Fraud Management & Cybercrime , Governance & Risk Management , Malware as-a-Service

KKR Buys Barracuda from Thoma Bravo to Fuel XDR, SASE Growth

KKR's Backing Will Help Barracuda Built Managed XDR and a Unified SASE Platform
KKR Buys Barracuda from Thoma Bravo to Fuel XDR, SASE Growth

KKR has agreed to purchase Barracuda Networks to support its expansion in managed detection and response, extended detection and response, and secure access service edge.

See Also: The Cost of Underpreparedness to Your Business

The New York-based private equity giant plans to provide resources and expertise that will accelerate Campbell, Calif.-based Barracuda's growth past the $500 million sales figure it hit under Thoma Bravo's ownership. Terms of the deal weren't disclosed by KKR or Barracuda. However, Reuters reported KKR is expected to pay $4 billion for Barracuda, and Bloomberg reported an expected sale price of $3.8 billion (see: Identity Firm SailPoint to Be Bought by Thoma Bravo: $6.9B).

Barracuda has been owned since February 2018 by private equity firm Thoma Bravo, which bought the then-publicly traded company for $1.6 billion four years after Barracuda filed for an IPO. KKR's acquisition of Barracuda is expected to close by the end of 2022. KKR also owns Optiv, though Reuters reported KKR is looking to unload the cybersecurity service provider via an initial public offering or sale at a valuation of more than $3 billion.

"KKR sees Barracuda as a really strong cybersecurity player within the SME (small and medium-sized enterprise) space," Barracuda President and CEO Hatem Naguib tells Information Security Media Group. "We've been very successful under Thoma Bravo really building that growth engine for the company, and KKR see this as an opportunity to really drive us to the next stage."

Doubling Down on XDR, SASE

Barracuda plans to use KKR's investment to build out its managed XDR offering for customers and managed service providers and integrate standalone edge security capabilities into a unified SASE platform that's easy for clients to consume, Naguib says. Specifically, the company wants to double down on its managed SOC-as-a-service offering to make it easier for under-resourced MSPs to prevent and mitigate threats for their customers.

Managed SOC-as-a-service is part of Barracuda's Managed XDR offering that ropes in Barracuda experts to look at the alerts clients are receiving and do predictive analysis around when and how abnormalities are happening, he said. The money from KKR should help Barracuda optimize its data feeds and ensure they're well-honed and integrate the company's email and network security tools into the XDR platform.

"The landscape has become very difficult for a lot of our SME customers dealing with ransomware, dealing with email compromise attacks, and dealing with account takeover," Naguib said. "Managed XDR brings to bear a team of highly-qualified, super-capable individuals who are looking at your environment and looking at your alerts added with a platform that captures that data."

From a SASE perspective, Barracuda plans to use KKR's backing to bring together its existing network firewall, web application firewall, web security, and zero trust network access capabilities into a unified platform that can be delivering at a branch office location, in the cloud, or via a SaaS application, Naguib said. The company's SASE tool is aimed at helping customers accelerate their infrastructure protection.

Barracuda uses Microsoft Azure as the backbone for the SD-WAN piece of the SASE puzzle, and then leverages third-party integrations for customers that wish to have SIEM or endpoint security as part of their SASE platform. CISOs can use Barracuda's XDR and SASE offerings to help protect customers who are rapidly increasing their use of SaaS and cloud products such as Office 365 and Salesforce, he says.

"The threat landscape continues to be a challenge, and many CISOs are looking for platform-based solutions that will help them deliver the security capabilities they need without over complication or an over dependence on resources they just don't have," Naguib says.

The Deal Making Continues

Under Thoma Bravo's ownership, Barracuda has made a number of tuck-in acquisitions, purchasing monitoring and response company Skout Cybersecurity in July 2021 to cull and correlate threat data and Fyde in November 2020 to apply a zero trust approach to guarding applications, workloads and devices. Barracuda moved into remote monitoring and management with its 2019 buy of Managed Workplace.

Naguib said the deal making is expected to continue under KKR, with Barracuda pursuing acquisitions that can help the company either expand its customer reach or expand its product portfolio. Barracuda today has 200,000 customers primarily who employ between 500 and 5,000 people as well as 30,000 channel partners, including 5,000 MSPs who many SMEs depend on to provide CISO-like capabilities.

Barracuda wants to accelerate its sales and annual recurring revenue growth under KKR in pursuit of the $1 billion annual revenue mark while maintaining the high levels of profitability the company has today, Naguib says. The company employs more than 1,700 people today, and Naguib said the company plans to keep hiring more engineers and salespeople to support Barracuda's ambitious growth plans.

"This is an innovation-driven company, so we're always looking for engineering capabilities to drive the long-term roadmaps," Naguib says. "And sales capacity is very important for us to meet the demands of our customers and keep growing both internationally and domestically."

About the Author

Michael Novinson

Michael Novinson

Managing Editor, Business, ISMG

Novinson is responsible for covering the vendor and technology landscape. Prior to joining ISMG, he spent four and a half years covering all the major cybersecurity vendors at CRN, with a focus on their programs and offerings for IT service providers. He was recognized for his breaking news coverage of the August 2019 coordinated ransomware attack against local governments in Texas as well as for his continued reporting around the SolarWinds hack in late 2020 and early 2021.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.