Au cours d’un dîner dédié aux valeurs technologiques, si l’on veut faire consensus, il suffit d’évoquer son enthousiasme pour le segment de la cybersécurité, tant les vents porteurs sont évidents. Il s’agit presque d’un argument d’autorité.
At a dinner dedicated to technology stocks, if you want a consensus, all you have to do is mention your enthusiasm for the cybersecurity segment. This is understandable, given all the factors pushing in its favour.
And yet, judging by cybersecurity’s fundamentals and sentiment among cybersecurity companies, the outlook appears to have darkened considerably in recent months. Shares in Fortinet, one cybersecurity giant, collapsed by 20% in August, after the company stated flat out that the coming years would be far more challenging, and that the economic environment would be working against cybersecurity. Even two rapidly growing companies, Rapid7 and Sentinel1, are now publicly offering themselves for sale, even with their share prices at a low. This runs counter to the previous seller’s market, which had consisting in selling out at high multiples to eager buyers, without the need to put up a “for sale” sign.
Meanwhile, Palo Alto Network, whose aggressiveness is legendary both commercially and on the M&A front – and in how much it paid its managers – kept its growth levels up during the quarter but only after setting up a vendor financing subsidiary for its customers, a previously almost unheard of practice in the industry.
A DEMAND-SIDE CRISIS OR THE LAW OF LARGE NUMBERS?
From 2018 to 2022, aggregate annual revenues of big cybersecurity specialists rose from 7.3 billion dollars to almost 20 billion – annualised growth of about 22%, driven by four factors: (1) the cloud boom, which engendered new needs; (2) the Covid-inspired expansion in remote-working and the new vulnerabilities that this created; (3) an environment very favourable to IT spending; and (4) a detrimental geopolitical context.
Regarding the first two points – the cloud and the morphing of remote-working into “hybrid work”, companies’ needs are now more behind us than in front of us, as they have already completed their installation phase, moreover in synchronised fashion in every sector and geographical location. Even if demand is sustained over the next four years and even if the industry achieves additional revenues equivalent to the 2018-2022 period, annual growth would slip, on average to 10%, driven down by the law of large numbers.
EMERGENCE OF NEW TRENDS
Identity management is becoming increasingly crucial, and cybersecurity and everything that consists in protecting users from identity theft of all types, should continue to be driven by the potential irruption of deepfakes augmented by generative AI. A second trend is making the rounds, but we see very little potential in it – consolidation around platforms that would emerge from a turnkey, or quasi-turnkey solution.
If we compare a Chief Information Security Officer (CISO) with an asset allocator specialising in equities, should that allocator opt for a MSCI World ETF, even if it has a strong track-record? Seems unlikely. Even so, he might use a platform in two cases – to lower the price of a specialised solution, or to reduce his total budget for items regarded as “standardised”.
These two trends therefore suggest that stock-picking will have an important part to play in cybersecurity in the coming years, as the underlying wave subsides somewhat.
CYBER-DEFENCE: THE NEXT SOURCE OF GROWTH
Identity management and user protection have been our main cybersecurity investment stories in recent years, via stocks such as Mimecast, SailPoint and ForgeRock, all of which were taken over at high premiums. We still believe this is the most promising theme in cybersecurity. In our view, cyber-defence – i.e., cybersecurity on a governmental scale – will be the next source of growth, via companies such as Booz Allen Hamilton. However, it will now be necessary to regard cybersecurity beyond its growth component and to take a closer look at its defensive, visibility and cashflow components. This is where companies such as Akamai and Checkpoint may also be worthwhile and are among the few generating positive cashflow, when adjusted for stocks options.
Keep in mind that of the aforementioned sample of leaders – which are the biggest cybersecurity market caps, at more than 150 billion dollars – 60% of them are not profitable and can therefore not be assessed in P/E terms.
They face the challenge of having to boost their profits rapidly against a backdrop of slower growth and a potential platform-triggered price war. Here again, stock-picking within the sector will be the only way to generate returns.
Source: Bloomberg. Data as at 31/08/2023.
By Jacques-Aurélien Marcireau, Fund Manager of Big Data Strategy and Co-Head of Equities at Edmond de Rothschild Asset Management.
LEGAL DISCLAIMER
September 2023. This document is issued by the Edmond de Rothschild Group. It has no contractual value and is designed for information purposes only.
This material may not be communicated to persons in jurisdictions where it would constitute a recommendation, an offer of products or services or a solicitation and where its communication would therefore contravene applicable legal and regulatory provisions. This material has not been reviewed or approved by any regulator in any jurisdiction.
The figures, comments, opinions and/or analyses contained in this document reflect the Edmond de Rothschild Group's view of market trends based on its expertise, economic analyses and the information in its possession at the date of preparation of this document and may change at any time without notice. They may no longer be accurate or relevant at the time of publication, particularly in view of the date of preparation of this document or due to market developments.
The information on companies should not be considered as an opinion of the Edmond de Rothschild Group on the foreseeable development of these securities and, where applicable, on the foreseeable development of the price of the financial instruments they issue. This information does not constitute a recommendation to buy or sell these securities. The composition of the portfolio may change over time.
This document is intended solely to provide general and preliminary information to those who consult it and should not be used as a basis for any investment, disinvestment or holding decision. The Edmond de Rothschild Group shall not be held liable for any investment, disinvestment or holding decision taken on the basis of such comments and analyses.
The Edmond de Rothschild Group therefore recommends that all investors obtain the various regulatory descriptions of each financial product before investing, in order to analyse the associated risks and form their own opinion independently of the Edmond de Rothschild Group. It is recommended to obtain independent advice from specialised professionals before entering into any transaction based on the information contained in this document, in order to ensure that the investment is suitable for the investor's financial and tax situation.
Past performance and volatility are not indicative of future performance and volatility and are not constant over time and may be independently affected by changes in exchange rates.
Source of information: unless otherwise indicated, the sources used in this document are those of the Edmond de Rothschild Group.
This document and its contents may not be reproduced or used in whole or in part without the permission of the Edmond de Rothschild Group.
Copyright © Edmond de Rothschild Group - All rights reserved
EDMOND DE ROTHSCHILD ASSET MANAGEMENT (FRANCE)
47, rue du Faubourg Saint-Honoré 75401 Paris Cedex 08
Société anonyme governed by an executive board and a supervisory board with capital of 11.033.769 euros
AMF Registration number GP 04000015
332.652.536 R.C.S. Paris