Cybersecurity Market Update: April 2024 Insights & Trends

Check out April 2024's cybersecurity market trends, cybersecurity investments, major acquisitions, and global insights.

Welcome to the monthly wrap-up issue of Return on Security, where I’ll cover this month’s most relevant cybersecurity market and funding updates. I spend hours collecting, curating, and analyzing this information every week, so you don’t need to - here we go👇

If you want insights like these and a ton more delivered straight to your inbox each week, you should sign up for the weekly newsletter.

Table of Contents

Video Walkthrough

Think of this video like the Director’s Cut version of this post.

April 2024 Highlights

  • April 2024 saw a significant funding increase, reaching $1.5 billion.

  • Data Security Posture Management (DSPM) and Remote Browser Isolation led the charge.

  • Significant M&A activity included major acquisitions by IBM and Thoma Bravo.

  • Global contributions outside of the US came from key players in Israel, Spain, and the UK.

⚠️ Important: All of the charts are interactive, so you can click around, filter, hover over, and even download the data to get the most out of it.

By the Numbers

April 2024 continued the cybersecurity funding rally, further showing signs of an industry recovery. Funding jumped up $1.5 billion, up ~42% from March 2024, the first month in 2024 to cross over $1 billion in funding.

April marks the beginning of cybersecurity conference season around the world, with many transactions and press releases building up to the RSA Conference in the first week of May. Looking back historically at the data that Return on Security tracked, there is a seasonally adjusted uptick in funding around this time each year.

Funding Insights

In April 2024, a significant $1.5 billion was invested across 58 events in 32 unique cybersecurity product categories, with a major focus on data security and identity.

Leading the investments, Data Security Posture Management (DSPM) secured $322.4 million, accounting for 21.4% of the total funding. Businesses attempting to adopt generative AI and large language models (LLMs) have led to an explosion of data and third-party tools to support and enable this new level of business transformation. More AI leads to more data, leading to a greater need to discover, protect, and perform security analytics.

Remote Browser Isolation followed, with a notable $175 million from a single event, making up 11.6% of the total. The company that raised this round, Island, has also received three other investments at or over $100 million.

This technology is gaining traction due to its effectiveness in isolating web threats and reducing the attack surface, as well as its ability for businesses to reduce the expense and management overhead of Virtual Desktop Infrastructure (VDI) for remote developer access.

Here is a breakdown of funding by product category:

Global Distribution

In April 2024, the cybersecurity sector witnessed substantial global investment activity, with firms from eight countries securing significant funding. American companies dominated the landscape, capturing approximately 74.1% of the total funding, amounting to $1.37 billion across 43 events. Israel also made a strong showing, securing $26.8 million through six events, which represented 10.3% of the total investments.

Spain and the United Kingdom each made notable contributions, with Spanish firms raising $31 million across two events (3.5% of the total) and British companies securing $23.25 million from two events (3.5%). These investments highlight the growing cybersecurity efforts in Europe.

Mergers & Acquisitions

April 2024 was another huge month for cybersecurity M&A. Just like in March, two high-profile acquisitions rocked the industry, one by a company and one by a private equity group:

  • HashiCorp, a United States-based cloud automation and infrastructure security platform, was acquired by IBM for $6.4 billion. (more)

  • Darktrace, a United Kingdom-based suite of insider threat, phishing, and cloud security tools, was acquired by Thoma Bravo for $5.3 billion. (more)

Both of these transactions, which made up ~80% of the M&A activity for April, surprised most of the industry. On IBM’s acquisition of HashiCorp, many wondered how this would play into IBM’s overall strategy since IBM also acquired RedHat back in 2019.

The Darktrace take-private acquisition marked the largest exit of a cybersecurity company in the UK market in history and of the only public “pure play” cyber company.

My Work

My work from this past month.

Top Great Reads

Some of my favorite Great Reads from this past month’s newsletters.

  • Security is a Team Sport - Rami McCarthy talks about how to navigate the security field and how to grow and foster connections in your career that can help you advance.

  • The Problem of AI Ethics and Laws About AI - Benedict Evans discusses the complexities of AI ethics and regulation, using historical examples like the UK Post Office scandal and the misuse of software to illustrate that the issue is not with technology itself but with institutional failures and misuse.

  • A Letter from the Future - A futuristic short story from Phil Venables that is something like a Neal Stephenson cyberpunk novel from a not-so-distant future where cyber and physical conflicts are intertwined.

  • The Market is Forcing Cloud Vendors to Relax Data Egress Fees - How market dynamics are changing how cloud service providers think about charging for data to leave their infrastructure. This comes at a time when next-gen SIEM and security analytics platforms are increasingly becoming centers of data gravity

  • Rubrik IPO: S1 Breakdown - CJ Gustafson does the best breakdown of the Rubrick S1 filing for going IPO.

Return on Security Newsletter Issues

Here are the past weekly newsletters from this month.

Data Methodology and Sources

  • All of the data is captured point-in-time from publicly available sources.

  • All financial figures are converted to U.S. dollars (USD) when collected.

  • Company country locations are pulled from publicly available sources.

  • Companies are categorized using our own system at Return on Security, and we write all of the company descriptions.

  • Sometimes, the details about deals, like who led the round, how much money was raised, or the deal stage, might get updated after the issue is first published.

  • Let us know if you spot any errors, and we’ll fix them.

About Return on Security

Return on Security is all about breaking down the cybersecurity industry for you with expert analysis, hard facts, and real-life stories. The goal? To keep security pros, entrepreneurs, and investors ahead in a fast-moving field. Read more about the “Why” here.

Feel free to borrow any data, charts, or advice you find here. Just make sure to give a shoutout to Return on Security when you do.

Thank you for reading. If you liked this summary, please share it with your friends, colleagues, and anyone interested in the cybersecurity market.

Follow me on LinkedIn or Twitter to never miss Return on Security updates.

Join the conversation

or to participate.