Tech Industry Acquisitions

25 billion. Let that land. That’s the price Palo Alto Networks is paying to acquire CyberArk, not just a company, but a massive chunk of the identity-security market. This isn’t innovation. This is buying the market. From a business perspective? A clever move by Palo Alto. Expanding dominance, consolidating power, and tightening their position as the world’s largest cybersecurity vendor by market cap. But from a customer perspective? I see a different story. I’ve worked at Palo Alto myself. I know how the machine operates. It’s not about delivering the best security. It’s about extracting maximum value per customer. And when everything is pushed under one vendor and one strategy, the squeeze becomes very real. This acquisition means one thing for CyberArk customers: You will be squeezed out. Like a lemon. Because while it might look attractive, “one vendor for everything, easy integrations, simplified procurement”. The real outcome is vendor lock-in at a scale we’ve never seen before. All your eggs in one massive, shareholder-driven basket. And that’s the part many organizations underestimate. Ask yourself: Do you really want your entire security stack controlled by a single vendor whose primary obligation is to Wall Street, not your threat landscape? Consolidation may sound efficient. But in cybersecurity, diversity is resilience. Putting everything in one place doesn’t make you safer, it makes you dependent. This $25B deal should be a wake-up call. Not a convenience. Not a shortcut. A moment to rethink whether “one vendor to rule them all” is truly in your best interest.

Did the acquisition target for Palo Alto Networks’ identity market entry absolutely have to be CyberArk? No, but CyberArk was the best option they had among scaled identity companies. There just aren’t that many viable targets with the right financial profile and product suite. CyberArk is a great company. I’m surprised they got it. CyberArk has more pieces of a comprehensive workforce identity offering than most other scaled alternatives. They have PAM, SSO (albeit third or fifth in the market), and they just acquired IGA with Zilla, an early-stage company. Most of the other targets Palo Alto Networks could have acquired would have required add-on acquisitions to round out the full workforce identity offering. Okta now has SSO/IGA/PAM but likely wasn't willing to sell at their current market cap of ~$17 billion. That's roughly half its all-time high, and now below CyberArk (even before the acquisition report broke). Todd McKinnon is still a relatively young CEO who looks committed for the long haul. Ping Identity could have made sense, but their product portfolio doesn’t have well-established IGA or PAM capabilities, even with ForgeRock. Palo Alto Networks likely didn’t want to be in the customer identity business, either. They do have a directory product, which is nice...but again, directory is not the way the identity market will be won. SailPoint just went public again and has had a successful return. They’re primarily an IGA company that has acquired its way into PAM, but is nowhere near the depth of CyberArk there. They don’t do SSO yet, either. Great company, not as great of a strategic fit for Palo Alto Networks. There is a long tail of smaller companies in the identity market with varying shapes and sizes of a product portfolio. Some have eight and nine figures of revenue: – Saviynt – RSA Security – SecureAuth – 1Password – Keeper – Veza – StrongDM – ...dozens more Palo Alto Networks was playing an entirely different game here. The plan wasn’t to do value acquisitions of different market leaders in multiple identity segments and slowly grow an identity business. The quest to win against both hyperscalers and large competitors like CrowdStrike needed a transformative deal.

Large banks spend Billions on technology. 90% of banks want to buy from Tech and Fintech companies, yet nearly half of all signed contracts failed to Go Live. How do we fix this? 👇 I’ve been selling to large banks for 10 years and worked for a bank helping startups get deals internally for 5 years. Here are the most important lessons I learned when selling to banks (or any large enterprise). 🧠🧠🧠 1️⃣ Why would you want to sell to an incumbent? They sign long contracts (5+ years) for large sums. They’re less worried about price and more worried about performance. Their complex tech stack and being highly regulated means they need A) Every certification B) Detailed policies and procedures C) Massive throughput / low latency 🧠🧠🧠 2️⃣ Understand their world A) Their tech stack is hard to change with 1000s of systems. Adding anything new is complex. B) A meeting isn’t a deal. You might meet “Head of X” but from that to signed deal usually takes years. C) Relationships matter. Understand their world, their pressures and stay patient and you can capture the opportunity. 🧠🧠🧠 3️⃣ They have a complicated buying process A) Innovation teams have PoC budgets. You can get $50k or $100k to prove your product could work but still have low odds of success long term B) Becoming an “approved supplier” is hard. Countless forms, processes and sign-offs are needed, not obvious which at outset 🧠🧠🧠 4️⃣ Their buying is designed for big, not small A) The incumbent has no downside for going slower in a negotiation for a startup that can cost survival. Manage with advocates and senior buy in. B) Don’t assume integration will be easy for them. 81% of banks struggle to integrate with a tech company because the bank lacks experience with APIs. 🧠🧠🧠 5️⃣ The gatekeepers matter. A) Legacy providers are already in and likely have a competing product. Sometimes good > great if it can be operationalized B) Consultants run the show. They recommend vendors for RFIs / RFPs and manage integration. C) Other Fintech companies can be frenemies. RFPs look for “comprehensive solutions,” but sometimes that comes from a partnership not one co. 🧠🧠🧠 6️⃣ Set yourself up for success A) Document your processes, and get your certification in order. B) Sell to the “awake at night” pain point like new regulations C) Find partners who care about your success like legacy providers or consultants 🧠🧠🧠 7️⃣ Closing thoughts There’s an old saying that “incumbents want to be first to be third.” They want innovation only if it's secure and robust enough for their scale. But don’t worry; there’s always one that will make a leap. Find your advocate; find someone who can get it done, and one will lead to many. 🧠🧠🧠 👉 If you enjoyed this, I hope you’ll subscribe to fintechbrainfood (link in bio) #fintech #fintechpartnerships #baas #partnerships

This is what happens when sales talks first and engineering talks later. If you want fewer broken promises and more closed deals that actually stick follow this exact flow: 📌 Step 1: Turn every customer request into a clear use-case Instead of asking engineering: “Can we build this feature?” Ask: “The customer wants to automate X to save Y hours - what’s realistically possible today?” Engineers think in systems, not sales language. 📌 Step 2: Get a fast feasibility check (15–30 minutes max) Before any pitch: Share with engineering: * Customer goal * Expected outcome * Deadline Ask for: ✅ Can do now ⚠️ Can do with work ❌ Not possible Document it. 📌 Step 3: Pitch only what got a green or yellow light Green → sell confidently Yellow → sell with conditions Red → don’t sell If it’s yellow, say: “We can reach this result in phases, not instantly.” This keeps excitement without lying. 📌 Step 4: Lock scope in writing after the call Send a quick recap: “Here’s what we agreed is possible in phase one…” This protects: * Sales credibility * Engineering bandwidth * Customer trust 📌 Step 5: Create a weekly sales-engineering sync (30 mins) Agenda: * New deals in pipeline * Risky promises * Technical blockers This one meeting prevents 80% of post-sale chaos. 📌 Step 6: Track one metric 👉 % of deals delivered without scope change If it’s low → sales is overselling If it’s high → alignment is working That's it!

Alcon just walked away from its $430M Lensar acquisition. The FTC blocked it. The stated reason: combining the two biggest players in femtosecond laser-assisted cataract surgery would end a price war that was already benefiting surgeons and patients. That's the regulator's read. Here's the operator's read. When you're 12 months into a regulatory review and you still don't have a clear path to close, the deal math changes. Alcon's CEO said the delay and costs "rendered the transaction unattractive." That's not spin. That's honest deal calculus. This is also the second terminated deal for Alcon in two months. The STAAR Surgical deal fell apart in January on shareholder vote. Two deals, two different failure modes, same company. There's a lesson in that pattern; regulatory exposure and stakeholder alignment aren't diligence footnotes. They're go/no-go inputs that need to be stress-tested before you sign, not managed after you announce. Lensar keeps the $10M deposit. Alcon moves on. And the FLACS market stays competitive. Sometimes the best outcome for operators is the one where you stop before it costs you more than the deposit. https://lnkd.in/eq3AZG8f

Coming from someone who has worked on live M&A projects, I’ve seen why most deals fail to deliver what’s promised. A Boston Consulting Group (BCG) Report says nearly 70–90% of mergers don’t achieve expected synergies. The numbers look perfect on Excel, but execution tells another story. → The biggest reason is the cultural mismatch. Two companies merge balance sheets but not mindsets. When teams can’t align on how to work or decide, integration stalls. → Another is overestimated synergies. Cost savings and growth assumptions often look great in models but rarely play out in reality. → Finally, poor integration planning. Months go into valuation, but little time is spent on how the combined company will actually operate. → A classic example is AOL-Time Warner, a $160 billion merger that collapsed due to culture and strategy clashes. In M&A, signing the deal is easy. The real work begins after. Financial models can predict returns, but they can’t measure chemistry. P.S.: Can you think of any Mergers which failed recently?

Met Yat Siu recently. Brief, straightforward insight rather than hype. Animoca Brands is in the process of going public on Nasdaq via a proposed reverse merger with Nasdaq-listed CURRENC Group Inc. (Nasdaq: CURR), targeting a closing in 2026. Under the current term sheet, Animoca shareholders would own ~95% of the combined entity and the merged company is expected to operate under the Animoca Brands name once completed. This structure allows Animoca to access U.S. public markets without a traditional IPO, leveraging CurrenC’s existing listing while avoiding the time-intensive regulatory and underwriting process. From a structural perspective, the proposed merger has three key implications 1. Public Market Access: Animoca regains a U.S. listing after being delisted from the ASX in 2020, providing broader capital access. 2. Shareholder Control: The deal is designed so existing Animoca shareholders retain dominant equity (~95%), preserving valuation leverage. 3. Diversified Exposure: The combined entity is positioned as a public digital asset conglomerate spanning gaming, DeFi, AI, RWA tokenization, and infrastructure, rather than a single product company. One practical detail Yat mentioned in passing (not a quote, but observable in how he works), his calendar is built around execution and coordination, not appearances, meeting partners, capital allocators, regulators, and ecosystem operators across regions. That operational discipline matters in deals of this complexity. For anyone tracking crypto capital formation and structural evolution, this isn’t about FOMO, it’s about how a blockchain investment vehicle intersects with public markets infrastructure

Coinbase has reportedly agreed to acquire crypto derivatives platform Deribit in a deal valued at approximately $2.9 billion. The agreement, which includes a mix of cash and Coinbase stock, would mark the largest acquisition in the company’s history. According to the Wall Street Journal, negotiations have reached the final stages following months of discussions. Coinbase aims to cement its position in crypto derivatives, a fast-expanding sector responsible for the majority of daily global crypto trading volumes. Deribit processed about $1.2 trillion in total volume during 2024. Deribit’s Dubai-based entity holds a full license from the Virtual Assets Regulatory Authority (VARA), obtained in late 2024 after migrating operations from Panama. The license grants the company legal standing to offer crypto derivatives trading to institutional and qualified investors. Any acquisition would require regulatory approval to transfer the license to Coinbase, adding complexity to the transaction. Coinbase has steadily expanded into derivatives over the past three years. After acquiring FairX to offer CFTC-regulated futures products in the United States, it launched Coinbase International Exchange to enable perpetual futures trading outside its domestic market. Buying Deribit would fast-track efforts to scale its global derivatives footprint, which still lags offshore rivals. https://lnkd.in/eiW5aBE3

Palo Alto Networks acquisition of CyberArk is a lot of money changing hands and the acquisition makes sense, even if from an engineering perspective it's not exciting. It's a good way to buy into a market due to the size, customer count, and reputation. I wouldn't call the CyberArk product experience a delight; however, PAN needs someone with a mature product that works across a lot of use cases and teams. Cyberark is one of the only providers that can completely cover enterprise identity use cases from browser access to SSH, with details like sophisticated certificate management along the way. I would expect additional PAM acquisitions in the medium term to try and shore up a true "identity platform" that offers some of the more modern workflows on both the JIT cloud access and secure browser sides. While CyberArk supports both of these workflows on paper, they really need to be more useable. Either way, it seems like PAN really is trying to make the Google or Microsoft of security companies, having product offerings covering most of the gambit, and I think it can work.

Over the course of my career I’ve acquired 10 startups. Here’s what I’ve learned 1. Most acquisitions fail This might sound strange coming from someone who’s done it ten times, but acquiring a company is usually a bad idea. Not because of bad strategy or flawed products, but because of what happens after the deal: integration. You’re taking two teams that barely know each other and expecting them to merge cultures, workflows, and goals. It’s speed dating that ends in marriage, and we all know how that usually goes. If you’re not obsessively thinking about integration from day one, you’re setting yourself up to fail. 2. Write your own acquisition playbook, and keep rewriting At Fiverr, every time we’ve made an acquisition, we’ve refined our internal “playbook.” It starts well before any deal is on the table: identifying potential targets, opening conversations and building trust over time. We don’t sit around waiting for the perfect opportunity to fall into our lap. Instead, we proactively map out companies that interest us and start a dialogue, not always with the intention to buy, but often just to get to know great founders and build meaningful relationships. That groundwork makes a huge difference if and when the timing is right. 3. Never acquire based on short-term opportunity Every acquisition must make long-term strategic sense. It has to align with our mission and deliver real acceleration. You can clone almost any product. What you can’t clone is product–market fit and the people who made it happen. A great acquisition brings you both and gives you a serious competitive edge. 4. People matter more than anything This part is non-negotiable. In tech, human capital is everything. You’re not just acquiring IP, you’re betting on the team that made it work. We look for founders and teams who share our belief in democratizing talent and opportunity. People who want to empower creatives, builders, and entrepreneurs, just like we do. Because from the moment the deal is done, Fiverr belongs to them as much as they belong to Fiverr. If they don’t connect with our reason for existing, nothing else matters. 5. Skin in the game drives alignment Equity is the most valuable thing a public company can offer, more than cash, because it represents belief in future upside. Some avoid using equity in acquisitions for exactly that reason. I take the opposite view. Most deals tie founders to short-term targets: hit your KPIs in two or three years, then cash out. But when someone joins Fiverr, they’re not just running their old business under a new logo. They’re part of the company now, and their incentives should reflect that, not just success in their unit, but success for Fiverr as a whole. Shared skin in the game builds real alignment and a stronger company over time. When you get these right, When you truly believe that 1+1 can equal way more than 2, M&A becomes one of the most powerful tools for inorganic growth.