Today, Akamai announced that it has acquired Portland, Oregon-based Janrain. Although the financial terms were not disclosed, Forrester estimates the purchase price to be in the $250M–$275M range, based on typical M&A SaaS revenue multiples of 4X to 6X and Forrester’s estimation of Janrain’s annual revenue. Founded in 2003, Janrain was one of the first pure-play customer identity and access management (CIAM) vendors and has raised nearly $80M in venture financing to date.
Akamai and Janrain have an existing technology integration, which was announced this past summer, that leverages Akamai’s DDOS and bot detection capabilities with the Janrain Identity Cloud to protect against both network and web-based attacks, as well as identity-based threats such as account takeover attacks. The strategic intention behind the merger appears to be to drive this integration further and offer a broad solution for detecting and preventing this wide variety of threats.
These are my main takeaways from the Akamai/Janrain merger:
- Protecting customer data is more important than ever. Continued disclosures of large-scale data breaches in 2018 such as Starwood’s indicate that customer data remains a high-value commodity. Against this backdrop, firms must continue to invest in controls to prevent data breaches, as well as to maintain customer trust. The Akamai/Janrain combination enables companies to address this problem.
- Network and identity-based threats are converging. Hackers’ ongoing thirst for data that can be monetized has led them to pursue a range of techniques, from tactics such as SQL injection to other credential-oriented attacks. Against this continually evolving threat landscape, organizations struggle to maintain enough defenses. The Akamai/Janrain combo will provide organizations with a single offering that can mitigate against both types of attacks.
- The merger suggests that the gravitational pull of CIAM is shifting from the CMO to the CISO. CIAM’s strong alignment around customer-facing initiatives meant that it was often funded and driven by a chief digital officer (CDO) or CMO, with tacit approval from IT. In response, CIAM platforms invested a lot in integrating with content management, personalization, and other marketing technologies. As a result, CIAM platforms had to balance these requirements against security requirements around authentication, SSO, and fraud management. Since the Akamai/Janrain deal is primarily about the security and fraud aspects, it suggests that CIAM initiatives may be more driven by the CISO going forward than the CDO or CMO.
Success Of The Acquisition Will Depend On Several Factors
Forrester expects that the success of this acquisition will hinge on the following factors:
- How well can Akamai integrate the Janrain offering into its existing DDOS solutions?
- How well can Akamai position this combined offering to a single enterprise buyer? CIAM initiatives are often funded outside of IT security, so aligning this combined offering toward a single buyer will help maintain sales velocity and momentum.
- How well can Akamai maintain Janrain’s existing security and marketing partnerships and platform neutrality in ways that do not alienate the existing Akamai partner ecosystem?