01 Introduction to Managed Security Services 04

02 Managed Security Services Landscape 07

03 Trends 26

04 Transactions & Valuations Overview 34

2 Growth momentum in segments such as Threat Intelligence, The global Managed Security Services (MSS) market size was $15 billion in Global Segmental Research, Detection and Remediation (TIRDR) and Regulatory 2018, and is projected to grow to $23 billion by 2021 at a Landscape Forecast Compliance Management (RCM) is expected to drive future compound annual growth rate (CAGR) of 15% growth of the MSS market

M&A activity is primarily targeted at horizontal Security Asset Management and Monitoring acquisitions to either acquire/expand technical Transactions Segmental (SAMM), the largest revenue contributor at capabilities/portfolio of offerings, or enhance Revenue 50%, is expected to grow slower than the geographical presence overall MSS market

The financial services and government Vertical sectors remain the top two revenue Key inhibitors to the growth of MSS include the Growth contributors to the global MSS market, lack of threat visibility and clarity on assessment of Breakup with the manufacturing sector growing return on investment Inhibitors quickly due to digital transformation

Key factors influencing the growing adoption of MSS globally include Growth increasing attack surface, sophistication of threat actors, economies Drivers of scale, and stringent regulations

3 Introduction To Managed Security Services

4 Defining Managed Security Services Benefits Of Managed Security Services

Global Footprint Access to an MSSP’s global, round-the-clock SOCs for state-of- the-art security tools and intelligence IT or Services outsourced to a service provider Cost Efficiencies Access to a team of seasoned security experts at a fraction of the cost of building in-house

Market-Leading Technologies Managed Advanced monitoring, analysis, and investigation of threats to Round-the-clock remote management or ensure best-in-class defense and operational optimization Security Services monitoring of IT security functions Rapid Incident Response Continuous and unmatched enterprise security incident handling through the use of state-of-the-art digital forensics

SIEM1 & Log Management Insights Using SIEM systems to collect logs and other security-related Delivered largely via remote security operations documentation for analysis on a single platform centers (SOCs) Security Asset Management Relief MSSPs have a holistic view of the required security environment, Impact On Businesses and expertise in integrating the latest security technologies » Building and maintaining teams of people, established processes, and office locations in-house is increasingly expensive and time- Monitoring of Advanced Threat Sophisticated security technologies and the latest threat consuming intelligence provides proactive monitoring and threat detection » While businesses benefit from MSSPs’ predictable outcome-based pricing and reduced exposure to operational risk, the benefits extend beyond cost reduction Risk & Compliance Management Staying up-to-date with the constantly evolving regulatory » Businesses are able to transform business critical processes, and take advantage of new, scalable innovative technology and framework to ensure that assets are well protected expertise from this long-term, tightly integrated partnership

5 Source: Avendus Research, Gartner, IDC | SIEM1 = Security Information & Event Management Key Notes

» Risks arising from specific threats and threat actors have increased

MSS solutions both in terms of absolute number and impact move to the Advanced » Analytics and cloud capabilities are non-negotiable components of analytics endpoint DDoS1 solutions security services today, while the use of predictive analytics and mitigation become a key differentiator Enhanced becomes a public cloud will be non-negotiable in the future threat key industry detection and driver » Industry expertise has moved beyond understanding of vertical- Increased remediation demand for capabilities specific regulatory requirements and threats Growth in compliance managed services » Scarcity of talent has increasingly complicated the security landscape Hosted SIEM and log Need for demand management combined emerging, but services – slower than both security expected solutions and management services

2009 2011 2015 2020 Managed Security Service Technology Roadmap, Global, 2009-2020

6 Source: Frost & Sullivan, HfS | DDoS1 = Distributed Denial of Service Managed Security Services Landscape

7 Segments Of Managed Security Services Types Of Managed Security Services

» Asset maintenance and upgrades ADVANCED SERVICES Advanced » Security assets policy management Security Asset Detection & » Event correlation, analysis, and Monitoring and security alert notification Analytics Management Threat » Customer premises equipment (CPE) Managed Techniques (SAMM) Intelligence and hosted services » Compliance audits and reporting File Integrity Web Application (system segmentation) Monitoring Risk and » Vulnerability assessments and Identity Access Scanning Compliance scanning, partner program Management Management management, and compliance Web Application (RCM) support Patch Managed SIEM Firewalls » Research and forensics of threat Management actors and vulnerabilities » Threat detection, analysis, and Network Access Managed Managed Threat 1 prediction of breaches Control UTM 4 Intelligence, Research, DDoS SOC » Proactive attack remediation and Managed Log Managed Endpoint – incident abatement Detection and Prevention Remediation (TIRDR) Monitoring / Antivirus, Managed Management Firewalls, etc. » Detection of DDoS attacks and means to prevent Managed Content Security » Removal of malicious traffic through Managed SVM3 Managed IDPS2 Distributed dedicated scrubbing centers or a Denial of Service hybrid of on-premise equipment and 8 (DDoS) cloud-based services » Identity and Access Management COMPLEMENTARY CORE SERVICES » Managed mobile endpoint security SERVICES » Managed Data Loss Prevention (DLP) Advanced Forensics » Other next-generation managed and Emerging Breach Compliance security services Managed Security Incident Response Management Services Architecture & Design Assessment

8 Source: Frost & Sullivan, IDC | UTM1 = Unified Threat Management, IDPS2 = Intrusion Detection & Prevention System, SVM3 = Storage Virtual Machine; SOC4 = Security Operations Center 1 Sub-Segments Of Managed Security Services Vendors

» Real-time analysis of security alerts generated by SIEM1 and applications and network MDR2 hardware » Threat hunting and immediate responses to breaches » Measures taken to improve the security of an application – often by Application finding, fixing, and preventing security Security vulnerabilities

» Protection of databases from threats and vulnerabilities associated with interconnected Database » Recovery of data in the event Security & of a breach or disaster to the DRaaS5 database » A program that provides protection for companies' messaging infrastructure Messaging » Programs include IP reputation-based anti-spam, pattern-based anti-spam, » Helps define strategy, & Email Security identify threats, deploy administrator defined block/allow technologies and ensure lists, mail antivirus, zero-hour operational readiness detection and email » This includes penetration intrusion prevention SECURITY SECURITY ASSET MONITORING MANAGEMENT AND (SAMM) testing, risk assessments, Security vulnerability assessments, Consulting PCI DSS3, GDPR4, and & Services forensic analysis

SIEM1 = Security Information & Event Management; MDR2 = Managed Detection & Response; PCI DSS3 = Payment Card Industry Data Security Standard; GDPR4 = General Data Protection Regulations; DRaaS5 = Disaster Recovery-as-a-Service 9 Source: Avendus Research, CapIQ 2 Sub-Segments Of Managed Security Services Vendors

» Company-wide visibility of hazards, risks and risk Risk assessments Assessment & » This allows enterprises to spot trends earlier, and to Visibility implement corrective and preventative actions quicker » Identify and manage risk/compliance Digital Risk exposure to cybersecurity threats and Management third party vendors – both in terms of vulnerability and data privacy

» Simulations are conducted in a manner similar to how an attacker would attempt a Vulnerability breach Assessment & » To discover points of Pen Testing exploitation and test the IT system’s breach security » Comprises of a comprehensive, outside-in view of a company's overall Security cybersecurity posture » Continuous monitoring across risk Rating & Risk factors including endpoints, RISK RISK COMPLIANCE AND MANAGEMENT (RCM) Analysis applications, firewalls among others » Ensures that knowledge and training is up-to-date » Includes the protection of Security both the physical and Awareness & informational assets of an Training organization

10 Source: Avendus Research, CapIQ 3 Sub-Segments Of Managed Security Services Vendors

» Monitoring and analysis of computer network traffic to NGFW1, gather information, legal Network Analysis & evidence, or detect intrusions Forensics

» Evidence-based knowledge, including Threat context, mechanisms, indicators, Intelligence implications, and action-oriented advice about an existing or emerging threat to assets » Detecting and preventing

TIRDR fraudulent transactions – when a merchant account is Fraud & used without the intention of Transaction operating a legitimate Security business transaction

» Model where the of a computing environment is Software implemented, controlled, and Defined managed by security software Networking (SDN)

4 » A set of techniques/tools to DDoS mitigate the impact of distributed Protection DDoS attacks on networks attached !

DDoS to the internet by protecting the target and relay networks

11 Source: Avendus Research, CapIQ | NGFW = Next Generation 5 Sub-Segments Of Managed Security Services Vendors

» Security solutions that defend against sophisticated Advanced malware or hacking-based Threat Protection attacks that target sensitive data & Cloud Security

» Solutions to identify, authenticate, and Identity Access authorize individuals utilizing IT Management resources (IAM) » This also includes the hardware and applications that employees need to » Protecting the corporate access network when accessed via remote devices such as End Point laptops or other wireless and Security mobile devices » Each device with a remote connection to the network creates a potential entry point for security threats » Detects potential data breaches/data ex-filtration transmissions Data Encryption, » Prevention by monitoring, detecting, Privacy & Loss and blocking sensitive data while in- Protection use, in-motion, and at-rest » Processes, resources and solutions that prevent, detect

ADVANCED AND EMERGING EMERGING AND ADVANCED SECURITY MANAGED SERVICES and respond to cyber attacks and privacy/security Security incidents – including security Operations & analytics, incident response, Incident and applicable threat Response intelligence

12 Source: Avendus Research, CapIQ MSSPs

STRATEGY, RISK AND THREAT RISK AND THREAT INCIDENT DETECTION REMEDIATION ARCHITECTURE AND AND PREVENTION MONITORING AND REPORTING 5% 95% INFRASTRUCTURE

» Security posture needs » Threat intelligence » Ongoing monitoring of » Reporting and analysis » Recommendations and 1 assessment and VARs , Direct » Application and systems and logs, of detected incidents / actions to address 2 3 execution SIs , ISPs Sales infrastructure testing including updates threats threats and incidents » Application and for security issues based on changing » Support for board level » Recommendations for infrastructure security » Process changes to security needs discussions of detected ways to enhance future implementation / embedded security in » Analytics for trends, incidents responses integration business operations patterns and behaviors » Support for board level security discussions End Users

SERVICE-ENABLING TECHNOLOGIES

Digitization & Robotic Automation | Analytics | Mobility | Social Media | Cognitive Computing | Artificial Intelligence

SECURITY TECHNOLOGIES AND PLATFORMS

Firewalls | Endpoint Protection | Network Monitoring | Intrusion Detection | Application Security | Device Security | Data Protection | Identity and Access Management | Mobile Security | Threat Intelligence | Predictive Analytics | Anti-virus | Log Management

13 Source: Avendus Research, HfS, Frost & Sullivan | VARs1 – Value Added Resellers; SIs2 – System Integrators; ISPs3 – Internet Service Providers SLAs vary according to different service packages offered by MSSPs, and are broadly defined by parameters such as average response time to security events and average response` time to service failures Higher guaranteed service parameters lead to in higher contract values

Service Level Agreements Customers’ geographical footprint — be it global, regional, or local — and the corresponding requirements regarding (SLAs) regulatory compliance and the possibility of off-shoring affect the annual contract size

Complexity of Degree of Several MSSPs reported that organizations requiring particular procedures to collect, store, and manage log data (such IT Involvement as to comply with a local regulation) often yield higher contract values Infrastructures

Other factors such as the length of subscription service and integration with other services—managed, professional/technical security, or system integration—affect annual contract size

Annual contract sizes range from hundreds of thousands of Contracts with longer time spans often have lower annual contract value – on average, 3-year contracts are preferred, but the length of the contract can vary from 1 to 10 years Integration dollars to several million dollars of Other Delivery Managed Mode Services One-time set-up fees are often included in the annual contract – either calculated per site or per device

Integration with other services, and greater volumes of monitored/managed devices often result in price discounts

Geographic Contract Length Coverage Average annual value of an MSS contract is ~$280,000

14 Source: Avendus Research, Frost & Sullivan Global Forecasted MSS Revenue ($ Bn) 2018-21 2018 Revenue Breakdown by Vertical

$23 $20 4% 22% $18 4% 21% Financial Services $15 4% 21% Latin America 4% 20% 48% $15 Bn Government 36% 20% Pacific Manufacturing 36% 16% 37% Europe, Middle East and Others* 38%

39% 39% 14% 39% 39%

2018 2019E 2020E 2021E 2018 Revenue Breakdown by Client Type Key Notes » The global MSS market is expected to grow at a CAGR of 15% from 2018 to 2021 » Organizations are experiencing a growing complexity when protecting their infrastructure from targeted attacks, driving 27% consistent adoption of managed security services across regions » Compliance with regulatory requirements is an important driver, particularly in EU and NA $15 Bn Enterprise » Another critical market driver is the increase in cyber attacks, making organizations vulnerable to sudden loss of revenue SMB and reputation

» Revenue from Small and Medium Sized Business (SMB) customers is expected to increase due to higher adoption rates 73% and subsequent cost reductions experienced

15 Source: Frost & Sullivan | *Others = Admin, Agriculture, Construction, Education, Management, Real Estate, Retail, Trade, Transportation, and Utilities

Global Breaches & Incidents By Sector Global Breaches & Incidents By Pattern The increasing complexity and frequency of attacks are due to well funded and Healthcare technologically sophisticated threat actors 536 Web Applications 414 Others 446 Miscellaneous Errors 327 Accomodation 338 Point of Sale 324 Public 304 Others 308 Advanced Persistent Threats (APTs) and Zero- Financial 146 day attacks are growing in frequency Privilege Misuse 276 Professional 132 Cyber-Espionage 171 Information 109 Lost and Stolen Assets 145 Education 101 Enterprises lack a full view of the threat Manufacturing Crimeware 140 landscape and knowledge of security 71 Payment Card Skimmers 111 intelligence to sufficiently detect and prevent Entertainment 33 Breaches Breaches these attacks in a timely manner Public 22,788 Denial of Service 21,409 Others 19,208 Privilege Misuse 10,611 Investments in security appliances and Entertainment 7,188 Crimeware 8,846 software highlight the need for technical Information 1,040 Web Applications 4,850 services around these investments to manage effectively Healthcare 750 Lost and Stolen Assets 3,930 Financial 598 Miscellaneous Errors 2,106 Professional 540 Others 736 Enterprises often lack access to cross- Manufacturing 536 Cyber-Espionage 347 industry and cross-border security Point of Sale intelligence needed for effective threat Accomodation 368 330 Education 292 Payment Card Skimmers 143 visibility Incidents Incidents

Year 2015 2016 2017 2018 Average cost of a data breach in 2018 was ~$3.5Mn No. of data breaches in the US 780 1,030 1,632 1,244

17 Source: Identity Theft Research Center (ITRC) End of Year Data Breach Report 2018, Verizon: 2018 Data Breach Investigations Report Key Notes Security Operations Challenges Faced By Organizations Factors Responsible For Switch From In-House To MSS » Organizations continue to struggle with security skills gap – more than half of Cybersecurity Skills Shortage In-House 55% Lack Of Internal Security Personnel / Expertise 47% enterprises identified a shortage of in- house cybersecurity skills as the biggest Lack of Security Coverage Moving to 24x7 Security Coverage 44% 42% security operations challenge Cost Savings 42% Speed Of Incident Response Issues 32% » Almost 80% of the organizations allocate 25% or less of their security budgets to Cost And Complexity Of Building In-House Breach Protection 33% 32% Team managed security – this trend is changing Speed Of Response To Incidents 32% quickly with the increase in sophistication Lack Of Detection And Response Capabilities 30% of attacks and the ever-evolving threat Lack Of Security Domain Expertise In-house 30% landscape No Visibility Into Overall Security Posture 30% Meeting Regulatory Compliance Mandates 26% » Only 36% of organizations are confident of their in-house security team’s ability to Percentage of Organisations Struggling With The Specific Factors Percentage Of Organizations Driven To MSS For maintain the right security skills and competencies Confidence With In-House Security Prioritization Of Security Capabilities » The remaining 64% are somewhat confident that in-house security Rapid Identification & Remediation Of 77% Attacks operations are able to keep up with the Not At All Confident 12% 9% continuously evolving threats landscape 24x7 Monitoring & Analysis 75% and keep the operations of the firm well Not Confident defended 23% Security Posture Reports To Identify Somewhat Confident 24% 67% » More than half of organizations will Vulnerabilities & Risks increase their budget for managed Confident security by an average of 14% over the Security Policy & Controls Management 56% next 12 months Extremely Confident 32% Ensuring Regulatory Compliance 45%

Percentage Of Organizations Driven To MSS Because Of The Following Factors Percentage Of Organizations Driven To MSS For

18 Source: AlienVault, CyberSecurity Insiders » The General Data Protection Regulation (GDPR) is designed to enhance the protection of individuals residing in the EU, as well as address the export of “personal data” outside the EU » It applies to all organizations doing business in the EU, and any organization outside the EU handling EU citizens’ personal data » The definition of “personal data” includes genetic, mental, cultural, economic, social identity and online identifiers (IP addresses, cookies)

The GDPR went into effect on 25th Penalties: 4% of revenue or €20 Mn Users may request a copy of personal To demonstrate enforcement of Controllers must comply with breach May 2018 (whichever is greater) data in a portable format customer consent for personal data notification windows collection GDPR Requirements To satisfy customer data portability ImplementContinued adequate technical growth and of Privacy risk impact assessments will Appointment of a data protection officer (DPO) will be mandatory for support, and enable the right to be organizational measurescompliance to protect be required where privacy risks are companies processing high volumes of personal data forgotten and erased from records persons’ data and systems high regulations

In June 2018, California’s state legislature unanimously passed a new data privacy bill instituting stringent regulations that are entirely new to the United States. This bill set a significant precedent in the US, following CCPA GDPR’s activation in May 2018, and during a time when data privacy continues to be heavily discussed in the media and with lawmakers. The bill will become operative on January 1, 2020, and affects organizations that serve or employ California residents Scarcity of qualified General Datainformation Protection security Regulations (GDPR) California Consumer Privacy Act (CCPA) professionals Scope EU personal data processed California resident’s personal data collected Right To Access Right to access all EU personal data processed Right to access California personal data collected in last 21 months Right To Portability Must export and import certain EU personal data in a user-friendly format All access requests must be exported in user-friendly format but there are no import norms Right To Correction Right to correct errors in EU personal data processed Not included in CCPA Growing number of Right To Stop Processing Right to withdraw consent or otherwise stop processing EU personal data environments and Right to opt-out of selling personal data only; must include opt-out link on website Right To Stop Auto Decision-making Right to require human to make decisions that have a legal effect devices to protect Not included in CCPA

Right To Stop Third-Party Transfer Right to withdraw consent for data transfers involving second purposes of categories of data Right to opt-out of selling personal data to third parties

Right To Erasure Right to erase EU personal data, under certain conditions Right to erase personal data collected, under certain conditions Right To Equal Services And Price At most, implicitly required Explicitly required Private Right Of Action Damages No floor or ceiling Floor of $100 and ceiling at $750 per customer per incident Regulator Enforcement Penalties Ceiling of 4% of global annual revenues No ceiling – $7,500 per intentional violation, $2,500 per negligent violation

19 Source: Avendus Research, EuGDPR.org, CAPrivacy.org Key Notes Cost Implications Of Security Challenges Faced While Outsourcing Security Services

Cost Issues 37% » Enterprises need to balance the need for Security Monitoring 24x7x365 980 310 Efficiency Issues 21% qualified experts with minimizing the (In-House) Lack of Integration 18% associated costs to fit within the allotted Agility Issues 17% security budget – managed security Security Monitoring 24x7x365 Performance Issues 16% services that drive cost-efficiencies in 540 300 addition to their primary roles are (Managed Service) Availability & Business Continuity Issues 15% favored Security Posture Issues 15% » The average MSS contract size is Annual Investment ($'000/year) Annual Cost Not Avoided ($'000/year) Percentage of Organizations approximately $280,000, compared to the upwards of $980,000 investment into MSSPs generates savings of approximately 35% for large enterprises Buyers are apprehensive of MSS largely due to over in-house implementations every year associated recurring costs internal set-ups – presenting a significant cost advantage for enterprises to make Expected Savings From Outsourcing Security Services Average Annual Contract Size the switch

45%

27%

15% 7%

6% USD$280,000 Percentage Percentage of Organizations <10% 10-25% 26-50% 51-75% >75% Savings 20 Source: Aberdeen, Alien Vault, Cybersecurity Insiders, Frost & Sullivan | Annual Cost Not Avoided = Average Number of Security-related Incidents experienced in the last 12 months * Average total cost per incident Key Notes 5-Year CAGRs Of Top Industries Spending On IoT Artificial » The US connected car market is predicted 100% Intelligence (2017-2022) to reach $514B, and add-on sales of IoT 90% devices for vehicles are predicted to grow Consumer 19% Augmented 2030 to $18B in 2021 Blockchain Insurance 80% Reality 18% 2017 » Spending on IoT Endpoint Security solutions will grow to $631M in 2021, at Healthcare Provider 17% 70% a CAGR of 21% Government 16% 60% » As a result, worldwide IoT security spend is expected to increase to $3B in 2021, at Contruction 15% 50% IoT to reach tipping point of 18-20% in 2019 a CAGR of 28% Others 12%

40% » By 2023, the average CIO will be Rate of Adoptionof Rate responsible for managing more than 30% 1,200 Mn 473 Mn devices three times the number of endpoints devices in 2018 in 2018 20% Internet of Things compared to 2018 – new business Augmented Reality models and respective revenue streams 10% will lead to a new wave of supporting IoT Blockchain Artificial Intelligence networks and sensor devices 0% Technology » Businesses, governments, and consumers 473 Mn 65 Mn are projected to invest nearly $1.6 trillion IoT drives devices devices in RISE OF IOT DEVICES 2018 2030E to install IoT solutions up to 2020 2018 convergence of in 2018 verticals Total IoT units installed base (Bn) 11 125 » Software and application development are predicted to be the majority of Consumer devices (Bn) 7 75 investments, giving rise to the demand Consumer devices as % of total devices 63% 60% for MSSPs to manage activity Connected devices per person 2 15 441 Mn devices in 125 Mn devices 2018 in 2018 World population (Bn) 7.7 8.5 IoT adoption rate 18% 176%

21 Source: Gartner, DBS Bank, Ericsson Mobility Report, IDC Worldwide IoT Spending Report | Note: IoT spending for 14 technologies across 20 vertical industries in nine regions and 53 countries through 100 use cases Top Managed Security Challenges Faced By MSSPs

Many enterprises still do not believe that they are vulnerable to an attack, thereby are slow to 64% adopt – surveys show that while awareness is on the rise, many still do not have full visibility and High cost of the solutions appreciation of the threat landscape and its potential impact on operations 62%

61% Lack of interest from customers 50% There is an inherent difficulty in showing the exact return on investment from hiring an MSSP, with the benefits clear only when the enterprise has been the subject of a target attack 60% Lack of security experts for hire 58%

58% The average MSS contract value is $280,000, out of reach for most small and medium sized Low margin from security services businesses, although there is a rising trend in MSSPs focused on SMBs – offering both flexible and 46% acceptable price points to encourage adoption 54% Difficulties with remote deployment and management 51% Data center locations matter to enterprises when choosing services providers, and given that not 53% all MSSPs can afford to have multiple cross border data centers, it poses a major hindrance to the Lack of integration with RMM* tools adoption plans 44%

47% No apparent value in providing managed security 35% Outsourcing of these security services often relies on internal IT teams’ qualified opinions, and initial resistance comes from the instinct of self preservation MSSPs with SMB Clients MSSPs with Enterprise Clients

MSSPs, serving both SMB and Enterprise level clients, identified that the cost of cybersecurity solutions available on the market is the number one challenge faced

22 Source: Avendus Research, Frost & Sullivan, MSP Benchmarking Research 2017 by Kaspersky | RMM* = Remote Monitoring & Management

Gartner Magic Quadrant 2019 Forrester Wave 2019

CHALLENGERS LEADERS Challengers Contenders Strong performers Leaders

Offering

Stronger Current Offering

ABILITIY ABILITIY EXECUTE TO NICHE PLAYERS VISIONARIES Weaker CurrentWeaker COMPLETENESS OF VISION Weaker Strategy Stronger Strategy Market Presence

Source: Gartner – Included vendors with a threshold revenue of $50 Mn in 2018, besides geographic presence, devices managed and clients served 24 Forrester – Included vendors with more than 120 incident responses and 20 tabletop exercises in the last 12 months and evaluated them against 11 criteria grouped into three categories of Current Offerings, Strategy and Market Presence Others Others 60% IBM 7%

Verizon 7%

BT Global Services 5%

AT&T 4% Atos SE 3%

HP 3% Dell SecureWorks 3% Symantec 3% Orange Business Services 3% Telefonica 2%

25 Source: Frost & Sullivan | Note: Base year is 2017; Market share by revenue Industry Trends

26 Advanced and Skilled Next Gen SPs2 Move To Provide Beyond Move to provide threat detection and response capabilities, beyond Managed Devices the traditional on-premise equipment solutions Big Data Analytics, Iterative & Incident Hybrid SP Response AI, Cognitive TISS, Movement to providing cloud security and working with cloud Threat Investments In The Cloud Services, providers, creating better visibility for hybrid IT environments MSS 2.0 Automated Co-Managed / NextGen: Response, Outsourced SIEM; Analyze, Develop Automate Security MSSP Leveraging emerging technologies such as AI/ML, big data analytics, Predict Plans, Emerging Technologies Investigate, threat intelligence, and advanced automation platforms Analyze & Pursue, Prevent Threat Hunting SIEMSIE 5

Monitor & Alert Visibility Visibility and Understanding Simplifying The Customer Enhancing the customer relationship, unifying platforms, and creating Experience new pricing models

FW3, IDs4, Logs Detection

Protect / Compliance Continued investments in educational initiatives and retention of Acquire & Retain Talent Tier 1 Tier 2- 3 Analysts employees to provide expertise as a core differentiator

Hosted-/ Simple CPE1-based Security Team and Skill Set Cloud-Based

27 Source: IDC, Frost & Sullivan | CPE1 = Customer Premise Equipment; SP2 = Service Provider; FW3 = Firewalls; ID4 = Incident Detection; SIEM5 = Security Information and Event Management Worldwide Forecast of MSS Revenue 2018-21 ($ Bn) Key Notes North America (USA and Canada) Europe, Middle East and Africa

» All four regional markets are expected to $9 experience double digit growth $8 $8 » APAC is expected to grow the fastest at a $7 $7 $7 CAGR of 17.7%, and North America is $6 $6 expected to grow the second fastest at a CAGR of 16% » Total MSS revenue in NA is expected to exceed that of EMEA in 2018 to form the largest component of global MSS

2018 2019E 2020E 2021E 2018 2019E 2020E 2021E

Asia Pacific1 Latin America2

$5 $0.9 $4 $0.8 $4 $0.7 $3 $0.6

2018 2019E 2020E 2021E 2018 2019E 2020E 2021E

Source: Frost & Sullivan | 1Asia Pacific: India, China, Taiwan, Hong Kong, Japan, ASEAN, Australia and NZ; 2Latin America: Brazil, 28 Caribbean and Central America, Mexico, and Andean Region 01 02 North America Europe, Middle East & Africa (USA & Canada) (EMEA)

The North American MSS market is projected to increase at The MSS market in EMEA has grown at a double-digit YoY rate since 2015. The financial services and government double-digit rates for the next 3 years. Market demand is driven sectors remain the top 2 industries in EMEA’s MSS market in terms of revenue. Europe’s manufacturing sector will by the increasing volume, diversity, and sophistication of cyber likely contribute a significant portion of overall MSS growth, due to increased digital transformation leading to greater threats aimed at a broadening exposure footprint. This is MSS demand. The top 3 countries for MSS in terms of revenue are the United Kingdom, Germany, and France. compounded by outdated security practices, plus challenges of in- house staffing and adaptation. 03 Asia Pacific (APAC) – India, China, Taiwan, Hong Kong, Japan, 05 ASEAN, Australia & NZ Latin America (Brazil, Caribbean and Central America, The APAC MSS market crossed revenue of $3 Mexico, the Southern Cone, and the Andean Region) billion in 2018 – with Japan (31%), and Australia and New Zealand (24%) holding the largest The Latin American MSS market size was $619 million in 2018, and is expected grow at a market shares. South Korea remained the 5th CAGR of 15% to $935 million by 2021, at a CAGR of 15%. Brazil is the largest at 39%, largest MSS market with growth rate of 10%. followed by Mexico at 21%. In Latin America, security asset management and monitoring holds the largest share of the market at 71%, followed by threat intelligence, research, CPE-based services held the largest revenue at detection, and remediation with 18%. 04 70% while hosted security services (HSS) contributed the rest. Growth is set to continue India due to the increasing adoption of cloud services and the shift from capex to opex-centric The RCM and AEM markets in India were valued at $33 million and $16 million respectively in 2017. The latter is expected to grow faster given the budgeting. higher uptake of managed identity and access management (IAM), managed endpoint security, and managed data loss prevention. 29 Source: Frost & Sullivan Key Notes Revenue Forecast ($ Bn), 2018-21 Distribution Channel Analysis » Government contractors are MSSPs increasingly pivoting into the commercial segment and strategically adding to their MSS portfolios $9 $8 » Consulting firms are also expanding $7 their MSS portfolios $6 » Communication service providers continue to leverage their strategic Channel Direct Sales Web Partners network locations and 90% 1% 9% vendor/technology agnosticism as a means to deliver reliable built-in, always-on security 2018 2019E 2020E 2021E » On technology trends, the most significant is the escalating development and use of advanced analytics to Others transform the ever-growing data lakes End Users of cybersecurity telemetry into actionable intelligence and move clients from a reactive/victim state to an Market Share, NA 2017 proactive/anticipatory state » Automation and unification will also be Secureworks, 14% growing technology waves as client IT Others, 41% Verizon, 10% environments continue down the AT&T, 10% dispersion pathway (i.e., hybrid IT) and attention grows on the cyber risks and Trustwave, 6% their bearing on business risk in Internet IBM, 5% of Things (IoT) and Operational CenturyLink, 5% Technology (OT) Alert Logic, 4% Symantec, 5%

30 Source: Frost & Sullivan Revenue Forecast ($ Bn) and Geographical Breakup (%), 2018-2021 Revenue Share by Verticals, EMEA 2018 Key Notes Others, 15% $8 Financial » 19% of the market share is Services, 24% $7 9% held by the top 3 companies 4% Middle East & Africa $7 9% Utilities, 6% » Average contract period for $6 9% 4% Central Eastern Europe 4% 33% MSS is 3.3 years 9% Rest of Europe $6 Bn Technology, Media 4% 33% » Average renewal rate is 90% 33% Benelux & Entertainment, 33% 8% » Average product 10% 8% 8% 12% France Government, 12% development time is 9 15% 8% 12% 12% Germany months 17% 17% 17% 17% UK » The top 3 countries for MSS Healthcare, 14% 17% 17% 17% 17% in terms of revenue are the Manufacturing, 15% UK, Germany and France 2018 2019E 2020E 2021E Revenue Forecast by Delivery Mode, EMEA 2018-2021 Market Share, EMEA 2017 Others 2018 2021E BT, 8% Orange, 7%

IBM, 5%

Others, 57% HP Enterprise, 40% 44% 5% $6 Bn $8 Bn 60% 56% Atos, 5%

Telefonica, 5%

T-Systems, 5%

Cloud-based SAMM CPE Hosted SAMM Verizon, 4%

31 Source: Frost & Sullivan Revenue Forecast of MSSPs in India ($ Mn), 2018-2022 Revenue Share by Verticals, 2018

$699 10% 16% $548 9% Others $437 16% Government 41% $357 15% Healthcare $298 Mn 9% $298 SMBs Large Enterprises 15% IT/ITeS 14% 84% 84% Manufacuring 85% 85% 86% BFSI 24% 7%

2018 2019E 2020E 2021E 2022E

Key Notes » The MSS market in India is projected to grow from $298 mn in CY2018, to $699 mn by the end of CY2022, growing at a CAGR of 24% » Growth drivers would largely be: scarcity of in-house expertise and human talent, evolving regulatory and compliance requirements, increased awareness of reputational risks and revenue losses associated with sensitive data breaches, and increasing complexity of targeted attacks » On the vulnerability scale, government and banking, financial services, and insurance (BFSI) have faced the most number of cyber attacks in the recent past » Mega campaigns such as Smart Cities Initiative, Digital India, and Make In India are likely to drive MSS growth in the country; technological trends like virtualization, Bring Your Own Device (BYOD), cloud, and Big Data are likely to be the differentiators » BFSI and IT/IT-enabled services (ITeS) are the strongest adopters of MSS in India; expectations are high from the healthcare sector » Large enterprises contribute to 86% of the overall market revenue » Within the MSS market, security asset monitoring and management (SAMM) has the highest market share at 65%, followed by threat intelligence, research, detection, and remediation (TIRDR) at 16%, risk and compliance management (RCM) at 13%, and advanced and emerging MSS (AEM) at 6%

32 Source: Frost & Sullivan Society for Market Share, 2018 Worldwide Cross-site DDoS Interbank Financial Scripting Reliance TCL IBM Telecommunication Others Communications 3% 4% HP (SWIFT) Attacks 1% Malware 4% TCS Phishing/ Man-in-the- 4% Spear middle (MTM) Ransomware Phishing Attacks Others Wipro 47% 12%

Non- HCL signature- Trojan 11% Virus Non- based Advanced signature- Attacks DDoS Paladion based 5% Attacks Dimension data Tech Mahindra 3% CSC Zero-Day 4%

Target Attacks 2% Type Type Attacks of Spyware Non- Signature Key Notes Based Signature- Attacks PoS Attack Based Attacks » The Indian MSS market is highly segmented, with several types of service providers contributing to the market – this includes SIs1, TSPs2, and OEM3 vendors Advanced » Wipro is the current market leader, with 12% of the market share – Wipro uses Persistent Interception Botnet standardized tools, automation, processes, platform, and framework to reduce errors Threat of Payments and increase efficiency within the threat detection and remediation process (APT) » HCL stands second, with 11% of the market share but has decided to limit its focus on the India market due to lower margin vis-à-vis markets overseas Until 2013 2015 2016 2017 Onwards » In recent quarters, Symantec has increased focus on the India market – opening the largest Symantec SOC in Chennai to work closely with Indian customers Shift from Signature-based to Non-signature-based Cyber Attacks

33 Source: Frost & Sullivan | SI1 = System Integrators; TSP2 = Traditional Service Provider; OEM3 = Original Equipment Manufacturer Valuation & Transactions Overview

34 Valuation Comparables Football-field Analysis – EBITDA Multiple 40.2x

20.6x 18.4x 17.7x 15.0x 13.8x 15.6x 12.9x 12.9x

8.9x 6.6x 6.7x 4.7x 4.1x Trading Comparables Trading Comparables Trading Comparables Trading Comparables Trading Comparables Transaction Comparables Transaction Comparables (Indian Large IT Services) (Global Large IT Services) (Indian Mid IT Services) (US Mid IT Services) (Pure-play Security Players) (Strategic Transactions) (PE Transactions)

VALUATION COMPARABLES SUMMARY TABLE EV / REVENUE (LTM) EV / EBITDA(LTM) Lower Bound Upper Bound Median Lower Bound Upper Bound Median

Trading Comparables (Indian Large IT Services) 1.6x 4.9x 2.2x 8.9x 18.4x 10.8x Trading Comparables (Global Large IT Services) 1.0x 2.9x 1.8x 4.7x 17.7x 10.5x

Trading Comparables (Indian Mid IT Services) 1.1x 2.6x 2.0x 6.6x 13.8x 12.0x

Trading Comparables (US Mid IT Services) 0.3x 2.5x 1.3x 4.1x 20.6x 12.5x Trading Comparables (Pure-play Security Players) 3.5x 36.6x 7.1x 15.6x 42.3x 15.6x Transaction Comparables (Strategic Transactions) 0.8x 19.9x 2.1x 12.9x 12.9x 12.9x Transaction Comparables (PE Transactions) 1.3x 1.3x 1.3x 6.7x 15.0x 10.9x

35 Source: CapIQ, Merger Markets INDIAN LARGE IT SERVICES LTM Operating Metrics Trading Multiples Company HQ Market Cap Revenue EV / Rev EV / EBITDA P/E EV ($ Mn) EBIT ($ Mn) EBITDA ($ Mn) Gross Margin EBIT Margin EBITDA Margin ($ Mn) ($ Mn) LTM NTM LTM NTM LTM NTM TCS Mumbai 112,569 107,457 21,817 5,527 5,829 45.0% 25.3% 26.7% 4.9x 4.6x 18.4x 17.2x 24.0x 23.0x Infosys Bengaluru 49,101 46,665 12,099 2,670 2,959 32.8% 22.1% 24.5% 3.9x 3.6x 15.8x 14.6x 22.2x 20.4x Wipro Bengaluru 23,481 18,992 8,607 1,504 1,752 29.9% 17.5% 20.4% 2.2x 2.1x 10.8x 10.9x 17.5x 17.2x HCL Noida 20,060 19,258 8,632 1,683 1,990 35.0% 19.5% 23.1% 2.2x 1.9x 9.7x 8.3x 13.9x 12.8x Tech Mahindra Pune 8,872 7,971 5,014 756 900 36.1% 15.1% 17.9% 1.6x 1.5x 8.9x 8.1x 14.3x 13.2x Median 3.0x 2.7x 12.7x 11.8x 18.4x 17.4x Mean 2.2x 2.1x 10.8x 10.9x 17.5x 17.2x

GLOBAL LARGE IT SERVICES LTM Operating Metrics Trading Multiples Company HQ Market Cap Revenue EV / Rev EV / EBITDA P/E EV ($ Mn) EBIT ($ Mn) EBITDA ($ Mn) Gross Margin EBIT Margin EBITDA Margin ($ Mn) ($ Mn) LTM NTM LTM NTM LTM NTM IBM USA 132,668 164,830 77,858 11,678 16,668 46.9% 15.0% 21.4% 2.1x 2.1x 9.9x 8.7x 15.2x 10.8x Accenture Ireland 124,128 119,785 41,244 6,187 6,786 31.7% 15.0% 16.5% 2.9x 2.6x 17.7x 15.7x 26.5x 25.0x Cognizant USA 37,533 35,476 16,323 2,683 3,183 38.7% 16.4% 19.5% 2.2x 2.1x 11.1x 10.6x 18.6x 16.6x CGI Canada 21,251 22,500 8,808 1,319 1,494 30.4% 15.0% 17.0% 2.6x 2.3x 15.1x 12.7x 23.4x 20.4x DXC Technology USA 15,089 19,925 20,753 2,463 4,228 28.0% 11.9% 20.4% 1.0x 1.0x 4.7x 4.4x 12.0x 6.9x Capgemini France 20,816 22,331 15,110 1,585 1,930 27.1% 10.5% 12.8% 1.5x 1.4x 11.6x 9.4x 24.9x 16.5x NTT DATA Japan 18,295 21,880 19,526 1,333 2,759 25.2% 6.8% 14.1% 1.1x 1.1x 7.9x 7.5x 21.7x NA Atos France 9,260 14,759 14,035 1,238 1,878 15.3% 8.8% 13.4% 1.1x 1.1x 7.9x 8.1x 12.8x 8.9x Median 1.8x 1.7x 10.7x 9.6x 19.4x 15.0x Mean 1.8x 1.7x 10.5x 9.1x 20.1x 16.5x

36 Source: CapIQ, figures as of July 18th, 2019 INDIAN MID IT SERVICES LTM Operating Metrics Trading Multiples Company HQ Market Cap Revenue EV / Rev EV / EBITDA P/E EV ($ Mn) EBIT ($ Mn) EBITDA ($ Mn) Gross Margin EBIT Margin EBITDA Margin ($ Mn) ($ Mn) LTM NTM LTM NTM LTM NTM L&T Mumbai 3,972 3,716 1,417 253 270 23.4% 17.9% 19.0% 2.6x NA 13.8x NA 18.1x NA Mphasis Bengaluru 2,529 2,358 1,116 180 187 44.4% 16.1% 16.8% 2.1x 1.9x 12.6x 10.7x 16.3x 14.7x Mindtree Mumbai 1,650 1,547 1,046 119 146 30.5% 11.4% 14.0% 1.5x 1.4x 10.6x 9.7x 16.5x 15.6x Hexaware Mumbai 1,562 1,438 702 100 108 23.2% 14.3% 15.4% 2.0x 1.7x 13.3x 11.0x 18.4x 16.3x NIIT Gurugram 1,205 1,051 531 76 88 40.6% 14.2% 16.6% 2.0x 1.7x 12.0x 9.8x 20.7x 17.3x Zensar Pune 794 788 572 60 71 25.0% 10.4% 12.4% 1.4x 1.2x 11.1x 9.0x 17.5x 14.8x Persistent Pune 676 527 486 62 80 32.0% 12.7% 16.4% 1.1x 1.0x 6.6x 5.9x 13.3x 11.9x Median 1.8x 1.5x 11.4x 9.3x 17.3x 15.1x Mean 2.0x 1.5x 12.0x 9.7x 17.5x 15.2x

US MID IT SERVICES LTM Operating Metrics Trading Multiples Company HQ Market Cap Revenue EV / Rev EV / EBITDA P/E EV ($ Mn) EBIT ($ Mn) EBITDA ($ Mn) Gross Margin EBIT Margin EBITDA Margin ($ Mn) ($ Mn) LTM NTM LTM NTM LTM NTM Virtusa Westborough 1,340 1,614 1,248 70 97 29.1% 5.6% 7.8% 1.3x 1.2x 16.6x 12.0x 83.0x 14.8x Perficient St Louis 1,168 1,283 511 42 62 36.1% 8.1% 12.2% 2.5x 2.3x 20.6x 14.2x 43.8x 18.7x Presidio New York 1,145 2,056 3,047 129 220 20.4% 4.2% 7.2% 0.7x 0.7x 9.3x 8.8x 28.7x 8.3x Unisys Blue Bell 518 875 2,812 174 212 23.5% 6.2% 7.5% 0.3x 0.3x 4.1x 1.8x 33.4x 2.5x Hackett Group Miami 496 501 261 36 40 37.9% 13.7% 15.4% 1.9x 1.8x 12.5x 9.8x 21.0x 14.1x Median 1.3x 1.2x 12.6x 9.3x 42.0x 11.7x Mean 1.3x 1.2x 12.5x 9.8x 33.4x 14.1x

37 Source: CapIQ, figures as of July 18th, 2019 LTM Operating Metrics Trading Multiples

Company HQ Market Cap Revenue EBIT EBITDA EV / Rev EV / EBITDA P/E EV ($ Mn) Gross Margin EBIT Margin EBITDA Margin ($ Mn) ($ Mn) ($ Mn) ($ Mn) LTM NTM LTM NTM LTM NTM

Verisign USA $25,601 $26,141 $1,222 $782 $830 84.5% 64.0% 67.9% 21.4x 21.0x 31.5x 29.1x 41.9x 40.7x

Palo Alto USA $21,336 $19,861 $2,752 $6 $146 71.8% 0.2% 5.3% 7.2x 6.0x NM 23.0x NM 35.7x

Check Point Israel $17,794 $16,035 $1,936 $906 $924 89.5% 46.8% 47.7% 8.3x 8.0x 17.4x 15.7x 21.9x 18.9x

Okta USA $15,827 $15,701 $441 ($142) ($139) 71.8% (32.2%) (31.6%) 35.6x 26.9x NM NM NM NM

Fortinet USA $14,762 $13,000 $1,875 $249 $307 75.1% 13.3% 16.4% 6.9x 6.0x 42.3x 22.8x 42.3x 37.6x

Symantec USA $14,218 $16,627 $4,731 $621 $1,000 77.8% 13.1% 21.1% 3.5x 3.5x 16.6x 8.1x NM 13.0x

Zscaler USA $10,352 $9,999 $273 ($24) ($15) 80.3% (8.7%) (5.6%) 36.6x 27.0x NM NM NM NM

Cyberark USA $5,273 $4,806 $367 $57 $68 86.2% 15.6% 18.5% 13.1x 11.1x NM 43.1x NM 64.3x

Avast Czech Republic $4,108 $5,207 $808 $249 $333 70.2% 30.8% 41.2% 6.4x 6.0x 15.6x 10.9x 17.0x 13.4x

FireEye USA $3,249 $3,183 $842 ($181) ($105) 67.2% (21.5%) (12.5%) 3.8x 3.5x NM 21.5x NM 70.0x

Rapid7 USA $3,046 $2,993 $263 ($45) ($33) 71.7% (17.3%) (12.7%) 11.4x 9.0x NM NM NM NM

MimeCast UK $3,013 $2,978 $340 $1 $31 73.3% 0.2% 9.0% 8.7x 7.1x NM 41.8x NM NM

Varonis USA $2,070 $1,963 $273 ($36) ($31) 89.3% (13.0%) (11.3%) 7.2x 7.0x NM NM NM NM

SailPoint USA $1,853 $1,810 $261 $8 $19 78.2% 3.0% 7.4% 6.9x 6.3x NM NM NM NM

CarbonBlack USA $1,327 $1,193 $220 ($77) ($70) 77.9% (35.1%) (31.7%) 5.4x 4.7x NM NM NM NM

Median 7.9x 6.8x 15.6x 29.3x 17.0x 49.2x

Mean 7.1x 6.7x 15.6x 31.6x 17.0x 64.3x

38 Source: CapIQ, figures as of July 18th, 2019 | A limiting range of 0-50x and 0-75x for EV/EBITDA and P/E respectively, has been used for normality | NM = Not Mentioned BUYER TARGET COUNTRY TARGET DESCRIPTION DEAL RATIONALE

Provider of cyber security services to the private Corsica Technologies through EDTS will now offer 24x7x365 security monitoring, threat prevention, assessments, incident May-19 sector and government agencies response, and consulting services as well as increase their footprint to include 7 additional locations in the Southeast

Provider of cybersecurity services for enterprises The acquisition worth $576 Mn will enable Orange to strengthen its position in the European cybersecurity industry. The May-19 using cloud-based solutions combined entity will explore synergies and provide complex security services needed by its customers globally

Operates an automation and collaboration platforms Palo Alto is a provider of network security solutions and applications to enterprises, service providers and government for security operations centers that provides Feb-19 entities and has acquired Demisto for $560 Mn to expand its incident response portfolio automated incident response workflows

Carbonite has acquired Webroot for $618 Mn in line with its growth strategy to enhance its stronghold in the data Provider of cloud-based internet threat detection protection market by adding Webroot’s MSP channel to its Value-Added-Reseller channel, thereby increasing its overall Feb-19 solutions for consumers, businesses, and enterprises service offerings to include the endpoint backup and recovery services

Provider of cybersecurity consultancy and solutions Ensign InfoSecurity has co-acquired Accel for $88 Mn to optimize their operations, accelerate both of their growth rates Sep-18 and advance its overall expertise across Asia

Provider of managed services for ADT has acquired Secure Design in line with its strategy to extend its security solutions to protect small business, Aug-18 micro, small, and mid-sized businesses networks and the critical data. It will help ADT to provide real time services to internet risks and behaviors. It will also help Secure Designs to expand its business into other region of the country

The acquisition worth $950 Mn will enable Cisco customers to easily and securely connect users to any application on any Aug-18 Provider of mobile security technology networked device. It will extend Cisco’s intent-based networking into multi-cloud environments and also expand its endpoint visibility coverage

The acquisition worth $184 Mn will enhance L3’s abilities, increase its responsiveness and augment its position as a Jul-18 Provider of information security consultancy services leading C6ISR (Command, Control, Communications, Computers, Cyber-Defense and Combat Systems, and Intelligence, Surveillance and Reconnaissance) service provider.

ATA’s technology will provide competitive differentiation to Critical Start in the MSSP/MDR services market. The Provider of managed security solutions to Mar-18 combination of Critical Start’s CyberSOC team and ATA’s platform is expected to create synergies. It will also provide a organizations white label offering for value added resellers and managed service providers wanting to offer differentiated solutions to their clients

39 Source: CapIQ, Merger Market, Avendus Research INVESTOR COMPANY COUNTRY TV1 (MN) TARGET DESCRIPTION

Dec-18 $182 Engaged in providing network security products and services to governments and businesses

Nov-18 $950 Provider of a cloud-based application security platform

Sep-18 $17 Provider of cloud computing, disaster recovery, colocation and other IT services

Sep-18 $75 Managed and maintenance services provider for traditional, IP and converged voice and data networks

Sep-18 $295 Engaged in providing online privacy and security solutions for Internet users, advertisers, and publishers

Jun-18 $200 Provider of Software-as-a Service (SaaS) based next-generation endpoint protection platform

Jun-18 $120 Provider of endpoint protection solutions with artificial intelligence

Nov-17 $1,351 Provider of security, application delivery and data protection solutions

Aug-17 $100 Provider of managed security solutions to help guard the intellectual property and infrastructure of enterprises

40 Source: CapIQ, Merger Market, Avendus Research | TV1 = Transaction Value Deal Value Date Target HQ Target Description Bidder EV/Revenue EV/EBITDA (Mn)

May-19 DeliverySlip USA Provider of email encryption, e-signatures and secure file sharing solutions Zix Corporation $14 NA NA

May-19 SecureLink NV Netherland Provider of cybersecurity services for enterprises using cloud-based solutions Orange SA $576 2.1x NA

May-19 Meta Networks Israel Provider cloud native networking and security solutions for enterprises Proofpoint $120 NA NA

Apr-19 Cognigo Israel Provider of cybersecurity services for enterprises using cloud-based solutions NetApp $60 NA NA

Apr-19 Hyundai IT South Korea Provider of information technology system integration and outsourcing services Lotte Data $47 1.2x 12.9x

Feb-19 nCipher UK Provider of cryptographic IT security solutions Entrust Datacard $397 3.5x NA

Owns and operates an automation and collaboration platforms for security operations centers that provides Feb-19 Demisto Israel Palo Alto $560 NA NA automated incident response workflows

Feb-19 Webroot USA Provider of cloud-based internet threat detection solutions for consumers, businesses, and enterprises Carbonite $619 2.9x NA

Jan-19 DHA Group USA Provider of mobility, cybersecurity, cloud, and IT services ECS Federal $46 0.9x NA

Dec-18 Sandz Singapore Engaged in the provision of IT infrastructure solutions and managed IT services Kronologi Asia Berhad $18 0.8x NA

Dec-18 4Degrees Colocation Canada Engaged in operating data centers Vantage Data Centers $193 NA NA

Prosegur Compania de Dec-18 CIPHER USA Supplier of security information systems NA NA NA Seguridad

Dec-18 Danal USA Provider of software for mobile identity and authentication solutions Boku $101 19.9x NA

Dec-18 G2 USA Provides solutions to collect, target, store, analyze, and defend digital information Huntington Ingalls NA NA NA

Nov-18 Vidder USA Provides solutions to enable cloud and virtualized VPN security Verizon NA NA NA

Nov-18 SecurityMatters BV Netherland Cyber Resilience company focused on ICS/SCADA network resilience ForeScout $113 NA NA

41 Source: CapIQ, Merger Market Deal Value Date Target HQ Target Description Bidder EV/Revenue EV/EBITDA (Mn)

Nov-18 BlueLine USA Provider of consulting, staffing, and managed services ThreeBridge NA NA NA

Nov-18 Spear USA Provider of IT solutions, cybersecurity, and data analytics services CALIBRE Systems NA NA NA

Engaged in developing application security solutions that help businesses identify the risks hidden inside mobile Nov-18 Appthority USA Symantec NA NA NA applications

Nov-18 Javelin USA Provides cyber security services Symantec NA NA NA

Oct-18 tCell.io USA Provider of web application threat defense and monitoring services Rapid7 $14 NA NA

Oct-18 Hivint Australia Engaged in cybersecurity consultancy services Singtel Optus $17 NA NA

Oct-18 CorreLog USA Provider of real-time security management software and solutions BMC Software NA NA NA

GRM Information Engaged in providing management services, data protection and recovery services, and information destruction Oct-18 China Iron Mountain $34 NA NA Management services

Oct-18 Beijing BIH Tech China Engaged in providing IDC, cloud computing, and internet access solutions. Hangzhou Dacheng $19 NA NA

Sep-18 Accel Systems Singapore Provider of cybersecurity consultancy and solutions Ensign InfoSecurity $203 NA NA

Aug-18 Secure Designs USA Provider of managed Internet security services for micro, small, and mid-sized businesses The ADT $1,400 NA NA

Aug-18 Cal Net USA Provider of outsourced information technology, cloud, security, and unified communications solutions Nexus NA NA NA

Aug-18 Beijing Ruian Tech China Provider of information security product and big data service Addsino $212 NA NA

Aug-18 Duo Security USA Provider of mobile security technology Cisco $950 NA NA

Dependable Global Jul-18 USA Engaged in providing cyber security, intelligence services, and mission assurance services Integrity Applications NA NA NA Solutions Provider of zero trust security solutions which helps to improve overall security posture, eliminates static credentials, Jul-18 ScaleFT USA Okta NA NA NA device to resource visibility, improves personal security practices, and protects information

42 Source: CapIQ, Merger Market Deal Value Date Target HQ Target Description Bidder EV/Revenue EV/EBITDA (Mn)

Jul-18 Linchpin Australia Provider of information security consultancy services L3 Technologies $184 NA NA

Jul-18 Ataata USA Provider of cyber security training and awareness platform Mimecast $25 NA NA

Jun-18 Elastic Beam USA Offers artificial intelligence-based cyber security solutions Ping Identity NA NA NA

Jun-18 Icebrg USA Provider of cybersecurity services Gigamon $100 NA NA

Jun-18 Carvir USA Provider of cybersecurity and general IT services Continuum NA NA NA

Jun-18 Mi3 USA Engaged in providing security and anti-virus software for mobile applications Zimperium NA NA NA

Jun-18 Leidos USA Provides cybersecurity services Capgemini SA NA NA NA

Jun-18 Bradford USA Provider of network security solutions that minimize the risk and impact of cyber threats Fortinet $17 NA NA

May-18 Lumeta USA Developer of network intelligence and security software FireMon NA NA NA

May-18 Red Sky USA Provider of cybersecurity solutions in IT security services Presidio $41 NA NA

May-18 Sage Data USA Provider of information security services Tyler Technologies $12 NA NA

Apr-18 Fortscale USA Provides customers with new user and entity behavioral analytics RSA NA NA NA

Mar-18 Secure Thingz UK Provider of advanced security solutions for embedded systems in the Internet of Things (IoT) IAR Systems Group AB $27 NA NA

Advanced Threat Mar-18 USA Provider of managed security solutions to organizations Critical Start NA NA NA Analytics

Mar-18 Bluelock USA Provider of Disaster Recovery-as-a-Service (DRaaS) and cloud hosting solutions InterVision Systems NA NA NA

Mar-18 Evident.io USA Engaged in providing cloud security services Palo Alto $293 NA NA

43 Source: CapIQ, Merger Market Deal Value Date Target HQ Target Description Bidder EV/Revenue EV/EBITDA (Mn)

Feb-18 Phantom Cyber USA Provider of cyber security services Splunk $304 NA NA

Feb-18 Zenedge USA Engaged in developing web application security and distributed denial of service protection platform as a service Oracle $30 NA NA

Feb-18 Skyport USA Developer of Hyper-Secured Infrastructure that ensures the security of mission-critical IT and corporate assets Cisco NA NA NA

Feb-18 ThreatTrack USA Develops and delivers cyber security solutions that expose, analyze, and eliminate malicious threats j2 Global NA NA NA

Feb-18 Online Tech USA Provider of secure, compliant hybrid cloud, colocation, disaster recovery and data protection service Schurz NA NA NA

Feb-18 Lieberman USA Cyber security software company BeyondTrust NA NA NA

Jan-18 Sqrrl Data USA Provides a big data analytic tool for detecting, investigating, and visualizing advanced cybersecurity threats Amazon NA NA NA

Provides managed wireless infrastructure solutions, security and support across the hospitality, retail, restaurant, Jan-18 Aware USA SageNet NA NA NA grocery, enterprise, healthcare and education industries

Jan-18 PhishLine USA Provider of software for social engineering simulation and training and enterprise level security Barracuda $25 NA NA

Median 2.1x 12.9x

Mean 4.5x 12.9x

44 Source: CapIQ, Merger Market Deal Value Date Target HQ Target Description Bidder EV/Revenue EV/EBITDA (Mn) Corporacion Financiera Apr-19 Verisure Sweden Provider of security service and solutions for residential and commercial markets $625 NA NA Alba SA

Feb-19 Cogeco Peer 1 Canada Provider of various IT services like co-location, network connectivity, managed hosting, cloud, and managed services Digital Colony $546 NA NA

Feb-19 ShiftLeft USA Cybersecurity company Thomvest $20 NA NA

Dec-18 RegEd USA Provider of compliance software and solutions for financial services firms Gryphon NA NA NA

Dec-18 4iQ USA Identity-focused cyber intelligence company Benhamou $18 NA NA

Dec-18 360 Enterprise China Engaged in providing network security products and services to governments and businesses Alphax $182 NA NA

Nov-18 Venafi USA Cybersecurity company that develops software to secure and protect cryptographic keys and digital certificates Technology Crossover $100 NA NA

Nov-18 Raptor USA Developer of security software solutions JMI Equity NA NA NA

Nov-18 TRG Screen USA Provider of enterprise subscription management software Pamlico NA NA NA

Nov-18 Veracode USA Provider of a cloud-based application security platform Thoma Bravo $950 NA NA

Oct-18 Sygnia Israel Cyber technology company provide consulting and incident response support services Temasek $250 NA NA

Sep-18 AnchorFree USA Engaged in providing online privacy and security solutions for Internet users, advertisers, and publishers Accel $295 NA NA

Sep-18 Conapto AB Sweden Provider of cloud computing, disaster recovery, colocation and other IT services Segulah $17 1.3x 6.7x

Aug-18 Tyto Athene USA Managed and maintenance services provider for traditional, IP and converged voice and data networks Arlington $75 NA NA

Aug-18 SecurView USA Cybersecurity solutions provider RAG-Stiftung NA NA NA

Jul-18 Quantum Xchange USA Encryption security services company New Technology $10 NA NA

45 Source: CapIQ, Merger Market Deal Value Date Target HQ Target Description Bidder EV/Revenue EV/EBITDA (Mn)

Jul-18 CyberMDX USA Provider of medical cybersecurity solutions that delivers threat prevention for medical devices and clinical networks Pitango $10 NA NA

Jul-18 A-LIGN USA Provider of cybersecurity and compliance solutions FTV $55 NA NA

Jul-18 Centrify UK Provider of security and compliance solutions for on-site and cloud-based systems Thoma Bravo NA NA NA

Jul-18 Global Switch UK Provider of data center, data storage and disaster recovery services Strategic IDC $2,765 NA NA

Jun-18 CrowdStrike USA Provider of Software-as-a Service (SaaS) based next-generation endpoint protection platform General Atlantic $200 NA NA

Jun-18 Cylance USA Provider of endpoint protection solutions with artificial intelligence Blackstone $120 NA NA

Apr-18 Sayers USA Provider of data center infrastructure and enterprise security products and other IT solutions Mosaic $295 NA NA

Apr-18 SiteLock USA Website security solutions company ABRY NA NA NA

Feb-18 HelpSystems USA Provider of systems and network management, business intelligence, and security and compliance solutions H.I.G. $1,200 NA 15.0x

Skout Secure Feb-18 USA Provides cyber security services RSE $30 NA NA Intelligence

Jan-18 Aspect Security USA Cybersecurity consulting firm EY $11 NA NA

Jan-18 Cyberinc USA Identity and access management business of Cyberinc KPMG NA 1.3x NA

Median 1.3x 10.9x

Mean 1.3x 10.9x

46 Source: CapIQ, Merger Market Abbreviation Full term Abbreviation Full term

AEM Advanced and Emerging MSS MSSP Managed Security Service Provider

APAC Asia Pacific NA North America

APT Advanced Persistent Threats OEM Original Equipment Manager

BFSI Business, Financial Services, and Insurance OT Operational Technology

CCPA California Consumer Privacy Act PCI DSS3 Payment Card Industry Data Security Standard

CPE Common Platform of Enumeration RCM Risk and Compliance Management

DDoS Denial of service SAMM Software Asset Monitoring and Management

DRaaS Disaster Recovery-as-a-Service SI Security Intelligence

EMEA Europe, Middle East, and Africa SIEM Security Information and Event Management

GDPR4 General Data Protection Regulation SLA Service Level Agreement

IDPS Intrusion detection and prevention systems SMB Small and Medium Sized Businesses

IDS Intrusion detection system SOC Security Operations Center

IoT Internet of Things SVM Support Vector Machine

IP Internet Protocol TIRDR Threat Intelligence, Research, Detection, and Remediation

ITeS Information Technology enabled Services TISS Threat Intelligence Services Spending

MDR Managed Threat and Response TSP Total Services Provider

MSS Managed Security Service UTM Unified Threat Management

47 www.avendus.com 48 Mumbai New York London Delhi

IL&FS Financial Centre, C & D Avendus Capital Inc., 445 Park Avendus Capital (U.K.), Private 901-B, Time Tower, M.G.Road, Quadrant - 6th Floor Bandra-Kurla Avenue, 19th Floor, New York, Limited33, St James's Square, Gurgaon, Haryana – 122002 Complex, Bandra (East), Mumbai - NY 10022 London SW1Y 4JS 400 051

Bengaluru Kolkata Hyderabad Ahmedabad

The Millennia Tower, A - 10th Floor, PS Arcadia, 7th Floor, Unit 7B, 4A Office No. 180, Regus-Level 1, Office No. 180, Regus-Level 1, No 1 & 2, Murphy Road, Ulsoor Camac Street, Kolkata – 700016 Midtown, Road No 1, Banjara Hills, Midtown, Road No 1, Banjara Hills, Bangalore - 560 008 Hyderabad – 500034 Hyderabad – 500034

Copyright © 2018 Avendus. All rights reserved. Avendus Capital Private Limited : CIN : U99999MH1999PTC123358 | SEBI Registration no. : Merchant Banking - INM000011021 Avendus Wealth Management Private Limited : CIN : U67120MH2008PTC179931 | SEBI Registration no.: PMS - INP000005257 | RIA no: INA000006527 | SEC- USA : CRD No. 156771 Avendus Capital, Inc: FINRA-USA: CRD No. – 150160 | Avendus Capital(UK) Private Limited: FCA-UK: 493919 Authorised and regulated by the Financial Conduct Authority (FRN 493919) | Avezo Advisors Pvt. Ltd.: CIN: U74120MH2014PTC255373 | SEBI Registration No. Portfolio Manager - INP000004607 | Manager to SEBI registered Category -I Alternative Investment Fund - Zodius Technology Fund - IN/AIF1/14-15/0126 | Manager to SEBI registered Category III Alternative Investment Fund- Avendus India Opportunities Fund III - IN/AIF3/12-13/0033 Avendus Capital Public Markets Alternate Strategies LLP - LLP Identification no.- AAI-3806 | Investment Manager to SEBI Registered Category – III Alternative Investment Fund – Avendus Alternate India Fund - IN/AIF3/16-17/0304. |Manager to SEBI registered Category III Alternative Investment Fund- Avendus Equity Opportunities Fund – IN/AIF1/17-18/0360.

49 This document is being furnished to you by Avendus Capital Private Limited for itself and its affiliates strictly on a confidential basis. The document is for informational purposes only and should not be regarded as an offer to sell, or offer for subscription, or as a solicitation of an offer to buy the securities or other investments mentioned in it. This information profile has been provided to its recipient upon the express understanding that the information contained herein, or made available in connection with any further investigation, is strictly confidential and is intended for the exclusive use of its recipient and shall at all times be considered as proprietary and/or legally privileged. It shall not, either directly or indirectly, be photocopied, printed, reproduced and/or distributed to any third party in any manner at any time without prior written consent.

This document is neither a prospectus nor an invitation to subscribe to securities or other investments. Nothing in this document is intended to constitute legal, tax, securities or investment advice, or opinion regarding the appropriateness of any investment, or a solicitation for any product or service. The information herein is subject to change without notice. Avendus Capital Private Limited does not represent, either express or implied, that any information, including any third party information, is accurate or complete and it should not be relied upon without proper investigation on the part of the investor/s.

Neither Avendus Capital Private Limited nor its affiliates nor any of its officers or employees accept any liability whatsoever for any loss arising from any use of this document or its contents. The recipient of this document should rely on their own investigations and take their own professional advice. While we endeavor to update on a reasonable basis the information discussed in this material, there may be regulatory, compliance, or other reasons that prevent us from doing so. Any review, dissemination, distribution or copying of the information of this document or taking any action in reliance on the contents of this document by person(s) or entities other than intended recipient is strictly prohibited and unlawful.

Investments in securities/equity related instruments are subject to market risk. These risks could be security specific or market specific and arising from company, industry, political, economic (both domestic and global), etc, factors. Investor/s should carefully read all disclosure documents before investing and shall not make Avendus Capital Private Limited and/or its associates/employees liable for any risks/losses pertaining to any product/scheme offered by them from time to time.

Past performance does not indicate the future performance of any current or future fund or strategies advised or managed by Avendus Capital Private Limited or its affiliates.

Distribution of this document in some jurisdictions may be restricted or prohibited by law and regulation, and accordingly recipients of this document represent that they are able to receive it without contravention of any unfulfilled registration requirements or any other legal or regulatory restrictions. Recipients of this document in such jurisdiction should fully inform themselves about and observe all applicable legal or regulatory requirements and Avendus Capital Private Limited and its affiliates, directors, shareholders, managers, officers, employees, agents and advisors, do not accept any liability to any person in relation thereto.

For the purposes of distribution within the United Kingdom, this communication is exempt from the financial promotion restriction in Section 21 of the Financial Services and Markets Act, 2000 relating to the communication of an invitation or inducement to engage in investment activity on the grounds that it is made to those persons falling within the following Articles of the Financial Services and Markets Act 2000 (Financial Promotion)Order 2005, as amended: Article 19 (Investment Professionals) and Article 49 (High Net Worth Companies). Any investment to which this communication relates is only available to investment professionals and high net worth companies. If you have received this document erroneously, please immediately and permanently delete all copies from your system(s) and notify Avendus Capital Private Limited or any of its affiliates by telephone or email.

50