Against a backdrop of strong IT security spending and ongoing reports of major data breaches, security tech companies have for the most part kept delivering strong numbers.
FireEye (FEYE) just provided the latest example. At its Tuesday analyst day, the company disclosed that it expects its Q3 revenue to be "at or above" the high end of a prior guidance range of $217 million to $221 million, while reiterating its Q3 billings guidance.
In addition, FireEye, which has had its share of top-line pressures in recent years amid competitive pressures and sales execution issues, said it's aiming to grow its billings at a 12% to 16% compound annual rate (CAGR) over the next five years, and to grow its revenue at a 12% to 15% CAGR. Shares rose 4.9% in Wednesday trading as markets digested the analyst day guidance.
A slew of other security tech names have shared encouraging numbers in recent months. Notable examples include:
- Palo Alto Networks (PANW) , which at its Sept. 5 analyst meeting said it expects its revenue and billings to each grow at 20% compound annual rates through fiscal 2022 (ends in July 2022).
- Fortinet (FTNT) . In early August, the company comfortably beat Q2 estimates on the back of 21% billings growth and 18% revenue growth, and also hiked its full-year revenue and billings guidance.
- Proofpoint (PFPT) . In July, the company beat Q2 estimates while reporting 25% revenue growth and 17% billings growth, and hiked its full-year guidance.
In addition, while there have been a few security tech names that have sold off post-earnings since July, the declines have had more to do with inflated multiples and expectations rather than the sharing of truly bad numbers. For example, Zscaler (ZS) , whose shares had gone into a September earnings report up nearly 300% from their $16 2018 IPO price, sold off after reporting 53% revenue growth and 32% billings growth, and guiding for its billings to grow 26% to 28% in fiscal 2020 (ends in July 2020).
All of this top-line strength comes at a time when research firms Gartner and IDC estimate total IT security hardware, software and services spending is (much like enterprise software spending) growing at a high-single digit clip, and forecast it will continue to do so during the next few years. IDC forecasts a 9.2% CAGR for security spending from 2018 to 2022.
Separately, in Nomura's latest, semi-annual, CIO survey, security was found to be the top spending priority among CIOs for the tenth straight time. Seventy-eight percent of respondents said "ensuring network and data security" was one of the top drivers of IT spending for their organization. Just as importantly, only 2% said that their organization typically cuts security spending when the macro environment worsens -- this compares with 66% saying spending on PCs is cut, and 54% and 46% respectively saying this is the case for spending on AI and servers.
Surveyed CIOs indicated they're unlikely to cut security spending during a downturn. Source: Nomura.
Certainly, the never-ending barrage of stories about prominent companies and government agencies getting hit by data breaches has not dampened CIO interest in spending more on security. The last few months have seen credit reporting agency TransUnion, food delivery firm DoorDash and e-commerce software and services provider Volusion join the ranks of companies to disclose major breaches.
Though some security tech firms sport more compelling valuations than others, the broader spending environment that they're navigating looks as healthy right now as it did in February. Those looking for a relatively low-risk way of playing the space might want to consider the ETFMG Prime Cyber Security ETF. The ETF owns more than four dozen names (a mixture of security pure-plays and large tech companies with some security exposure, such as Cisco Systems (CSCO) ), with no name accounting for more than 3.6% of the fund's holdings.
