Proofpoint is exploring pre-initial public offering (IPO) financing from external investors as it plans a potential comeback to the public markets by 2026, reported CNBC, based on an interview with the firm’s CEO Sumit Dhawan.
The US cybersecurity firm is also considering mergers and acquisitions of smaller sectoral competitors. Dhawan, who became CEO in 2022, after Proofpoint was acquired by private equity firm Thoma Bravo, said the timing of the IPO would depend on general market conditions and the results of the 2024 US presidential election. “We are looking at potentially exploring public markets sometime in the next 12 to 18 months,” Dhawan told CNBC.
Proofpoint shopping spree?
Following its acquisition by Thoma Bravo in 2021, Proofpoint has been assessing strategic options, including the purchase of smaller cybersecurity companies.
Dhawan indicated that Proofpoint is targeting acquisitions that fit its long-term goals and align with its financial plans. The CEO pointed to an overabundance of companies in the cybersecurity market and suggested that consolidation is inevitable.
“There are at this point in time, 2,000 or so non-profitable cybersecurity companies that are venture-backed, so clearly they’ll either get consolidated or potentially not exist,” said Dhawan. “Because there’s no way any market can have that many players. So it’s going to happen, it’s bound to happen.”
Furthermore, Dhawan commented on challenges in the current acquisition environment, particularly the gap between what sellers expect and what buyers are willing to offer. Despite this, he said that Proofpoint sees opportunities for growth through acquisitions. In December 2023, the company closed the acquisition of Tessian, which employs advanced artificial intelligence (AI) for automatic detection and protection against accidental data loss and evolving email threats.
A key focus for Proofpoint’s strategy involves expanding into new geographic areas. Dhawan said the company is examining potential growth in countries such as Japan, South Korea, and regions like the Middle East, where cyber threats are increasing. Dhawan attributed this rise to the increasing use of generative AI in cybercrime, which allows attackers to create more personalised and sophisticated email threats.
Established in 2002, Proofpoint develops cybersecurity technology that helps businesses defend against phishing and other cyberattacks across multiple platforms, including email, mobile devices, social media, and cloud environments.
Proofpoint originally went public in 2012 but was delisted in 2021 after being acquired by Thoma Bravo for $12.3bn. The acquisition came after investors expressed concerns about the company’s slowing revenue growth. Now, the company is looking to return to the public markets.
Dhawan noted that Proofpoint differs from typical IPO candidates in that it is larger, has a more stable business profile, and is in a better position to pursue industry consolidation.
This would not be the first time Thoma Bravo has overseen an IPO following a private acquisition. In 2019, the firm led the public listing of Dynatrace, a cybersecurity company it had taken private in 2014. Proofpoint is also considering multiple rounds of financing, with private placements and other forms of pre-IPO funding under review.
Not so long ago, Proofpoint was targeted by hackers for delivering millions of phishing emails. A campaign called ‘EchoSpoofing,’ exploited vulnerabilities in Proofpoint’s email protection platform to send an estimated three million messages on a daily basis between January and June 2024. Subsequently, the vulnerabilities were patched by the cybersecurity firm.
Read more: Rackspace confirms zero-day exploit in third-party app led to security breach
