Less than one week away from RSA Conference 2020, Dell has agreed to sell RSA Security for more than $2 billion.
On Tuesday, a consortium of investors led by Symphony Technology Group (STG) agreed to acquire RSA in an all-cash transaction for $2.075 billion. The consortium includes Ontario Teachers' Pension Plan Board and AlpInvest Partners. The deal includes the purchase of products such as RSA NetWitness Platform and RSA SecurID, as well as RSA Conference, the world's largest infosec event.
RSA Security, an identity and access management vendor, was acquired by the storage giant EMC in 2006 for just under $2.1 billion in cash. The acquisition was intended to help customers manage access to data. At the time, much of RSA's success was credited to its popular portfolio of SecurID multifactor authentication and its BSafe line of encryption and privacy products. RSA joined Dell with the acquisition of EMC in 2015.
Now, RSA will switch hands to STG, a private equity firm headquartered in Palo Alto, Calif. STG's portfolio includes several companies in data analytics and e-commerce software, but prior to the acquisition of RSA, the firm's presence in cybersecurity was limited to cyber risk vendor RedSeal.
"This is the right long-term strategy for Dell, RSA and our collective customers and partners," said Jeff Clarke, COO and vice chairman of Dell Technologies, in a press statement. "The transaction will further simplify our business and product portfolio. It also allows Dell Technologies to focus on our strategy to build automated and intelligent security into infrastructure, platforms and devices to keep data safe, protected and resilient."
The Wall Street Journal first reported the impending acquisition on Monday night.
RSA President Rohit Ghai said the acquisition is the right move for the company's future.
"In determining the best way to support our customers' digital journeys, we sought a partner that was enthusiastic about RSA's mission; committed to our customer and partner base; and interested in unleashing the power of our talent, experience, and tremendous growth potential," Ghai said in a blog post. "Symphony Technology Group (STG) fully supports our vision, and with a more independent configuration, we expect to be in an even better position to accelerate innovation, ensure customer success with our portfolio of on-prem and cloud solutions, and expand opportunities for our partner ecosystem."
The transaction is expected to close in the next six to nine months.
Eric Parizo, senior analyst at Omdia (formerly Ovum), said the closing price for RSA was somewhat surprising since EMC acquired the vendor for roughly the same amount more than a decade ago. That reflected a "brutal reality" that RSA gained no value over the last 13 years under EMC and Dell.
"There have been a variety of factors regarding the valuation. One is that the combination of technologies it has developed -- GRC, anti-fraud, identity and threat defense -- simply don't complement each other very well. Few enterprises are looking to buy all of these technologies together," Parizo said via email. "The other big one is that RSA has been out-innovated by competitors. SecurID and its other IAM technologies are perceived as outdated when compared to upstart competitors like Ping, Okta, and Duo [since purchased by Cisco], while its Archer GRC portfolio has been slow to adapt to the cloud in a segment where SaaS-based applications are becoming table-stakes."
Steve Brasen, managing research director at Enterprise Management Associates, said the acquisition will be a positive for RSA. "I think Dell has been fishing around for a buyer for quite some time. I don't think they ever had a plan for RSA. They acquired it as part of EMC and it makes sense for them to regain some capital by selling," he said.
Brasen added that RSA still has a strong position in the IAM market and is poised to capitalize on opportunities around intelligence-based multifactor authentication. "Sixty-five percent of companies that have already adopted an identity and management platform are planning to change their platform within the next year," he said. "We are seeing a vast migration from legacy two-factor authentication to more advanced multifactor and it's happening this year and RSA is right in the middle of that. Looking at their position in the marketplace, I think it's promising and spinning off from Dell will create market opportunities for them."