There is more consolidation in cybersecurity, particularly around services that help organizations manage access and identity. One Identity, which offers tools to manage zero trust access to system, as well running log management services for enterprises, announced today that it had acquired OneLogin. This rival company is in the secure sign-on area for end users.
The terms of the acquisition, which closed on October 1, was not disclosed. However, we are working to find out. One Identity is now part of Quest Software. It is privately owned by Francisco Partners, a PE firm. It was previously part of Dell. In 2016, Elliott and Francisco partnered to acquire Quest assets from Dell. This was part of Dell's streamlining efforts. The deal, at that time valued around $2 billion, was originally done in partnership with Elliott. According to the company, it has approximately 7,500 enterprise clients and manages about 250 million identities.
According to PitchBook data, OneLogin disclosed funding for a $100 million Series D in 2019. It was valued at $330 million. You will also notice that PItchBook lists a second fundraise, but doesn't give a date or an amount. OneLogin currently has 5,500 customers, including Airbus, Stitch Fix and the AAA. Quest CEO Patrick Nichols stated that the companies together will manage around 290 million identities. He added that this number includes people as well as M2M-style nodes for systems.
The M&A is occurring amid a greater shift in security industry. Since Dell's assets were sold and OneIdentity raised funds, cybersecurity threats have increased. This is due to the shift to cloud services and the increasing number of people and organisations doing business online. OneLogin, using data from IBM, estimates that breach costs average $3.86 million. However, this does not account for the substantial cost to an organization's reputation and trust with its customers.
This larger trend has made identity management, and more likely mismanagement, a particularly vulnerable area. Malicious hackers use a variety of methods to hack into systems, relying on both sophisticated technology and human error.
Poor identity management is responsible for 70% of the threats on the market today, Nichols stated, citing research by Verizon. The threat is especially acute because there are more endpoints than ever before, and not because more people are joining networks but because more devices are connected. He said that half of the endpoints in a system are devices and not individuals. Once they are breached, it's just like stealing passwords.
However, many enterprises are looking for larger platforms and more powerful toolsets after years of using different point-solutions to manage different aspects of their cybersecurity strategies. This allows them to see a more complete picture of system activity and reduces the risk of cybersecurity tools accidentally conflicting.
All this point to consolidation. One Identity sees a chance to offer more services to its customers than just those that help them manage their networks internally. The company is adding additional tools to assist end-users. Customers of OneLogin may also be interested to bring more of their cyber strategy onto a single platform, according to the company's thinking.
Nichols stated that organizations can see a double benefit from consolidating around a cybersecurity platform player. He pointed out that the first is to improve efficiency, but the second is to make it more legal. Companies will need to be more vigilant about how they handle cybersecurity issues. This will increase the pressure to make their systems more resilient. Having too many components can also prove difficult to manage.
One Identity gives us the opportunity to accelerate our growth and offer additional value to our customers. Brad Brooks, CEO at OneLogin, said in a statement. OneLogin's robust unified platform for workforce and CIAM will combine forces with One Identitys suite products, including their PAM solution. This will enable new and existing customers to access the only unified identity security platform in the market.
It will be interesting for us to see if and how much more M&A is made in this space. Okta is a highly acquisitive player, but there are still many companies that cover different aspects of the identity problem and are independent. Jumio is one example.
The new company will offer a variety of services including Identity Governance and Administration (IGA), Identity Governance and Administration, Privileged Access Management and Security (PAM), Active Directory Management and Security (IAM) and Identity & Access Management.
In a statement, Bhagwat Singh, President and General Manager of One Identity said that identity has become more important than ever with the proliferation of machine and human identities, the race towards the cloud, and the rise in remote working. We can help customers integrate all identities into oneLogin and incorporate it into our cloud-first Unified Identity Security Platform. This will allow them to verify identities before granting access to key assets. It also gives us real-time visibility to suspicious login activity. Customers can now use identity as the core of their cybersecurity strategy to implement adaptive zero trust strategies and significantly improve their overall cybersecurity posture.