Security Operations

Arctic Wolf Gets $401M From Owl Rock to Pursue Acquisitions

CEO Nick Schneider Plans to Focus on M&A Deals Around Cloud, SIEM, Endpoint and XDR
Arctic Wolf Gets $401M From Owl Rock to Pursue Acquisitions
Nick Schneider, president and CEO, Arctic Wolf (Image: Arctic Wolf)

Security operations stalwart Arctic Wolf has taken on more than $400 million in debt to pursue acquisitions in the cloud, SIEM, endpoint and XDR markets.

See Also: Report: The State of Cloud Data Security in 2023

The Minneapolis-area vendor says the convertible notes will fuel an upcoming launch in the Asia-Pacific region, expansion in markets such as South Africa, Benelux and the Nordics, and expanded capabilities in adjacent technology areas from awareness to detection to remediation. A convertible note is a form of short-term debt that converts into equity in conjunction with either a future financing round or IPO.

"We wanted to make sure our flexibility would last regardless of the length of the potential macroeconomic challenges and also have the ability to be opportunistic in the M&A environment," President and CEO Nick Schneider tells Information Security Media Group. The financing is structured so that the debt converts to shares at a premium of the initial public offering price, Schneider says.

The latest financing was led by Owl Rock, with participation from Viking Global Investors, the Ontario Teachers' Pension Plan and Neuberger Berman. Owl Rock and Viking also led Arctic Wolf's $150 million Series F funding round in July 2021, when the company's valuation more than tripled over just nine months to $4.3 billion. Arctic Wolf didn't disclose a valuation associated with its latest convertible notes (see: Arctic Wolf's Dan Schiappa on Cloud Security in a Recession).

'There's Not a Willing Dance Partner'

Schneider says pursuing acquisitions or organic investment in cloud security, SIEM, endpoint security and XDR will allow Arctic Wolf to provide the same outcomes as a collection of stand-alone security tools with the value of a centralized platform. Schneider wants deals that help Arctic Wolf expand its breadth of capabilities, further open its platform, advance its open XDR strategy and help clients understand risk.

"Folks are going to start to look at acquisition as a viable exit, as opposed to at the height of the market, where attention was focused more along the lines of fundraising," Schneider says. He says Arctic Wolf is focused on deals that are a good fit from a technology, team, culture and growth trajectory standpoint.

Arctic Wolf in February acquired incident response and threat intelligence provider Tetra Defense to help with collecting rich security telemetry, managing incidents and initiating rapid response and recovery actions. Co-founder and former CEO Brian NeSmith - who's now executive chairman - told CRN in July 2021 that he expected Arctic Wolf to make between five and 10 acquisitions over the next year.

The company was planning to pursue an initial public offering amid last year's economic boom, and CEO Nick Schneider told Reuters in November 2021 that Arctic Wolf had started interviewing investment banks and was expecting to finalize advisers in the months ahead for an IPO, which Schneider hoped would take place in the second half of 2022.

But in February 2022, Schneider told SC Media that Arctic Wolf could consider options other than an IPO and couldn't comment on when the company's next financing move would take place. The Information reported in August that Arctic Wolf was in talks to raise $300 million in convertible debt from investors including Owl Rock.

"The market right now is in an interesting position, so there's not a willing dance partner there for an IPO," Schneider tells ISMG. "When the market turns around, I think Arctic Wolf will be in a position to make a decision as to whether or not that's the right timing for us."

From America to the World

Arctic Wolf plans to launch in Australia and New Zealand by the end of 2022 and expand from there into Asia, Schneider says. This comes on the heels of Arctic Wolf moving into Canada and Europe over the past 12 months with personnel on the ground to provide in-country service. The need for security operations is even greater abroad due to a more limited selection of vendors for customers, he says (see: Looking Beyond Silicon Valley for Cybersecurity Talent).

The United States still accounts for the vast majority of Arctic Wolf's business, but Schneider expects international operations to grow as a percentage of the company's total revenue over time.

"We don't just dip our toe in the water," Schneider says. "We like to enter the market and make sure that we have the solutions and make sure that we have the support needed to bring partners and customers on board."

Arctic Wolf has doubled its headcount over the past 12 months to more than 2,000 employees thanks to the company's global expansion. That's in stark contrast with other late-stage security startups such as Aura, Cybereason, Deep Instinct, Lacework, Malwarebytes, OneTrust, Snyk and Transmit Security, all of which have carried out layoffs since May due in large part to the IPO market drying up.

Schneider says Arctic Wolf's pace of employee growth will likely slow in the year ahead thanks to the efficiencies of scale. The company's hiring has been across the board from research and development to sales and marketing to general and administrative functions, Schneider says.

"Arctic Wolf is in a really strong position," Schneider says. "I think that's evidenced by the size of the investment as well as the investors that have been a part of this transaction. So I feel like we're in really good shape."

About the Author

Michael Novinson

Michael Novinson

Managing Editor, Business, ISMG

Novinson is responsible for covering the vendor and technology landscape. Prior to joining ISMG, he spent four and a half years covering all the major cybersecurity vendors at CRN, with a focus on their programs and offerings for IT service providers. He was recognized for his breaking news coverage of the August 2019 coordinated ransomware attack against local governments in Texas as well as for his continued reporting around the SolarWinds hack in late 2020 and early 2021.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.