February 2026 M&A Insider Report
Defense, Government & Intelligence | Security | Critical Infrastructure | Maritime
Download Full Report PDF →In late February, President Trump ordered all federal agencies to "immediately cease" using Anthropic's AI, Claude, following reported disputes between Anthropic and Palantir officials over the U.S. military's use of Anthropic's technology in the January operation to capture Venezuelan president Maduro. Defense Secretary Pete Hegseth ultimately labelled Anthropic as a supply chain risk, announcing a six-month phase-out process to transition away from Claude to other AI models. Shortly thereafter, the Pentagon signed a contract with OpenAI to deploy its models across defense networks.
Earlier in the month, the CIA announced a new acquisition framework to "turbocharge collaboration with the private sector." Together with a centralized vendor vetting and IT authorization process, the new framework aims to reduce the time between when the CIA identifies a mission requirement and when it receives operating authority to use a capability. The framework aligns with the DoD's November 2025 Acquisition Transformation Strategy, which prioritized speed and flexibility, including the use of non-traditional acquisition methods such as Other Transaction Authorities (OTAs).
The Defense Primes index (+51% over the TTM) maintained its strong performance as of the end of February as the Pentagon continued to emphasize the need to ramp up production, particularly of advanced missile and interceptor technologies with thin stockpiles, which have seen heavy use since the beginning of the Iran conflict.
| Value | Customer | Awardee | Scope |
|---|---|---|---|
| $3,500M | U.S. Coast Guard | Davie Defense | Design and construct five Arctic Security Cutters (ASCs) |
| $1,900M | U.S. Air Force | Lockheed Martin | Produce, modernize, sustain and support C-130J training systems |
| $1,269M | U.S. Army | Elbit Systems / L3Harris / Photonis Defense | Produce and test Binocular Night Observation Devices (BiNOD) for PdM SMS |
| $1,000M | DHS | Palantir | Commercial software licenses, maintenance, and implementation services department wide |
| $875M | U.S. Dept. of Justice | SOS International | Language interpretation services for immigration court proceedings |
| $697M | U.S. Army | Booz Allen Hamilton | Mission support for U.S. Army exercises at Fort Leavenworth, KS |
| $499M | USSTRATCOM | National Strategic Research Institute | Engineering & research capabilities related to WMD, cyber security and HAZMATs |
| $480M | NAVSEA | Lockheed Martin | Software development for AN/SQQ-89(V) Undersea & Anti-Submarine Warfare system |
| $463M | U.S. Army | Rolls-Royce | Power Pack Less Transmission (PPLT) kits for the Merkava Main Battle Tank |
Supreme Court Strikes Down Trump Tariffs
- In February, the U.S. Supreme Court ruled 6-3 that President Trump's tariffs under emergency powers were illegal and needed to be refunded.
- President Trump responded that he would issue new tariffs under the 1974 Trade Act, which allows up to 15% tariffs for 150 days. Trump implemented 10% tariffs effective February 24 and mentioned raising them to the maximum 15%.
War in Iran
- On February 28, 2026, Israel and the U.S. launched joint airstrikes on Iran, targeting military infrastructure and senior Iranian officials, including Ali Khamenei, the former supreme leader of Iran, who was killed in the opening strikes.
- The operation follows an Iranian crackdown on protests against the regime and the ensuing buildup of U.S. military assets in the Middle East, including multiple aircraft carrier strike groups.
DHS Partial Government Shutdown
- On February 14, 2026, funding for certain components of DHS, such as TSA, FEMA, and the Coast Guard, lapsed as Congress remains in a stalemate over reforms to ICE tactics.
- The lapse in funding led to over 50,000 TSA agents working without guaranteed pay, causing staffing shortages and long security wait times at major airports.
U.S. Intelligence Supports Mexican Military Operation Against Cartel Boss
- On February 22, Mexican military forces, supported by U.S. intelligence, killed Nemesio Oseguera Cervantes, the leader of the Jalisco New Generation Cartel (CJNG).
- The operation sparked widespread cartel violence and roadblocks across Mexico, leading to a "shelter-in-place" order for U.S. tourists.
On February 10, Microsoft released an urgent security update addressing 54 vulnerabilities across its ecosystem, including an unusually high number of zero-day exploits (six) that were already being actively exploited in the wild. The actively exploited zero-days bypassed security features or enabled privilege escalation in core components such as Microsoft Word, the MSHTML Platform, Windows Shell, and Windows Remote Desktop Services. The patch also addressed severe Remote Code Execution vulnerabilities in Azure services and in developer tools such as GitHub Copilot and Visual Studio Code.
In early February, Substack disclosed that an October 2025 API vulnerability exposed the emails, phone numbers, and internal metadata of nearly 700,000 users after remaining undetected for roughly 100 days. Although passwords and full financial data were not compromised, cybersecurity experts warn that the exposed user-specific metadata significantly increases the risk of highly targeted phishing campaigns.
An Iranian-linked hacking group known as Seedworm — also tracked as MuddyWater, Temp Zagros, and Static Kitten — has targeted multiple U.S. organizations since early February 2026, raising concerns across critical infrastructure networks. Activity from the group has escalated following the U.S. and Israeli military strikes that killed Ali Khamenei, Iran's former Supreme Leader, increasing fears that the cyber operations could be part of a retaliatory campaign. Over the years, the group has expanded its targeting focus beyond the Middle East to include telecom companies, defense contractors, local governments, and oil and gas companies across Asia, Africa, Europe, and North America.
Researchers warn that hackers already maintain persistent access within several systems through newly developed malware and backdoors, which could allow them to shift from intelligence gathering to more disruptive attacks if directed. The activity underscores the heightened risk of state-sponsored cyber operations targeting the federal, state, and local government infrastructure.
The current crisis in the Strait of Hormuz, caused by Iranian retaliation in response to ongoing U.S. and Israeli strikes, has triggered one of the most severe disruptions to maritime transport in decades, effectively paralyzing one of the world's most vital trade arteries. Following the military escalations in late February 2026, the strait is now classified as a "high-risk" zone, with commercial traffic reaching near-zero levels as over 1,000 vessels remain stranded or idle. War risk insurance premiums have surged — in some cases by over 1,000% — and spot tanker rates have quadrupled, with some VLCC (Very Large Crude Carrier) charters exceeding $200K per day.
Major carriers like Maersk and Hapag-Lloyd have suspended Gulf bookings, rerouting vessels around the Cape of Good Hope, which adds up to 14 days to transit times and imposes emergency surcharges of up to $4,000 per container.
Download the Full February 2026 Report
Complete deal tables, valuation multiples, public company comps, and contract awards across all sectors.
RECENT NEWS
Purchase Price Allocations Under ASC 805: What Every PE-Backed CFO and Deal Team Needs to Know
A purchase price allocation (PPA) is the first post-close workstream that directly affects reported EBITDA, lender covenant calculations, and eventual exit valuation for PE-backed acquirers. Under ASC 805, every acquisition requires the buyer to allocate the total purchase price to identifiable assets and liabilities at fair value — including intangibles that never appeared on the target’s balance sheet. For middle-market deals, identified intangibles commonly represent 30–60% of total consideration, and each carries its own valuation methodology, useful life assumption, and amortization consequence. The McLean Group’s Valuation Advisory team breaks down what every CFO, controller, and deal team needs to know about getting the allocation right the first time. […]
Q1 2026 Mergers & Acquisitions Market Update
The McLean Group’s Q1 2026 M&A Insider Report tracks deal activity across Defense & Government, Physical & Cyber Security, Critical Infrastructure, and Maritime. Q1 was the strongest quarter on record for Defense M&A with 104 closed transactions, headlined by Arcline’s $2.2B acquisition of Novaria Holdings and VSE Corporation’s $2.15B acquisition of Precision Aviation Group. Cyber Security saw $57B+ in transaction value led by Google’s $32B acquisition of Wiz and Palo Alto Networks’ $24.6B acquisition of CyberArk Software, with Cyber/Technology EBITDA multiples reaching 41.3x LTM. Critical Infrastructure closed 48 transactions including Constellation Energy’s $28.9B acquisition of Calpine, while Maritime rebounded to 24 transactions in Q1. The full report includes sector commentary, EBITDA valuation multiples, public company benchmarks, and representative transaction data for each sector.[…]
What Is a 409A Valuation and When Does Your Company Need One?
A 409A valuation is an independent appraisal of your private company’s common stock, and if you’re issuing equity incentive awards to employees, it’s a legal requirement, not a formality. Get it wrong, and employees face immediate income recognition, a 20% federal penalty tax, and potential state penalties that can push effective tax rates well above 50%. In this article, The McLean Group’s Valuation Advisory team breaks down exactly how 409A valuations work, when your company needs one, which IRS safe harbor methods apply at each stage, and the common mistakes that create tax exposure at exactly the wrong time: during fundraising, M&A due diligence, or an IRS audit.