Palo Alto Networks Finalizes US$25 Billion CyberArk Acquisition

Palo Alto Networks’ US$25 billion acquisition of CyberArk elevates identity security to a core control layer as AI, cloud, and automation expand attack surfaces. As financial services, manufacturing, telecom, and government entities face stricter cybersecurity, data protection, and nearshoring-driven digitalization pressures, where fragmented identity governance and over-privileged access remain systemic operational risks.

Palo Alto Networks finalized its US$25 billion (MX$428 billion) acquisition of CyberArk, integrating identity security as a primary pillar of its strategy. This merger enables the company to secure human, machine, and agentic identities across hybrid cloud environments to mitigate risks in the artificial intelligence era.

“The emerging wave of AI agents will require us to secure every identity, human, machine, and agent,” says Nikesh Arora, Chairman and CEO, Palo Alto Networks. “This is why we moved decisively by announcing our intent to acquire CyberArk last July and am excited to have product integration begin. For our customers, this means the end of ‘identity silos.’ They can now manage privileged access across their entire hybrid cloud environment from the same company they trust for Network Security and Security Operations.”

By democratizing privileged access across all identity types, organizations can reduce standing privileges, limit lateral movement, and stop identity-based attacks with greater speed. Corporations using identity-driven security controls can accelerate breach response by up to 80% by preventing attackers from abusing credentials and excessive access.

The relevance of this merger is underscored by the shift in the modern attack surface. As organizations scale cloud operations, automation, and AI, identity has emerged as the primary path for exploitation. According to industry data, machine identities now outnumber human identities by more than 80 to one. Despite this growth, 75% of organizations acknowledge that their human identities are governed by outdated, overly permissive privilege models.

A survey conducted by Permiso Security, a provider of identity security platforms, reveals that 76% of respondents report that over half of the security incidents occurring in the previous 12 months involved issues relating to identity management.

While 95% of professionals expressed confidence in their ability to track non-human identities, only 46% of them claimed to have comprehensive visibility across all human and non-human identities accessing IT resources. This gap between perceived confidence and actual visibility creates significant vulnerabilities. Only 18% of security teams reported that they could detect and confirm an identity-based threat in less than one hour. Furthermore, only 2% stated they could detect the blast radius of a breach in less than one minute, whereas 61% would require between one and 24 hours to perform the same task.

Operational inefficiency further exacerbates these risks. The Permiso Security study found that 71% of teams use between three and 10 separate tools to achieve identity visibility. This tool sprawl results in security personnel spending between 10 and 40 hours per week manually correlating identity data from different sources. Consequently, only 43% of teams can detect identity-based risks before an incident occurs.

Ian Ahl, CTO, Permiso Security, says that most AI agents are already grossly over-permissioned, making major cybersecurity incidents a matter of timing rather than probability. Nearly all respondents, 98%, noted that AI agents have access to sensitive data, yet only 52% can consistently detect when automation tools create or modify identities or permissions.

Acquisition Details and Operational Impact

Cyberark’s acquisition was structured as a cash-and-stock transaction. Under the terms of the agreement, CyberArk shareholders are entitled to receive US$45.00 in cash and 2.2005 shares of Palo Alto Networks common stock for each CyberArk ordinary share. Shareholders of CyberArk approved the proposal with approximately 99.8% support during a special meeting held on Nov. 13, 2025.

Following the completion of the deal, Palo Alto Networks provided updated financial guidance during its 2Q26 earnings call on Feb. 17, 2026. The company raised its annual revenue forecast to between US$11.28 billion and US$11.31 billion, up from the previous range of US$10.50 billion to US$10.54 billion. 

However, the company trimmed its annual profit forecast to account for rising costs associated with recent acquisitions, including CyberArk, Chronosphere, and the Israeli startup Koi. Palo Alto Networks now expects adjusted profit per share of US$3.65 to US$3.70 for fiscal 2026, a decrease from the prior forecast of US$3.80 to US$3.90. Acquisition-related costs jumped to US$24 million in the second quarter, compared to US$10 million in the previous year. The company anticipates a US$2.3 billion cash expenditure in the third fiscal quarter specifically for the CyberArk integration.

To honor the heritage of CyberArk and strengthen its presence in Israel, Palo Alto Networks announced its intent to pursue a secondary listing on the Tel Aviv Stock Exchange, known as TASE. The company plans to adopt the “CYBR” ticker on the TASE, which will position Palo Alto Networks as the largest company listed on that exchange by market capitalization. 

Human Capital and Integration Challenges

Despite the technical synergies, the merger has resulted in a significant reduction in force. On Feb. 17, 2026, approximately 700 CyberArk employees were notified that their positions would be dismissed. This figure includes an estimated 10% of the 1,000 employees based in Israel.

The dismissal process was conducted through direct emails from Palo Alto Networks. Employees reported receiving termination notices with effective dates ranging from three to 12 months in the future. To maintain operational continuity and facilitate knowledge transfer during this time, the company is offering increased bonuses to those who remain until their set termination dates. Severance packages are reported to include between four and five months of salary.

CyberArk solutions will continue to be available as a standalone platform, though integration into the broader Palo Alto Networks security ecosystem is currently underway. The roadmap focuses on resilience and operational efficiency to stop identity-driven breaches. Matt Cohen, CEO, CyberArk, says joining forces with Palo Alto Networks creates the definitive cyber guardian for the modern enterprise.

The company is now focused on reengineering and restructuring its operations to integrate these large-scale acquisitions effectively.