Security Company Earnings Reports - Nuggets of Gold (Part 1)

All reports referenced below, and all quotes, are from Seeking Alpha - free registration required to read them.

In this first set, I've looked at Symantec, Checkpoint, and Fortinet.  In later blogs I'll look at others including Sourcefire, Qualys, Imperva, Websense, Vasco, and probably some others.

If I had to summarise the three below, this would be pretty close:

  • Symantec is like the New York Yankees.  Big budget, used to win the World Series routinely, now has an ageing roster who spend lots of time on the DL, but somehow seem to still find a way to genuinely compete.  Not a bad team, even if they don't look as razzle-dazzle as they once did.
  • Checkpoint is like the Oakland Athletics.  A good team in a smaller market (compared to the Yankees), that historically has focused a bit more internally than externally (with pretty good results most of the time).
  • Fortinet is like the Washington Nationals.  Lots of brash young players with extraordinary talent, who occasionally play the game too hard (eg  But the fact is, a few years from now, when the Yankees roster is completely different, the Nationals roster will be much the same, and they will be awesome.

Don't follow baseball, so don't understand the above?  For more color, read below.  Oh, and you'll also discover the joy of the word 'color' as a tool of management-speak.



"We delivered better-than-expected results for the quarter and year... We grew 3% organically, the largest organic growth rate in 5 years." 

I can't help but think that when 3% organic growth is the largest rate in 5 years, the company is in need of some electro-shock therapy.

[As a cross-reference, the Fortinet transcript mentions that analysts' average growth forecast for the industry is 6-10%.  Growing at below that trend line, is not a great sign.]

"FY '13 also was the start of the transformation of Symantec."

Ah, right.  The aforementioned electro-shock therapy.

"We're in the middle of rightsizing our management structure."

Do people still euphemistically use the word rightsizing?  Are we not supposed to notice that nobody has ever 'rightsized' a team and made it bigger?

"We expect to eliminate between 30% and 40% of our management positions."

Like I said.  Rightsizing is a one way street.

"We will have fewer, bigger jobs for our best and brightest. We are also attracting world-class talent from the outside..."

OK, so 30-40% of management positions are gone, and of the positions remaining, externals will take some, so we're basically saying that probably a full HALF of Symantec's management will be removed in the coming year.  Wow.

"...[we're seeing] double-digit growth in our information security business"
"...[we're seeing] double-digit growth in Business Critical Services as demand for high-touch infrastructure protection services continues to grow"
"...[we're seeing] double-digit growth that we're seeing out of areas like encryption, Managed Security Services."
"Our Trust Services business continues to grow very nicely for us."
" to the Endpoint Security business, that's closer to flat."

Realistically, nothing too surprising here.  Many of the fastest growth companies in the market are in the 'detect' space right now (rather than 'protect' or 'react'), and Managed Security Services and infrastructure protection services are growing well everywhere.  It would be a tough part of the market to try to operate in, to cover both mums-and-dads anti-virus all the way through to high-end MSS for financial institutions.  



"In the first quarter, revenues reached $322.7 million, representing an increase of 3% compared to $313 million in the first quarter of 2012."

As per Symantec, growing at 3% in a market growing 6-10%, isn't great... but of course that's always part of the challenge of being the big guy.  It's much harder to grow proportionally as quickly as all the start-ups nibbling at your market.  And of course Symantec is much bigger still.

"Revenue distribution by geography for the quarter was as follows: Americas contributed 45% of revenues; Europe was 38%; and Asia Pacific, Japan, Middle East and Africa regions contributed the remaining 17%."

This matches up pretty well to the rule of thumb that the Americas (primarily the USA) accounts for close to half of global cyber-security spend.

Regarding not having closed some "super high end deals" (which is later clarified to relate to these devices:

"Competitive-related, no, I don't think that any of these deals -- I mean, all these deals that there are now are still open, and I think that, that part of the market is currently not very competitive to keep the deals we are seeing."

This doesn't surprise me.  As 'hot' as the security market is, and as many companies are pouring into it, it is still the case that a large part of security spend is not allocated through a competitive process; or if it is at first, it is not for some period of time after that.  Organisations are - in many cases - picking their security partners and sticking with them, until or unless there is an unequivocal reason to change (with a major breach being a big one).

"I don't think that there's any new competitors. Our market is competitive and always been competitive."

See above.

In response to a question about the future of network security, cloud etc:

"...some of that around mobility and data security, these are definitely areas we're working on and this is an area that will show some nice innovation during the rest of the year. So this is clearly an area that we are working on. "

On the 'Threat Emulation' system... This is a bit long, but worth reading:

"Threat Emulation is an exciting blade, which addresses a very fast-growing segment of the marketplace. "
"We just announced it a few weeks ago, and very, very new. In terms of how our solution is different. First, I think our immediate competitors don't have something comparable to that, and I think the unique value that we provide in the Threat Emulation space is the fact that it's all integrated into one system and the fact that we actually have prevention. If you look at many other emulation kind of solutions, they analyze the files pretty much offline, and if there is a threat found, then manually, someone had to go and look for the file. What we have is a realtime in-line system. You get an e-mail. If the e-mail is unknown, if the e-mail is not recognized... we'll take that e-mail, send it to the Threat Emulation engine. The Threat Emulation engine, by the way, can be a cloud service that we provide or it can be an appliance that a large enterprise would like to install locally. It runs the document in the sandbox, looks for the different behaviors, and then it either tells the main system, pass the e-mail, nothing was found, or it tells the e-mail something was found, stop the e-mail, don't transfer that. And that's a very, very powerful thing. Again, none of the other competitors has a realtime system like that."

This is definitely a part of the market that every major security vendor wants to be in.  The rapid growth of the segment (which didn't really exist just a few years ago), and the success of companies and products such as FireEye, RSA NetWitness, Solera, Sourcefire FireAMP and more, makes the only real decision for companies like Checkpoint, McAfee, Cisco and Symantec: Build or Buy?



"...we did not see a major change in the competitive environment and no significant deals were lost to competitors."

See comment in Checkpoint analysis about the nature of the competitive environment.  Yes, it's crowded.  Yet, it's competitive.  But that doesn't mean a huge amount of business isn't being locked up without too much competitive conflict.

"So we believe the security industry remain healthy, though growing at a slower rate than what was previously estimated. On average, research firm have the growth rate of now secured to be somewhere between 6% to 10% year-over-year"

A good stat to baseline growth against.  

"Fortinet hold more certifications than any other security vendor"

I have no idea how to test/validate this, so I'll accept it as is.  An impressive statement given their relative youth in the market.

"On the innovation front, we introduced a new product that strengthen our advantage across our core market. This includes a new FortiGuard cloud-based sandboxing and IP reputation service, designed to help protect against advanced persistent threats. Using behavioral attributes to detect malware by executing them within a virtual environment."

See above commentary re: Checkpoint's Threat Emulation system.  I'm actually not sure who was first into this market, and it's too early to say who is best, but regardless, expect it to feel like Attack of the Clones in the next 12-24 months.

"we also continued to invest in sales headcount and marketing activities to support long-term growth"

See Symantec.  There are going to be a bunch of sales managers available pretty soon.

"Q1 billings were $148.5 million during the first quarter, an increase of $11.5 million or 8% year-over-year."

That's a bit healthier.  Nicely done.

"EMEA billings grew 8% despite the continued macro uncertainty there. And APAC grew very nicely at 25% with good traction in Japan, Southeast Asia and India."

Wow.  25% is indeed a very healthy growth rate.  Not sure what the base was, but shows there is still a pretty significant unsatisfied market need.

"In the Americas, we won a 7-figure deal with a large U.S. based wireless carrier where we replaced Palo Alto Networks. We were selected because of our superior reliability, scalability and overall firewall performance."
"[on a different deal]...we beat out Check Point, Juniper, Palo Alto Networks and Cisco in this deal, based again on performance and breadth of functionality we offer..."
"[on a different deal]...we beat Cisco, Check Point, McAfee and Blue Coat in this deal..."

These statements are interesting because Symantec and Checkpoint seemed to not really want to name or discuss competitors at all.  Whereas Fortinet just get straight into competitor-smack-down.  As Robbie Williams says, "sing when you're winning."

"give you some color"

This one was everywhere.  Seven appearances in the transcript, and they weren't talking about the flashing lights on the firewalls.   I read it in the Checkpoint discussion too (3 appearances) and Symantec (2 appearances).  Sounds like the latest buzzword.  Excellent.  It seems that "can you give us some color about..." basically means "can you give us some detail about..."  But the people who say the former, rather than the latter, I assume get well rewarded for their command of management linguistics.  Is it just a coincidence that the more the word 'color' is thrown about, the higher the company's year-to-year growth?  

"In terms of the strategy, I think the strategy is pretty obvious. Look, the product is advantaged in one particular context, and that is, it can do more with higher performance, far more reliable, far more scalable."

Great clarity.  You don't get that a lot.