Cybersecurity IPOs: two biggies to report... for now

The cybersecurity market metrics are trending up, up, and away when you look at current spending, forecasted market growth, mergers and acquisitions, and investment activity.

The worldwide cybersecurity market is defined by market sizing estimates that range from $77 billion in 2015 to $170 billion by 2020.

A couple of weeks ago, we reported on cybersecurity M&A activity covering 25 recent transactions - with the cloud security sector leading the way.

Last week we reported on VCs and corporate investors who have recently poured billions in to cybersecurity firms.

For fast-growth cybersecurity firms playing in hot sectors, there seems to be a limitless appetite for mergers and acquisitions, and investments. The big cyber vendors are on the prowl looking for point solution companies who can help them enter new markets and round out their platforms. The largest tech companies who don't play in cyber or have a minimal name in the space are candidates to spend tens-of-millions to hundreds-of-millions or even a billion-plus to acquire a hot cybersecurity company. And investors are lining up outside of hot cyber firm HQs like moviegoers waiting to get in and see the latest flick.

The uptick in M&A and VC activity may explain why there aren't many new cybersecurity IPOs to report on for the first half of 2015. But there are a couple of biggies:

Rapid7, a leading provider of security data and analytics solutions, announced on July 22, 2015 the closing of its initial public offering of 7,417,500 shares of common stock at a price to the public of $16.00 per share. The stock is currently trading at approximately $23.40 per share (as of the date of this blog), with a market cap of about $850 million.

IT security firm Sophos raised $125 million on a valuation of $1.6 billion when it recently went public. Thirty-year-old Sophos started trading on the London exchange on July 1, 2015. Sophos has made two previous attempts at the public markets, and pulled back. Good thing, because this time Sophos set a record as London's biggest ever tech IPO.

While there are just those two IPOs to report on for now, there's several cybersecurity companies who may IPO in the second half of 2015.

We've heard rumblings that Dell is considering taking its SecureWorks (cybersecurity) business public - which could have a $1 billion valuation.

Application security vendor Veracode has been talking up plans to go public for nearly a year, and earlier this year it filed paperwork to go public. Veracode is a hotly anticipated cyber IPO.

Earlier this year Bloomberg reported that log and event management vendor LogRhythm, and email security vendor Mimecast, are planning to go public in 2015.

Last month BetaBoston reported that Bit9 + Carbon Black, an endpoint protection vendor, was beefing up its executive ranks for a possible IPO later this year.

Out of the group of potential IPOs for later this year, SecureWorks looks like the strongest.

SecureWorks plays in managed security services which is expected to grow from $8 billion in 2015 to $30 billion by 2020, according to Allied Market Research (ARM). They also provide consulting services around GRC - Governance, Risk and Compliance, as well as a portfolio of products and professional services that span multiple security sectors. The SecureWorks platform should naturally expand for products and services from new acquisitions to neatly plug in.

You have to be a little concerned about the prospects for the others-- as each one of them is more of a point-solution vendor. Do any of them have a large enough T.A.M. (total addressable market) to pursue an IPO? Time will tell.. but don't be surprised if you see one or more of them winding up in M&A transactions.

We'll be back for a year-end cybersecurity IPO update towards the end of this year.