Enterprises are spending more and more on cybersecurity. So which providers will reap the rewards?
That was one of the questions emerging from the RSA cybersecurity conference in San Francisco this week, with perspectives on leading security players such as Cisco (CSCO) and Palo Alto Networks (PANW) coming into greater focus. Shares of each were roughly flat on Friday, with Cisco closing out the week at $51.07 and Palo Alto Networks at $234.63.
"This year the spending trend was much more pronounced specifically around the move to the cloud based on our numerous conversations with CIOs/CISOs and various IT product executives during our week spent at the annual event. We believe the main catalyst for cyber security continues to be the heightened threat environment and transformational move to the cloud which are clear catalysts for well positioned names in the sector," wrote Wedbush's Dan Ives on Friday. Based on a survey of enterprise spending, cybersecurity budgets are projected to grow about 20% year-over-year in 2019, he noted.
Palo Alto Networks -- a pure-play cybersecurity firm that offers a range of cloud security products -- is one of the best-known names in the sector, and has been growing its revenue at a rate exceeding the overall IT security market. Despite competing with companies such as Cisco, Check Point (CHKP) , Juniper Networks (JNPR) and others in offering firewalls and other solutions, Palo Alto Networks CEO Nikesh Arora reiterated a theme of greater integration across the sector to an audience at the RSA conference.
"The industry needs more integration; it needs more of our solutions to work better together," Arora said. Another of Palo Alto Networks' current priorities is helping enterprises manage a proliferating number of security alerts, which was highlighted by a $560 million acquisition of Demisto earlier this year. That acquisition is viewed as boosting Palo Alto Networks' analytics capabilities, BMO Capital Markets' Keith Bachman pointed out in a note this week.
"We believe the analysis of API-related traffic will be increasingly important, as highlighted by recent acquisitions by PANW as well as [Check Point]," wrote Bachman, who also noted the rapidly evolving landscape in security services. "More broadly, we think PANW continues to broaden its portfolio of subscription services, and we expect service revenue growth to remain strong with our projection of 25-29% growth for the next two years."
Palo Alto Networks' stock has been in a slump since late February, but is up 28% year to date. Jim Cramer and the Action Alerts Plus team, which holds a position in Palo Alto Networks, attributed the dip in part to recent turnover in the company's sales division.
Meanwhile, Cisco has also been snapping up smaller security players in an effort to broaden its footprint. In the past couple of years, the networking giant has acquired AppDynamics, Meraki, Duo Security and others, seeking to leverage its existing customer base and expand into new lines of business.
According to Deutsche Bank's Vijay Bhagavath, Cisco's promising results over the past couple of quarters are evidence that its product strategy is working out well.
"The beat and raise trajectory of CSCO -- now 2 quarters in a row -- is indicative of the company solidly executing on multi year product cycles in the core business: i.e. Enterprise Networking Refresh, etc and, more importantly executing at double digit pace in the Secular Growth portfolio," he wrote.
It wasn't just product integration weighing on people's minds at the cybersecurity conference, however. Privacy issues also loomed over the event, with Facebook CEO Mark Zuckerberg posting an essay earlier in the week claiming that Facebook will become a privacy-focused platform moving forward.
Regardless of how one may analyze Zuckerberg's essay, which described an emphasis on private messaging and small groups as opposed to public posts, executives at the event said that shifting privacy to the core of Facebook's messaging represented a sea change for the industry, as big tech companies face the specter of sizable fines for privacy violations. Facebook is reportedly negotiating a fine with the FTC, related to the Cambridge Analytica scandal, that could total as much as $4 billion to $5 billion.
"What happens is if someone gets a large fine, it's going to start the ball rolling for more," Uber's privacy chief, Ruby Zefo, told an audience at the conference.