Thoma Bravo to spend $3.8 billion on Sophos in private equity’s latest cyber deal

This comes amid a period of ongoing consolidation in the cybersecurity industry.

Thoma Bravo will acquire British network security firm Sophos for $3.8 billion in cash, the firms announced Monday, marking another major deal that could reshape a decades-old security vendor.

The deal is a win for Sophos investors, who will be paid $7.40 per share, up from the Oct. 11 closing price of $4.86. Chicago-based Thoma Bravo, a private equity firm, has acquired more than 200 technology companies over the past 40 years, and recently targeted security firms. Thoma Bravo had been in talks to acquire Symantec, a Sophos competitor, before that company sold much of its business to Broadcom.

This comes amid a period of historic consolidation in the cybersecurity industry. There has been more than 80 mergers or acquisitions by August this year, up from 54 deals over the same period in 2018, as industry leaders seek to incorporate a suit of products into a single portfolio. Offering security clients more products under a single banner, the logic goes, could create a more seamless experience for frustrated security teams trying to protect corporate data.

That’s where private equity firms come in. Investors typically takeover under-performing targets (Sophos’ stock before this deal had sunk to its lowest level in two years), re-assess the business strategy, cut costs, then seek to package the company in another sales, or take it public.


Thoma Bravo acquired Imperva for $2.1 billion earlier this year and, before that, spent $950 million on the app security company Veracode. In 2017, it spent $1.6 billion on Barracuda Networks, and it previously spun off investments in companies including Blue Coat and Tripwire.

Sophos counts the U.K.’s National Health Service among its customers.

Bloomberg was first to report the news Monday.

Jeff Stone

Written by Jeff Stone

Jeff Stone is the editor-in-chief of CyberScoop, with a special interest in cybercrime, disinformation and the U.S. justice system. He previously worked as an editor at the Wall Street Journal, and covered technology policy for sites including the Christian Science Monitor and the International Business Times.

Latest Podcasts