Is STG Building a New Cybersecurity Powerhouse?FireEye Acquisition Opens New Doors for Private Equity Firm
Symphony Technology Group's acquisition on Wednesday of FireEye Products Business in a $1.2 billion deal will set up the private equity group to better compete with security giants such as Microsoft and Cisco, while unlocking profit potential for FireEye and the now stand-alone Mandiant Solutions, analysts say.
Prior to the FireEye acquisition, STG inked a $4 billion deal in March to acquire McAfee's enterprise business and in September 2020 closed the deal to purchase RSA from Dell Technologies for $2.1 billion. After an investment from Clearlake Capital in March, RSA is now co-owned by STG and Clearlake.
The consensus is STG will likely form either a complete new company out of its newly acquired businesses - hoping the sum of the parts will make STG a major player in the security space - or simply allow customers to pull together a security plan on an a la carte basis from STG's various parts.
"You can see a future where we're going to have a clash of some really sophisticated industry heavyweights. You're going to have to compete with Microsoft; you're going to have to compete with Cisco. So if you're going to get in a fight with Microsoft and Cisco, you better bring a big stick. And it looks like they've now got a big stick," says Frank Dickson, program vice president at IDC.
Peter Firstbrook, vice president and analyst with Gartner, believes STG is putting together a portfolio to deliver a one-stop shopping experience for those looking for a suite of cybersecurity products and solutions to protect their organization.
"One trend they could take advantage of is the propensity of buyers to seek out fewer, more strategic vendors that have integrated solutions," Firstbrook says. "Eighty percent of buyers want to consolidate the number of security products and vendors to make their security operations more efficient."
Jeff Pollard, vice president and principal analyst with Forrester, also sees STG creating some kind of combined company further down the road, but he is not upbeat about the eventual outcome for the companies involved or their customers.
"Without doubt, they will be renamed, debut with a shiny new logo and inevitably IPO again in a few years. The talk track will definitely ignore that the company is a patchwork of once-relevant security vendors that failed to keep up with where the market was going," Pollard says. "Unfortunately, acquisitions like this often make investors successful, but almost never result in benefits for the customers buying the security solutions of these companies."
If creating a new company is indeed STG's goal, Firstbrook believes it must act quickly.
"Symphony does not have time for lengthy integration and reorganization if they want to take advantage of this trend. Merging these very different companies would be a major task," he says.
Splitting Mandiant from FireEye
FireEye announced on Wednesday the sale of its product line and name to Symphony Technology Group, a private equity group based in Palo Alto, California, for $1.2 billion. The deal separates FireEye from Mandiant Solutions, its forensics unit.
FireEye's products, which include network, email, endpoint and cloud security products and the Helix security operations platform, will all become part of STG. Mandiant Solutions will retain its controls-agnostic software and services.
In a note to investors, JPMorgan analysts say the separation will allow each entity to focus on what it does best and become more profitable, which is precisely how Mandiant views the move.
"We believe this separation will unlock our high-growth Mandiant Solutions business and allow both organizations to better serve customers," says FireEye CEO Kevin Mandia.
JPMorgan says: "We believe the deal will lead to a much better positioned, faster-growing SaaS and services provider right at a time when customers are clamoring for the Mandiant type of solutions to help with a growing level of ransomware and advanced cyberattacks."
People vs. Finances
Firstbrook agrees that unlocking the moneymaking potential for each entity is the deal's goal but thinks the move is counter to what he sees taking place in the industry.
"In my view, this is short-sighted. People are the most valuable commodity in the security market. Eighty percent of clients report they don't have enough skilled security staff," Firstbrook says. "Increasingly, product companies are adding services to help their customers get more immediate value out of the products."
Firstbrook notes that FireEye's competitors - CrowdStrike, Cybereason and SentinelOne - are increasing the percentage of sales that include a service component, and he says customers favor vendors that have both product and services in a single package.
Dickson disagrees with this assessment, noting that in the FireEye/Mandiant situation, while the two entities were working toward the same goal of defending their clients, they did so in diametrically opposite ways.
"You've got one organization which is a product-centric company. Then then you have a services company, but that is agnostic of the security architecture or what products the victim is using," Dickson says. "So these two entities are looking to defend against threats, but they both have different reasons for being, so they don't really belong together."
Pollard elaborated further on this line of thought, noting that FireEye has struggled to find its niche while competing against larger competitors, but adding the move makes a tremendous amount of sense for Mandiant.
"Larger players with broader portfolios of products competed directly with FireEye at every point in its product set. That creates an opportunity for Mandiant, if they are separated from FireEye, to become a vendor-neutral services provider rather than being tied to specific technology," he says.