Cybersecurity Valuations: Q1 2026
Cybersecurity's sector median held near 9.1x EV/NTM Revenue in Q1 2026, a roughly 25% premium to broader SaaS, while platform leaders cleared 14 to 22x and CrowdStrike reached 30.0x against Check Point's 6.6x, illustrating the widening tier gap that now defines how buyers and investors price the space. FY 2025 M&A reached a record $84.1B across 420+ deals, anchored by Alphabet's $32B Wiz acquisition at approximately 64x ARR and Palo Alto Networks' $25B CyberArk close, with ServiceNow's $11B+ late-2025 acquisition sprint further pressuring peers to consolidate around cloud, identity, and AI-native platforms. The report covers subsector multiples and valuation tiering methodology, the strategic logic behind mega-deal activity, and the forward implications of AI Security's projected 30 to 40% CAGR as cybersecurity cements its role as prerequisite infrastructure within a $6.08T global IT spending environment.
- Sector
- Cybersecurity
- Focus
- Valuations
- Published
- January 15, 2026
- Length
- 30 slides
- Reading time
- 19 minutes
Key findings
- FY 2025 cybersecurity M&A reached a record $84.1B across 420+ deals, with 8 mega-deals exceeding $1B driving platform consolidation in cloud, identity, and AI-native capabilities.
- Alphabet (Google) agreed to acquire Wiz for $32B (~64x ARR on ~$500M ARR), the largest private cybersecurity acquisition to date, validating CNAPP as the cloud security control plane.
- Palo Alto Networks agreed to acquire CyberArk for ~$25B (~13.5x EV/Revenue), unifying Code-to-Cloud-to-Identity and positioning identity as the Zero Trust control plane.
- Platform leaders (Tier 1) trade at 14–22x EV/NTM Revenue versus 4.5–7x for legacy point solutions, with CrowdStrike at 30.0x and Check Point at 6.6x illustrating the spread.
- Cybersecurity sector median trades at ~9.1x EV/NTM Revenue versus ~6.0–6.5x for broader SaaS, a ~25% sector premium supported by resilient budgets and AI tailwinds.
- Global cybersecurity spend is projected to grow from $248B (2025) to over $520B by 2030 at ~16% CAGR, with AI Security the fastest segment at ~30–40% CAGR.
- ServiceNow deployed $11B+ in late-2025 acquisitions of Armis ($7.75B), Moveworks, and Veza ($1B), lifting comps in OT/IGA/AI workflows and pressuring peers to respond.
- AI Security market is projected to expand from $31B (2025) to $86B (2030), with AI-native vendors commanding 15–20x+ revenue multiples due to scarcity and growth.
- Non-Human Identities are projected to reach an 82:1 machine-to-human ratio by 2026, making API keys, service accounts, and AI agents primary identity security targets.
- Global IT spend is projected at $6.08T in 2026 (+9.8% YoY), with hyperscalers deploying over $400B annually in AI CAPEX, elevating cybersecurity as a prerequisite infrastructure layer.
Methodology
This report synthesizes data accessed as of December 31, 2025, drawing on Gartner for IT spending forecasts and subsector growth projections, PitchBook and Momentum Cyber for M&A deal tracking and volume statistics, Morgan Stanley and Kroll for public company valuation benchmarks and EV/NTM multiples, CB Insights and Crunchbase for VC funding trends, Cybersecurity Ventures for market size forecasts, 451 Research for enterprise security architecture insights, and SEC filings for public company financial data. Windsor Drake applied proprietary valuation tiering and the Rule of 40/60 efficiency framework to calibrate multiples across platform leaders, profitable consolidators, and legacy point solutions, contextualizing deal data within a structured sector taxonomy covering Cloud, Identity, AI Security, Data Security, SecOps, Endpoint, and Network subsectors.
Frequently asked questions
What EV/NTM Revenue multiples are cybersecurity companies trading at in Q1 2026?
Cybersecurity valuations are sharply bifurcated. Platform leaders (Tier 1) such as CrowdStrike and Zscaler trade at 14–22x EV/NTM Revenue, with CrowdStrike reaching 30.0x. Established consolidators like Palo Alto Networks and Fortinet sit at 9–13.5x, while legacy point solutions trade at 4.5–7x. The sector median of ~9.1x represents a ~25% premium to the broader SaaS median of ~6.0–6.5x.
Who is buying cybersecurity companies right now and at what multiples?
Strategic buyers dominated 2025 mega-deals, capturing roughly 90% of top-8 deal value ($71.6B vs $6.6B for PE). Google, Palo Alto Networks, and ServiceNow led with transactions at 64x ARR (Wiz) and ~13.5x EV/Revenue (CyberArk). Private equity, including Thoma Bravo and Vista, focused on $1–5B deals at ~7–9x revenue or 15–20x EBITDA, executing Buy-and-Build strategies.
What drove the $84B in cybersecurity M&A activity in 2025?
CISO-led vendor consolidation and the rise of GenAI security created strong demand for platform acquisitions in cloud, identity, and AI-native capabilities. Eight mega-deals exceeding $1B accounted for the bulk of value, with Google's $32B Wiz acquisition and Palo Alto Networks' ~$25B CyberArk deal alone representing roughly $57B. The market showed a barbell structure: mega platform acquisitions at the top and high-volume tuck-ins at the bottom.
What cybersecurity subsectors command the highest valuations in 2026?
AI Security and CNAPP command the highest multiples at 15–20x+ EV/Revenue, driven by GenAI workload protection and platform consolidation. Identity (IAM/IGA/PAM) trades at 8–15x as the Zero Trust control plane, supported by the Non-Human Identity surge. Data Security (DSPM) earns 6–12x on AI governance tailwinds, while mature Endpoint (4–8x) and Network/SASE (2–6x) categories carry lower multiples.
Which cybersecurity companies are IPO candidates in 2026?
Key pre-IPO candidates include Arctic Wolf ($4.3B, MDR), Snyk ($7.4B, DevSecOps/AppSec), Cato Networks ($3.0B, SASE), and Lacework ($2.3B, CNAPP). Wiz ($32B) is pending its Google acquisition. The 2026 IPO window favors scaled platforms with AI-native capabilities, strong net retention, and Rule of 40/60 efficiency profiles.
What is the Rule of 60 and why does it matter for cybersecurity valuations in 2026?
The Rule of 60 equals Revenue Growth % plus FCF Margin %, with a score of 60 or above indicating a top-quartile platform compounder. Tier 1 cybersecurity leaders maintain a median Rule of 60 score of ~62, combining ~30% growth with ~30% FCF margins. Companies sustaining Rule of 60+ consistently earn double-digit EV/NTM revenue multiples, while sub-40 profiles align with discounted valuation tiers.
How large is the cybersecurity market and what is the growth outlook through 2030?
Total cybersecurity spend is estimated at $248B in 2025 and projected to exceed $520B by 2030, representing a ~16% CAGR. AI Security is the fastest-growing segment at ~30–40% CAGR, scaling from $31B to $86B over the same period. CNAPP is projected to grow from $18.5B (2023) to $65.5B by 2028 at ~24.5% CAGR, supported by regulatory mandates including NIS2, DORA, and SEC disclosure requirements.
Companies covered
Public and private companies referenced in this report.