Michael Novinson (MichaelNovinson)

Sophos plans to make the largest acquisition in its four-decade history, scooping up Secureworks for $859 million to turbocharge its threat intelligence, detection and response. Sophos Fortifies XDR Muscle

See Also: Webinar | Identity Crisis: How to Combat Session Hijacking and Credential Theft with MDR

The Oxford, U.K.-based platform security vendor will combine its managed detection and response services with Atlanta-based Secureworks’ XDR, SIEM and identity detection and response capabilities. The deal will enhance threat detection, response times and security posture for businesses worldwide, helping the combined company serve customers ranging from small businesses to large enterprises (see: Why Dell Is Once Again Eyeing the Sale of MSSP Secureworks).

“Secureworks offers an innovative, market-leading solution with their Taegis XDR platform,” Sophos CEO Joe Levy said in a statement. “Combined with our security solutions and industry leadership in MDR, we will strengthen our collective position in the market and provide better outcomes for organizations of all sizes globally.”

Why Sophos, Secureworks Are Better Together

Secureworks, founded in 1999, employed 1,516 people as of Feb. 2, and is publicly traded, with Dell having 97.4% of the total voting power. The deal is set to close in early 2025 and will pay Secureworks shareholders $8.50 per share, which is 28% higher than the firm’s average trading price over the past 90 days. Secureworks’ stock is down $0.10 – or 1.18% – to $8.37 per share in trading Monday morning.

Sophos will pay for Secureworks through a combination of debt financing and backing from private equity firm Thoma Bravo, which acquired the company for $3.9 billion in March 2020. This is the largest of the 18 acquisitions Sophos has made since its founding in 1985, dwarfing the company’s $120 million purchase of endpoint security startup Invincea in February 2017 (see: Cybersecurity for SMBs: Joe Levy’s Take on Risk Mitigation).

“Sophos’ portfolio of leading endpoint, cloud and network security solutions – in combination with our XDR-powered managed detection and response – is exactly what organizations are looking for to strengthen their security posture and collectively turn the tide against the adversary,” Secureworks CEO Wendy Thomas said in a statement.

Sophos plans to integrate Secureworks’ capabilities around ITDR, SIEM, OT security and vulnerability risk prioritization into its broader suite of tools. The fusion will help customers detect, investigate and respond to threats more quickly, according to Sophos. The synergy between Sophos’ end-to-end products and Secureworks’ managed services expertise will further strengthen their offering, according to Sophos.

Secureworks and Sophos currently cater to different types of customers, and the firm said combining their technologies and services will make advanced security more accessible to smaller organizations while also benefiting large enterprises. This deal will also accelerate the use of AI, aiming for faster detection times and enhanced security visibility across both native and third-party tools, Sophos said.

Why Secureworks Was Seeking a Suitor

Both organizations work with channel partners, and Sophos said the acquisition is expected to create more value for these partners by offering them enhanced capabilities and a broader set of solutions to sell and support. Virtually all of Sophos’ business goes through channel partners, while Secureworks generated 23% of its revenue last year through referral agents, VARs, trade associations and MSSPs.

Secureworks has faced challenges in recent years, including declining revenue and layoffs. Despite growing adoption of its Taegis XDR platform, the company has reduced in its workforce as its stock value has fallen. This proposed acquisition by Sophos comes as Secureworks has been working to streamline its business and focus on high-growth areas including XDR.

Specifically, Secureworks’ sales for the fiscal year ended Feb. 2, 2024, fell to $365.9 million, down 21.1% from $463.5 million the prior year. And the size of Secureworks’ staff has fallen by nearly 44%, with headcount plummeting from 2,696 employees on Jan. 29, 2021, to just 1,516 workers on Feb. 2, 2024. Secureworks’ stock is down nearly 70% from its all-time high of $25.98 per share in September 2021.

Forrester didn’t include Secureworks in its 11-vendor evaluation of the XDR market in June of this year. Sophos, meanwhile, was the eighth highest-rated vendor, ahead of Trellix, Broadcom and Fortinet. Forrester praised Sophos for integrating native tools and third-party data from Google and Microsoft, but said the security analyst experience falls short, with little contextualization and cumbersome management.

Dell has been exploring options to sell off non-core assets like Secureworks as part of its strategy to focus on its core businesses. Dell in September 2020 sold encryption titan RSA Security to private equity firm Symphony Technology Group for $2.08 billion. Dell first teamed up with Morgan Stanley to explore a sale of Secureworks in 2019 when the stock was trading at a then-record high.