The value of M&A transactions related to cybersecurity companies is surging to unprecedented levels in the Asia-Pacific region against a backdrop of rising geopolitical tensions between the US and China, according to Dealogic data.

APAC dealmaking hit USD 2.09bn in 2023, surpassing its previous regional record set in 2021. The surge was largely propelled by the proposed acquisition of a 65.7% stake in South Korean security service company SK shieldus for USD 1.5bn announced in March.

SK shieldus puts South Korea on the cybersecurity map

The SK shieldus deal highlighted substantial opportunities of growth outside China, which has traditionally accounted for the highest deal value levels in cybersecurity deals across APAC.

Besides its traditional business related to physical security in central monitoring services (CMS) and facility management, the company also scaled its cybersecurity arm after merging with Infosec in 2020, according to Mergermarket.

South Korea is one of the most digitally connected countries in the world, which makes imperative for the country to protect its society and industrial system from cyberattacks amid an extremely complex geopolitical situation.  

It is therefore no surprise that South Korea is ramping up investment to bolster its cybersecurity capabilities. It ranked fourth out of 194 countries in the International Telecommunication Union (ITU) Global Cybersecurity Index in 2021, according to Mordor Intelligence.

China also expected to ramp up cybersecurity efforts

China accounted for more than 75.1% of total APAC deal value and one-third of the number of transactions in 2022. The country recently enacted a series of laws and regulations on data security, cybersecurity and personal information protection.

A joint investigation report released by China’s National Computer Virus Emergency Response Center (CVERC) and internet security company Qihoo 360 accused the US National Security Agency (NSA) of having conducted over 10,000 cyberattacks against China in recent years, according to CGTN.

The world’s second largest economy plans to spend trillions of CNY on cybersecurity technology upgrades, as reported by Asia Times. Efforts span from quantum encryption technology, big data anti-fraud systems, to methods of identifying AI-enabled forgeries, Xinhua reported.

China is also redoubling efforts to deepen international cooperation for global digital governance in data within the framework of the Beijing-led Global Development Initiative according to Xinhua (1) (2), China Daily and Global Times.

What’s next?

Geopolitical tensions as well as the growing use of internet and cloud services will continue to be key drivers for the adoption of increasingly sophisticated cybersecurity solutions. According to Mordor Intelligence, the “moderately fragmented” nature of the APAC cybersecurity market opens opportunities for mergers and acquisitions as well as partnerships.

Global market players with an APAC presence include the likes of Israel-based internet security company Check Point Software Technologies [NASDAQ: CHKP], Czech Republic-based Avast Software, California-based Cisco Systems [NASDAQ: CSCO] and New York-based IBM Corp [NYSE:IBM].

Financial consolidators and investors in the sector include the likes of Hopu Magnolia, a growth capital unit of Chinese private equity firm Hopu Investment Management, which is raising a new fund worth USD 250m, Mergermarket reported.

Southeast Asia is also turning into a hotspot for cybersecurity investment. Recent research from Palo Alto Networks found that cybersecurity has become among the top priorities of business leaders in ASEAN member countries, according to Insurance Business.

Mergermarket recently reported that Singaporean cybersecurity platform operator Horangi has been put up for sale at a valuation of less than USD 100m, while Singapore’s cybersecurity firm Blackpanda may launch a USD 50m-USD 60m Series B round.

Meanwhile, South Korean security solutions company STEALIEN signaled its interest in forming strategic partnerships with local players in Japan and Southeast Asia to expand its presence.

A recent report by the Australian Cyber Security Growth Network forecast that the Australian cyber market has the potential to triple in size over the next decade. Potential targets include SMEs such as archTIS [ASX:AR9], according to Mergermarket.

 China will continue to offer several investment opportunities in smaller enterprises or startup companies such as Cloudsky Sec, Xin'an Communication Technology, Roar Panda, Runjet and Tongzhisoft, although some deals might be out of the reach for foreign players due to security reasons.