared his insights on the InfoSec market, during the S&P Global’s 451Nexus technology conference.

Zero Trust Paradigm Becomes Fundamental to Modern InfoSec

Legacy Cybersecurity 1.0 was built on the concept that anything outside the network is untrustworthy, while inside the network is trusted. In modern organizations, employees and machines directly access cloud applications, data and services, rendering the perimeter defense model obsolete. Consequently, one can never trust and must continually verify the IT ecosystem.

The Zero Trust model is rapidly becoming the cornerstone of Cybersecurity 2.0, because it requires that only the right, legitimate parties gain access to accomplish permitted activities, wherever IT resources reside.

The emerging shift to Zero Trust requires a redesign and replacement of security infrastructures across cloud, network, endpoint, identity, cloud and data security. This makes Zero Trust the most potent thematic driver for sector spending growth, investment, M&A and initial public offering (IPO) activity.

Modern InfoSec Expanding from Digital to Physical World

Digitalization is also pushing IT-OT (information-operational technology) convergence, necessitating the protection of both digital and Internet protocol-enabled (IP-enabled) physical assets. This is opening up vast opportunities to extend cyber investment to smart buildings, industrial control systems, vehicles and all manner of devices. Historically, critical infrastructure protection (CIP) spending has been separate and distinct from cyber, and both markets are roughly the same size. Progressive overlapping of cyber and CIP, and the extension of Zero Trust to the physical world, will be the most potent cyber spending growth drivers in coming years, while greatly expanding the cyber total available market (TAM).

Lincoln Perspective:

For investors and business owners weighing their InfoSec investment strategy in 2022, Lincoln International highlights several implications of the digitalization wave, and resulting shift to Zero Trust-led Cybersecurity 2.0 and CIP-Cyber convergence:

• Valuation Outlook: We forecast the overall cybersecurity sector will maintain valuation over-performance in 2022, as spending continues to grow materially faster than other technology sectors. Further, the cybersecurity TAM is growing rapidly due to digitalization, expected Zero Trust refresh and the expansion of digital to physical security (see graphic below).

• Deal Activity Outlook: Record cash available to invest, by financial sponsors and on public balance sheets, combined with the desire to participate in the digitalization-fueled cyber spend boom, will support continued frenetic consolidation and growth investment activity in 2022.
• Navigating Robust Valuations: In cybersecurity, industry revenue multiple-based valuations correlate closely with revenue growth, resulting in above-average valuations. In this high growth, high valuation sector, the best way to invest is to focus on companies that are class leaders in solution areas benefiting directly from Zero Trust, Cybersecurity 2.0 and CIP Convergence, and that are valued below the revenue multiple implied by their growth.