Incident & Breach Response , Privileged Access Management , Security Operations

SailPoint to Buy Privileged Access Vendor Osirium for $8.3M

M&A Will Help SailPoint Guard Privileged, Non-Privileged Identities on One Platform
SailPoint to Buy Privileged Access Vendor Osirium for $8.3M

SailPoint has agreed to purchase U.K.-based privileged access management vendor Osirium for $8.3 million to better protect privileged and non-privileged identities on a single platform.

See Also: Beyond MFA: The Trick to Securing Machine Identities

The Austin-based identity governance and administration vendor said the proposed acquisition will allow Reading, England-area Osirium to benefit from SailPoint's increased scale and enhanced sector and regional capabilities. As a stand-alone company, Osirium said, its balance sheet position and limited scale restricted its ability to address the identity security challenges that enterprises currently grapple with (see: Robust Identity Protection Isn't Just for Employees Anymore).

"Despite innovative and customer-recognized solutions, Osirium has been challenged in achieving the critical mass necessary to compete with the other large and well-established PAM vendors," Osirium Chair David Guyatt said in a statement. "The acquisition will provide the scale, recognition and resources that will enable the full potential of Osirium's world-class PAM, EPM and PPA solutions."

Osirium's Obstacles to Stand-Alone Growth

SailPoint agreed to buy Osirium for $2.99 per share, representing a 95.8% premium over the company's closing stock price Tuesday of $1.53 per share. Osirium's stock was up $1.27 - or 83.3% - Wednesday to $2.80 per share, which is the highest's the company stock has traded since March 22. The proposed transaction was announced midday Wednesday U.K. time.

Osirium, founded in 2008, conducted an initial public offering on the London Stock Exchange in April 2016 and has 170 customers primarily in the United Kingdom as well as 40 workers in sales, marketing, product engineering, professional services and product support. Osirium has just $280,000 in cash on hand and would need to raise more capital and implement cost savings measures by the end of 2023.

"Osirium has been challenged in achieving the critical mass necessary to compete."
– David Guyatt, chair, Osirium

The company has undertaken multiple rounds of restructuring in recent years, achieving $830,000 of cost savings in 2022 and $445,000 of cost savings thus far this year, according to a regulatory filing. The current market conditions and market capitalization of Osirium will adversely affect the firm's ability to raise new capital at sensible valuations and optimize growth over the midterm, according to directors.

"With the initiatives to improve gross margins, cost savings and the rate of pipeline conversion, Osirium could continue to grow and generate sustained returns," the company wrote in a regulatory filing. "[But] there are risks to, as well as uncertainty around, the timing and impact of these initiatives. … The Osirium directors recognize the benefits of scale when operating in a global competitive market."

SailPoint's Plan for Getting Osirium Back on Track

SailPoint believes Osirium can improve its operating margins and generate economies of scale as part of the identity governance powerhouse, which has more than 2,400 workers and 2,200 customers, including 48% of the Fortune 500. The company will look to reduce duplication of operating and back-office processes such as accounting, billing, client renewals and IT support after close (see: SailPoint Buys SecZetta to Safeguard Non-Employee Identities).

"This acquisition will bring Osirium's core capabilities into SailPoint's existing identity security platform, providing a compelling unified platform for securing privileges and non-privileges identities for our customers," SailPoint CEO Mark McClain said in a statement. "We look forward to completing the acquisition and working with the Osirium team."

The company will also consider rationalizing Osirium's client base and establishing a strategic approach to renewing or managing the expiration of existing customer agreements. SailPoint anticipates laying off up to 40% of Osirium's current employees in the year following close as a result of duplicative functions in the company's sales, marketing, customer success, finance, IT and human resources organizations.

SailPoint expects to migrate all remaining Osirium employees to the company's existing office in Woking, England within a year of close and either not renew or exit from Osirium's leased headquarters near Reading as soon as possible. The company doesn't anticipate any layoffs within Osirium's research and development function and will evaluate how to improve the firm's R&D performance within SailPoint.

"SailPoint has a track record of successfully making and integrating selective strategic acquisitions of businesses with complementary products and solutions," the company wrote in a regulatory filing Wednesday. "Osirium's strong technology proposition and traction with customers in attractive markets makes Osirium an excellent fit for the SailPoint identity security platform."

The Osirium deal is SailPoint's second acquisition since being taken private by private equity firm Thoma Bravo in August 2022 for $6.9 billion. It comes just seven months after SailPoint purchased Fall River, Massachusetts-based third-party identity risk startup SecZetta to give customers more visibility into employee, third-party contractor and temporary worker identities from a single platform.


About the Author

Michael Novinson

Michael Novinson

Managing Editor, Business, ISMG

Novinson is responsible for covering the vendor and technology landscape. Prior to joining ISMG, he spent four and a half years covering all the major cybersecurity vendors at CRN, with a focus on their programs and offerings for IT service providers. He was recognized for his breaking news coverage of the August 2019 coordinated ransomware attack against local governments in Texas as well as for his continued reporting around the SolarWinds hack in late 2020 and early 2021.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.