Are you a client?
Sign in to view the full news archive.
UK-based global cybersecurity specialist NCC Group said on Wednesday it is in the early stages of reviewing strategic options for its cyber business, if the sale of its Escode unit goes ahead.
In April, NCC said it was exploring various options, including a possible sale, for its other major division Escode, which specialises in software escrow and verification services. Assuming that a sale of that business goes ahead, NCC is now considering options for its cybersecurity business, including selling the business off in its entirety.
The Escode process is continuing but NCC said there was no certainty that it will result in a transaction that the board would be happy to recommend. It has been reported that private equity groups were exploring potential bids. A sale of the cybersecurity arm, which provides services to a range of enterprise organisations, would effectively precipitate a full break-up of NCC Group, which employs about 2,200 people across Europe, North America and Asia-Pacific.
In its H1 (for the six-months to 31 March 2025) financial update last month, NCC reported Escode revenue grew 1.8% on a constant currency basis. Cyber Security revenue declined 6.6% on a constant currency basis with a decline in high-volume, lower value testing and compliance engagements as clients reacted to macroeconomic uncertainties in the autumn and spring. The business has been aiming to shift its revenue mix to strategic higher value engagements in the form of managed services, identity & access management, operational technology security and advanced testing. However, these areas have longer sales and onboarding cycles.
There has been a consolidation of suppliers across the cybersecurity market landscape over the past few years, such as the Sophos acquisition of competitor Secureworks in an $859m deal last October (See - Sophos buys XDR supplier Secureworks), Palo Alto Networks acquisition of IBM’s QRadar security assets (See - Palo Alto Networks to acquire IBM QRadar in new security partnership) and Darktrace’s acquisition of cloud forensic specialist Cado Security (See - Darktrace acquires cloud forensic specialist Cado Security). PE firm Thoma Bravo have been responsible for the bulk of acquisitions over the past few years, now owning Sophos, Proofpoint, Sailpoint, Sonicwall, McAfee and Darktrace.
As a more services focused cybersecurity supplier I doubt Thoma will want to add NCC to its portfolio as well, but it could be a great opportunity for one of the system integrators looking to bolster its cybersecurity practise. Despite the NCC business struggling for growth as it rebalances its strategic focus, cybersecurity skills and expertise are hard to come by, and the group has that in plenty, which will certainly make it an attractive proposition.
Posted by: Simon Baxter at 09:07