At first glance, the latest cybersecurity deal looks like a breach of logic. FireEye’s market value shot up by a third on Friday, a move worth $1.6 billion, more than it said it had spent to buy Mandiant. The deal marries FireEye’s threat protection with its target’s capabilities responding to cyberattacks after they happen. Even with the industrial fit, the welcome from investors was unusually warm.
The explanation may be a convergence of hot security and takeover trends. For starters, both FireEye and privately held Mandiant are arguably the best in their businesses, showing how upstarts have stolen a march on larger, established companies in fighting the latest online threats.
FireEye, whose shares had already more than doubled since its September 2013 initial public offering, claims more than 100 of the Fortune 500 among its customers. Mandiant, meanwhile, aims to step in pretty much any time a high-profile company’s cyberdefenses are cracked, as when the New York Times was hacked early last year. The security consultancy subsequently produced a widely cited report exposing a Chinese government-linked computer espionage unit.
Already a sizzling – if specialized – area, cyberprotection got a huge lift in attention after U.S. security contractor Edward Snowden leaked information on the scale of government spying programs last year. Add news of a holiday-period attack that compromised the credit or debit cards of 40 million customers of U.S. retailer Target, and it’s hardly surprising if investors get more excited about the sector in 2014.
There’s also a broader M&A phenomenon at work. A buyer’s shares typically fall when a deal is announced, because paying a premium gives away value and integrating an acquisition brings risks. Last year, though, acquirers were rewarded more frequently than usual with a stock rise. That suggests investors are more than usually receptive, at least to manageably sized and sensible deals. FireEye’s purchase of Mandiant is smack in the middle of what should be a 2014 sweet spot.