Hit enter after type your search item
Wzy Word


Breaking Anaylsis: Cyber Security Update: What to Expect at RSA 2020


>> From the SiliconANGLE Media office in Boston, Massachusetts, it's the cube Now, here's your host, Dave Vellante

>> Hello everyone and welcome to this week's Wikibon cube insights powered by ETR In this breaking analysis ahead of the RSA conference, we want to update you on the cyber security sector This year's event is underlined by coronavirus fears, IBM has pulled out of the event and cited the epidemic as the reason and it's also brings to the front the sale of RSA by Dell to STG partners and private equity firm Now in our last security drill down, we cited several mega trends in the security sector These included the ever escalating sophistication of the attacker, the increased risk from the data economy, the expanded attack surface with the huge number of IP addresses that are that are exploding out there, and the lack of skills and the number of cyber tools that are coming to the market

Now, as you know, in these segments, we'd like to share insights from the cube And I want you to listen to two American statesman and what they said, on The Cube Here's general Keith Alexander, who's the former director of the NSA, along with Dr Robert Gates, who's the former director of the CIA and former Secretary of Defense, play the clip >> When you think about threats, you think about nation states, so you can go to Iran, Russia, China, North Korea, and then you think about criminal threats, and all the things like ransomware

Some of the nation state actors are also criminals at night, so they can use nation state tools and my concern about all the evolution of cyber threats is that the attacks are getting more destructive >> I think cyber and the risks associated with cyber, and IT need to be a regular part of every board's agenda >> So you hear General Alexander really underscore the danger, as well, Dr Gates is articulating what we've said many times on the cube that cyber security is a board level agenda item Now, the comments from both of these individuals represent what I would consider tailwinds for cyber technology companies

Now we're going to drill into some of those today But it's not all frictionless There are headwinds to in this market space, cloud migration, the shift from north south south to East West network traffic, its pressure traditional appliance based perimeter security solutions, increase complexity and lack of skills and other macro factors, including questions on ROI CFO saying, hey, we spend all this cash, why aren't we more secure? Now, I want you to hear from two chief information security officers officers on both the challenges that they face and how they're dealing with them Roll the clip

>> Lack of talent, I mean, we're starving for talent Cybersecurity is the only field in the world with negative unemployment We just don't have the actual bodies to actually fill the gaps that we have and in that lack of talent Cecil's are starving >> I think that the public cloud offers us a really interesting opportunity to reinvent security right So if you think about all of the technologies and processes and many of which are manual over the years, I think we have an opportunity to leverage automation to make our work easier in some ways

>> Now I featured Brian Lozada and Katie Jenkins before and breaking analysis segments, and you can hear it from the cyber leaders, we lack the talent, and cloud computing and automation are areas we're pursuing So this challenges security companies to respond But at the end of the day, companies have no no choice In other words, organizations buying security solutions, the sophistication of the attacker is very high and the answer to my CFO and ROI is fear based If you don't do this, you might lose billions in market cap

Now, I want you to take a listen to these cubilam talking about the attacker of sophistication and the importance of communication skills in order to fund cyber initiatives, really to keep up with the bad guys, please play the clip >> The adversary is talented and they're patient, they're well funded okay, that's that's where it starts And so, you know why why bring an interpreter to a host when there's already one there right? Why write all this complicated software distribution when I can just use yours And so that's that's where the play the game starts And and the most advanced threats aren't leaving footprints because the footprints already there, you know, they'll get on a machine and behaviorally they'll check the cash to see what's hot

And what's hot in the cash means that behaviorally, it's a fast they can go they're not cutting a new trail most of the time, right? So living off the land is not only the tools that they're using the automation, your automation they're using against you, but it's also behavioral >> That's why the most the most important talent or skill that a security professional needs is communication skills If you can't articulate technical risk into a business risk to fund your program, it's, you know, it's very hard for you to actually be successful in security >> Now, the really insidious thing about what TK Keanini just said is the attackers are living off the land, meaning they're using your tools and your behaviors to sneak around your data unnoticed And so as Brian Lozada said, as a security Pro, you need to be a great communicator in order to get the funding that you need to compete with the bad guys

Which brings me to the RSA conference This is why you as a security practitioner attend, you want to learn more, you want to obtain new skills, you want to bring back ideas to the organization Now one of the things I did to prepare for this segment is to read the RSA conference content agenda, which was co authored by Britta Glade and I read numerous blogs and articles about what to expect at the event and from all that I put together this word cloud, which conveys some of the key themes that I would expect you're going to hear at the shows Look at skills jump right out, just like Brian was saying, the human element is going to be a big deal this year IoT and the IT OT schism, everyone's talking about the Olympics, and seeing that as a watershed event for cyber, how to apply machine learning and AI is a big theme, as is cloud with containers and server less

phishing, zero trust and frameworks, framework for privacy, frameworks for governance and compliance, the 2020 election and weaponizing social media with deep fakes, and expect to hear a lot about the challenges of securing 5G networks, open source risks, supply chain risks, and of course, the need for automation And it's no surprise there's going to be a lot of talk about cyber technology, the products and of course, the companies that sell them So let's get into the market and unpack some of the ETR spending data and drill into some of these companies The first chart I want to show you is spending on cyber relative to other initiatives What this chart shows is the spending on cyber security highlighted in the green in relation to other sectors in the ETR taxonomy

Notice the blue dot It shows the change in spending expected in 2020 versus 2019 Now, two points here First, is that despite the top of my narrative that we always hear, the reality is that other initiatives compete for budget and you just can't keep throwing cash at the security problem As I've said before, we spend like

014% percent of our global GDP on cyber, so we barely scratched the surface The second point is there's there's there's a solid year on year growth quite high at 12% for a sector that's estimated at 100 to 150 billion dollars worldwide, according to many sources Now let's take a look at some of the players in this space, who are going to be presenting at the RSA conference You might remember to my 2020 predictions in that breaking analysis I focused on two ETR metrics, Net Score, which is a measure of spending velocity and Market Share, which measures pervasiveness in the data set And I anointed nine security players as four star players

These were Microsoft, Cisco, Palo Alto Networks, Splunk, Proofpoint, Fortinet, Oka, Cyber Ark and CrowdStrike What we're showing here is an update of that data with the January survey data My four star companies were defined as those in the cyber security sector that demonstrate in both net scores or spending momentum, that's the left hand chart and market share or pervasiveness on the right hand chart Within the top 22 companies, why did I pick 22? Well, seemed like a solid number and it fit nicely in the screen and allowed more folks So a few takeaways here

One is that there are a lot of cyber security companies in the green from the standpoint of net score Number two is that Fortinet and Cisco fell off the four star list because of their net scores While still holding reasonably well, they dropped somewhat Also, some other companies like Verona's and Vera code and Carbon Black jumped up on the net score rankings, but Cisco and Fortinet are still showing some strength in the market overall, I'ma talk about that Cisco security businesses up 9% in the quarter, and Fortinet is breaking away from Palo Alto Networks from a valuation perspective, which I'm going to drill into a bit

So we're going to give Cisco and Fortinet two stars this survey period But look at Zscaler They made the cut this time their net score or spending momentum jumped from 38% last quarter to nearly 45% in the January survey, with a sizable shared in at 123 So we've added Zscaler to the four star list, they have momentum, and we're going to continue to watch that quarterly horse race Now, I'd be remiss if I didn't point out that Microsoft continues to get stronger and stronger in many sectors including cyber

So that's something to really pay attention to Okay, I want to talk about the valuations a bit Valuations of cyber security space are really interesting and for reasons we've discussed before the market's hot right now, some people think it's overvalued, but I think the space is going to continue to perform quite well, relative to other areas and tech Why do I say that? Because cyber continues to be a big priority for organizations, the software and annual recurring revenue contribution ARR continues to grow, M&A is going to continue to be robust in my view, which is going to fuel valuations So Let's look at some of the public companies within cyber

What I've compiled in this chart is eight public companies that were cited as four star or two star firms, as I defined earlier, now ranked this by market value In the columns, we show the market cap and trailing 12 month revenue in billions, the revenue multiple and the annual revenue growth And I've highlighted Palo Alto Networks and Fortinet because I want to drill into those two firms, as there's a valuation divergence going on between those two names, and I'll come back to that in just a minute But first, I want to make a few points about this data Number one is there's definitely a proportional relationship between the growth rate and the revenue multiple or premium being paid for these companies

Generally growth ranges between one and a half to three times the revenue multiple being paid CrowdStrike for example has a 39 x revenue multiple and is growing at 110%, so they're at the high end of that range with a growth at 28 times their revenue multiple today Second, and related, as you can see a wide range of revenue multiples based on these growth rates with CrowdStrike, Okta and now Zscaler as the standouts in this regard And I have to call at Splunk as well

They're both large, and they have high growth, although they are moving beyond, you know, security, they're going into adjacencies and big data analytics, but you you have to love the performance of Splunk The third point is this is a lucrative market You have several companies with valuations in the double digit billions, and many with multi billion dollar market values Cyber chaos means cash for many of these companies, and, of course for their investors Now, Palo Alto throw some of these ratios out of whack, ie, why the lower revenue multiple with that type of growth, and it's because they've had some execution issues lately

And this annual growth rate is really not the best reflection of the stock price today That's really being driven by quarterly growth rates and less robust management guidance So why don't we look into that a bit What this chart shows is the one year relative stock prices of Palo Alto Networks in the blue and compared to Fortinet in the red Look at the divergence in the two stocks, look at they traded in a range and then you saw the split when Palo Alto missed its quarter last year

So let me share what I think is happening First, Palo Alto has been a very solid performance since an IPO in 2012 It's delivered more than four Rex returns to shareholders over that period Now, what they're trying to do is cloud proof their business They're trying to transition more to an AR model, and rely less on appliance centric firewalls, and firewalls are core part of the business and that has underperformed expectations lately

And you just take Legacy Tech and Cloud Wash and Cloud native competitors like Zscaler are taking advantage of this and setting the narrative there Now Palo Alto Network has also had some very tough compares in 2019 relative to 2018, that should somewhat abate this year Also, Palo Alto has said some execution issues during this transition, especially related to sales and sales incentives and aligning that with this new world of cloud And finally, Palo Alto was in the process of digesting some acquisitions like Twistlock, PureSec and some others over the past year, and that could be a distraction Fortinet on the other hand, is benefiting from a large portfolio refresh is capitalizing on the momentum that that's bringing, in fact, all the companies I listed you know, they may be undervalued despite, of all the company sorry that I listed Fortinet may be undervalued despite the drop off from the four star list that I mentioned earlier

Fortinet is one of those companies with a large solution set that can cover a lot of market space And where Fortinet faces similar headwinds as Palo Alto, it seems to be executing better on the cloud transition Now the last thing I want to share on this topic is some data from the ETR regression testing What ETR does is their data scientists run regression models and fit a linear equation to determine whether Wall Street earnings consensus estimates are consistent with the ETR spending data, they started trying to line those up and see what the divergence is What this chart shows is the results of that regression analysis for both Fortinet and Palo Alto

And you can see the ETR spending data suggests that both companies could outperform somewhat expectations Now, I wouldn't run and buy the stock based on this data as there's a lot more to the story, but let's watch the earnings and see how this plays out All right, I want to make a few comments about the sale of the RSA asset EMC bought RSA for around the same number, roughly $2 billion that SDG is paying Dell So I'm obviously not impressed with the return that RSA has delivered since 2006

The interesting takeaway is that Dell is choosing liquidity over the RSA cyber security asset So it says to me that their ability to pay down debt is much more important to Dell and their go forward plan Remember, for every $5 billion that Dell pays down in gross debt, it dropped 25 cents to EPS This is important for Dell to get back to investment grade debt, which will further lower its cost It's a lever that Dell can turn

Now and also in thinking about this, it's interesting that VMware, which the member is acquiring security assets like crazy and most recently purchased carbon black, and they're building out a Security Division, they obviously didn't paw on the table fighting to roll RSA into that division You know maybe they did in the financial value of the cash to Dell was greater than the value of the RSA customers, the RSA product portfolio and of course, the RSA conference But my guess is Gelsinger and VMware didn't want the legacy tech Gelsinger said many times that security is broken, it's his mission to fix it or die trying So I would bet that he and VMware didn't see RSA as a path to fixing security, it's more likely that they saw it as a non strategic shrinking asset that they didn't want any part of

Now for the record, and I'm even won't bother showing you the the data but RSA and the ETR data set is an unimpressive player in cyber security, their market share or pervasiveness is middle of the pack, so it's okay but their net score spending velocities in the red, and it's in the bottom 20th percentile of the data set But it is a known brand, certainly within cyber It's got a great conference and it's been it's probably better that a PE company owns them than being a misfit toy inside of Dell All right, it's time to summarize, as we've been stressing in our breaking analysis segments and on the cube, the adversaries are very capable And we should expect continued escalation

Venture capital is going to keep pouring into startups and that's going to lead to more fragmentation But the market is going to remain right for M&A With valuations on the rise The battle continues for best of breed tools from upstarts like CrowdStrike and Okta and Zscaler versus sweets from big players like Cisco, Palo Alto Networks and Fortinet Growth is going to continue to drive valuations And so let's keep our eyes on the cloud, remains disruptive and for some provides momentum for others provides friction

Security practitioners will continue to be well paid because there's a skill shortage and that's not going away despite the push toward automation Got in talk about machine intelligence but AI and ML those tools, there are two edged sword as bad actors are leveraging installed infrastructure, both tools and behaviors to so called live off the land, upping the stakes in the arms race Okay, this is Dave Vellante for Wikibon's CUBE Insights powered by ETR Thanks for watching this breaking analysis Remember, these episodes are all available as podcasted Spotfire or wherever you listen

Connect with me at davidvellante at siliconanglecom, or comment on my LinkedIn I'm @dvellante on Twitter Thanks for watching everybody

We'll see you next time (upbeat music)

Source: Youtube

This div height required for enabling the sticky sidebar