Euro Security Watch with Mathew J. Schwartz

Cybersecurity , Technology

Security Sector Business Roundup Cybersecurity Startups Are Hot, While Old Guard Eyes M&A
Security Sector Business Roundup

There have been a number of recent, interesting business moves in the security space, from a range of companies, including Symantec and Cisco, plus Crowdstrike, Proofpoint, Fidelity National Information Services - better known as FIS - and Zscaler.

See Also: Disrupt Attack Campaigns with Network Traffic Security Analytics

For starters, Symantec has finally jettisoned its storage business, with CEO Michael Brown promising that the now "focused security company" will soon be unveiling a range of new enterprise-focused products to try and rejuvenate the company's market performance, bolstered by some key acquisitions.

"Zscaler ... is now known as a 'unicorn,' referring to a tech startup that has a valuation of more than $1 billion." 

Technology giant Cisco, fresh from five recent acquisitions, says it plans to make more security moves in the future. But the challenge faced by this "old guard" is that buying innovative security startups to provide much-needed new revenue streams continues to grow more expensive.

On the flip side, it is a great time to be an information security startup. In the past two years, investors have put $4.6 billion into cybersecurity startups, including $1.2 billion just in the first half of this year - up from $771 million in 2013 - reports market researcher CB Insights. In July, meanwhile, threat-intelligence firm Crowdstrike raised $100 million in a funding round led by Google.

Earlier this month, security and compliance firm Proofpoint announced that it was acquiring the assets of Menlo, Calif.-based Marble Security, an app threat intelligence and defense firm that has about 20 employees, for $8.5 million. Marble's products will be incorporated into Proofpoint's Targeted Attack Prevention Protection product range.

Now, let's take a deeper dive into some of these moves:

Zscaler: Now a "Unicorn"

Cloud-based security-as-a-service vendor Zscaler - which ran a booth at last week's Black Hat conference that allowed visitors to smash appliances - has also announced that it has raised $100 million in a new round of financing led by private investment firm TPG.

The company is now known as a "unicorn," referring to a tech startup that has a valuation of more than $1 billion. "The investment and partnership from TPG and the global relationships and experience they provide will enable us to accelerate investment in our technology, grow our customer base and aggressively scale our business to meet growing demand," says Zscaler CEO Jay Chaudhry.

Symantec Drops Storage Business

If it's a great time to be a cybersecurity startup, some of the old guard are facing ongoing revenue challenges. One case in point is Symantec: many investors and value-added resellers have been calling on the company to jettison Veritas - acquired in 2005 for $13.5 billion - for years, saying that the storage business never meshed with Symantec's security side, and has been dragging down the company's stock, which has long underperformed. Poor financial results have also led to Symantec chewing through three different CEOs in the past three years.

Current CEO Michael Brown in October 2014 announced that Symantec, which had $4.2 billion in revenue last year, would spin off Veritas, which had about $2.5 billion in revenue last year, as a separate, publicly traded venture.

But on Aug. 11, Symantec changed tack, announcing that it would sell Veritas to The Carlyle Group, an asset management firm, for $8 billion in cash. The deal is expected to close by September 2016, and result in net proceeds of $6.3 billion. Symantec CFO Thomas J. Seifert said on an Aug. 11 earnings call that the deal "simplifies the separation process and provides financial flexibility to invest in our future."

Symantec could use the cash as it seeks to reinvigorate its product lines. On the earnings call, Brown said that the company's revenue from its consumer Norton products was down, and that its threat-detection - including endpoint security - quarterly revenues had declined by 1 percent, although it did see slight increases in data loss protection and cybersecurity services revenue, while its enterprise security products division booked a revenue increase, of 1 percent, for the first time in two years.

Brown has promised to unveil a range of new products in 2016 and focus on offering businesses a "unified security strategy," and to help consumers secure Internet of Things devices, all potentially bolstered by some key acquisitions. But Brown warned too that "assets in this space are quite expensive," and said the company does not plan to enter the network security market, where it would go head to head with Palo Alto Networks and Cisco.

Cisco: Feeling "Acquisitive"

Cisco, like other large and established technology firms, also faces the challenge that revenues from its older, more established business lines are losing steam, and thus it has been looking to acquire and bring new business lines up to speed as quickly as possible, The Wall Street Journal reports, noting that the firm has already done five deals this year, including paying $635 million for OpenDNS. On an Aug. 12 earnings call, Kelly Kramer, Cisco's chief financial officer, said that the company "will continue to be very acquisitive going forward ... especially in areas like software and security."

FIS to Buy SunGard Data

What larger players like Symantec and Cisco can offer their customers - that many startups cannot - is the promise of being a one-stop shop for many of their IT and information security needs. That helped drive financial industry software maker Fidelity National Information Services to announce Aug. 12 that it plans to buy rival SunGard Data Systems for $9.1 billion, including debt. The company expects the deal to close by the end of 2015.

Privately-owned SunGard, which earned $2.8 billion in revenue last year, offers software - both cloud-based and on-premises - and related services to the financial services, public sector and education markets. The company had been attempting to go public. Fidelity National, known as FIS, says the new company is expected to have more than $9.2 billion in annual revenue.

Financial services firms no longer have the bandwidth required to shop for - and integrate - solutions from many different vendors, Gary Norcross, president and CEO of FIS, tells American Banker. "Given the technology changes, the regulatory changes, the costs, the new unregulated incumbents, I think banks are thinking, 'I have to take down this level of complexity and let the providers concentrate on those issues,'" Norcross says.



About the Author

Mathew J. Schwartz

Mathew J. Schwartz

Executive Editor, DataBreachToday & Europe

Schwartz is an award-winning journalist with two decades of experience in magazines, newspapers and electronic media. He has covered the information security and privacy sector throughout his career. Before joining Information Security Media Group in 2014, where he now serves as the Executive Editor, DataBreachToday and for European news coverage, Schwartz was the information security beat reporter for InformationWeek and a frequent contributor to DarkReading, amongst other publications. He lives in Scotland.




Around the Network