Every year, internet security firm Symantec Corporation (NASDAQ:SYMC) issues an internet security threat report. The current edition is, as usual, chock full of insightful data as to just how prevalent internet attacks are becoming. It details that 7.1 billion identities have been compromised online over the past eight years. In 2016, 15 breaches occurred that exposed more than 10 million identities each.
Security breaches are more than just threats and cost both businesses and individuals large sums. Cybersecurity solutions provider FireEye Inc (NASDAQ:FEYE) represents a pure play way for investors to invest in the growing need to improve internet and related digital security. Based on sales growth since its founding in 2004, the firm is a bona fide success. But when looking at profits, FireEye has work to do.
FireEye’s sales have gone from a mere $12 million in 2010 to above $700 million last year. Annual billings, which include sales made and deferred revenue, exceeded $800 million last year. A migration to a subscription model also appears to be gaining traction.
Yet profitability remains an issue. FireEye has yet to record a year of positive earnings, though it did report some positive operating cash flow back in 2015. To try and stem the steady stream of losses, management is working hard to cut costs and migrate to an operating model where it sells a more comprehensive security solution through the cloud.
So far, other software firms that have migrated to subscription models (Adobe and Autodesk come to mind) have seen steady and recurring sales.
If all goes well, FireEye hopes to reach profitability by the fourth quarter of this year. But for the full year, analysts still expect negative earnings of 30 cents per share. If things go really well, FireEye could break even during 2018, though the current loss is expected to be 4 cents per share.
The lack of sustainable profits to me suggests that proving internet security works to clients is easier said than done. It appears that large-scale attacks on computer networks, including distributed denial of service (DDoS) attacks where crooks hijack a computer and literally demand a ransom to leave, are relatively easy and cheap to carry out.
Yet the costs to prevent them are expensive and don’t seem to dependably work. The Symantec report says it takes only two minutes for a device connected to the internet to be attacked. Basic machines beyond computers can be hijacked and their computing power can quickly be used on unsuspecting victims. This will likely change, but could take time.
These days, companies increasingly trust FireEye to help them deflect the risk of cyber-attack. The firm recently boasted 5,600 customers, including 40% of the Forbes Global 400 list of companies.
Yet the competition is just as fierce and diverse as internet thieves. FireEye counts giant technology companies such as International Business Machines Corp. (NYSE:IBM) and Hewlett Packard Enterprise Co (NYSE:HPE) as rivals, as well as Symantec, Palo Alto Networks Inc (NYSE:PANW) and Trend Micro.
Given the uncertainty in the value of cybersecurity providers, it might be a better idea to more widely invest in the space. Then, if any firm starts to stand out from the crowd, there is a decent likelihood of benefitting from positive shareholder returns. Hilary Kramer has recommended the PureFunds ISE Cyber Security ETF (NYSEARCA:HACK) for broad exposure to the space.
HACK’s top holding happens to be FireEye. It represents nearly 5% of the ETF. Imperva Inc (NASDAQ:IMPV), Qualys Inc (NASDAQ:QLYS), Gigamon Inc (NYSE:GIMO) and Proofpoint Inc (NASDAQ:PFPT) round out the top five to collectively account for 22% of the overall holdings. Symantec is number ten and Palo Alto Networks sneaks in at number 17.
I plan to track the fund and see just how much the top players change over time. This will give a decent indication as to whose solution proves the most compelling to digital providers. And at some point I would expect a fair amount of industry consolidation.
Sticking with the large technology firms such as IBM and HPE isn’t a bad solution, either. They will likely acquire the smaller successful players and will therefore eventually garner the lion’s share of cybersecurity profits over time. Plus, they are benefitting from big data and helping firms analyze the reams of information that can help boost sales and better serve customers.
As of this writing, Ryan Fuhrmann did not own any shares of companies mentioned.