In this paper, we first analyze the trends in mergers and acquisitions (M&As) activities among information security firms and other information technology (IT) firms in the US over the period 1996 to 2008. We then use social network analysis to investigate the characteristics and underlying dynamics of these M&As activities. Our results reveal an increase in cohesiveness of 200% in the network linking the information security firms and the IT firms considered in our analysis. This, in turn, implies a move towards industry convergence. In particular, we show that acquisitions of identity and access management (IAM) firms have become more central to M&As by IT firms in the US since 2004, reflecting an increasing trend among IT firms to integrate IAM technologies within their products.