- Cyber security is expected to witness growth.
- Topline growth projections of cyber security stocks are not in line with industry expectations.
- FireEye, a cyber-security player, should be avoided amid very rich valuation, potential difficult comps and optimistic consensus.
FireEye Inc. (FEYE, Financial) is a cyber-security solution provider for industries that are prone to cyber-attacks. Their solutions help organizations detect, prevent and resolve cyber-attack. Since its formation in 2004, the company has been successfully expanding its geographical reach; its services protect businesses, government agencies and NGOs located in United States, Europe, Middle East and Africa, Asia Pacific and Japan. The majority of FireEye’s customers include organizations that are dependent on large amount of data and records for their daily operations. Some of them are telecommunication providers, stock exchanges, oil and gas companies and financial institutions, etc.
The company offers a range of security products and services to its customers.
Threat Prevention Solutions: Utilizing the MVX engine, these solutions provide detection and blocking of malicious activity in an organization’s web traffic, email content, endpoint devices including laptops and PCs, file content deployed by users in an organization’s network and mobile devices.
Security management Products: These products include central management system, which shares latest threat intelligence with the threat prevention platform. It also includes a cloud based solution called threat analytics platform.
Security Forensics Products: These include network forensics platform and investigation analysis system for investigating cyber-attacks in order to develop protective measures for the future.
The company offers its products through subscription that includes different packages based on the level of threat intelligence analysis required by the clients. The packages offered are dynamic threat intelligence, advanced threat intelligence, advanced threat intelligence plus.
The two main sources of revenue for FireEye are the sales of its appliances and revenue from subscriptions and services. Of the $425 million generated during 2014, 58% came from the sale of appliances. See the chart below:
Source: SEC filings
FireEye relies heavily on U.S based companies for its revenue. In 2014, 75% of the total revenue came from the clients in the U.S., while 25% was generated from non-U.S. clients.
Regarding customers, Carahsoft Technology Corp. is a major customer that accounted for approximately 11% of the company’s total revenue during 2014. Note that clients of FireEye give more weightage to the cloud based services and product support services of the company.
The increase in usage of mobile and cloud services will become the key drivers of demand for cyber security. Gartner predicts that cyber security spending will grow 8.2% during 2015 to reach $76.9 billion. A report from MarketsandMarkets projects cyber security to grow at a CAGR of 9.8% during 2015-2020. By 2020, North America will be the largest market for cyber security solutions followed by Latin America and Asia Pacific Regions.
A report from PWC points out that number of information security incidents had grown by 48% in 2014; financial losses suffered, as a result, grew by 34%.
A report by Peninsula Press projects the demand for information security professionals to grow by 53% through 2018.
“The number of jobs in information security is going to grow tenfold in the next 10 years,” said the director of Jay Pinson STEM Education Center at San Jose State University.
To review, growth of interconnected devices and adoption of cloud is giving rise to cyber security risks. Organizations will be spending a lot more on cyber security to protect their data. Consequently, much of these spending will be channeled towards cyber security service providers like FireEye.
Following is our take on FireEye.
FireEye is posting impressive quarterly results. During Q1 2015, the company posted revenue growth of 69% on a year-over-year basis surpassing its guidance and Wall Street’s consensus. Growth in revenue outpaced the growth in OPEX that can add to the bottom line of the company going forward. Gross margin of the company also improved from 68% to 71% indicating that customers are willing to pay more in the wake of rising cyber security threats. FireEye is gaining customers at a decent run rate. The company added 220 new customers during the first quarter of 2015.
FireEye maintains a differentiated product portfolio in cyber security. The company received several awards in recent times highlighting the quality of FireEye’s offerings. Department of Homeland Security granted a certification to FireEye under the safety act. The company was awarded the Best Security Company and Trust award for APT protection at the RSA conference. All in all, FireEye's product portfolio seems competitive.
The company has a financial cushion to support it growth. Cash balance of the company stands around $37 million with current ratio of 1.82 indicating that the company faces no liquidity problems. Further, gearing is zero giving FireEye the ability to raise debt in order to support growth.
Consistent negative earnings will put off investors. Despite all the growth, product differentiation and financial support, what really matters to investors is earnings growth. One of the major setbacks we conceived from our analysis of FireEye was its history of generating negative earnings each year. The company has been bearing losses for the past five years. In 2014, even after experiencing a massive 164% revenue growth, the company posted a loss of $443 million. And, this is not over yet. FireEye is guiding for a non-GAAP loss of $1.75-$1.85 per share during 2015. OCF is also expected to be in the red. In effect, the company is burning through its cash resources. Eventually, FireEye has to finance its operations. Dilution will weigh on the stock price growth going forward.
FireEye’s stock valuation is very rich and growth expectations are difficult to match. The stock is trading at a P/S of 17.77 as compared to the application software industry’s average of 4.13. There are no earnings to even compare the stock on PE basis. Let’s assume that, somehow, the company manages to post a $1 non-GAAP EPS during 2016. This gives a forward PE of 53.65 while earnings are expected to grow at 35% p.a. during the next five years. The point is that growth of FireEye is disproportionally valued. Note that FireEye is expected to post a non-GAAP loss of $1.39 per share during 2016.
Further, the growth expectations of 35% p.a. are very hard to match going forward. Cyber security is expected to grow at 8-10% during the next five year or so. Managing a 35% earnings growth will prove to be quite difficult for FireEye. Not only this, the recent quarter’s growth of 59% creates a difficult comparison for upcoming quarters as the company tries to match that in an industry that is expected to grow at 10% p.a. Slowing growth trend in upcoming quarters will act as a catalyst for FireEye’s stock price depreciation going forward.
Growth in cyber security space is real. The industry will grow at a decent rate going forward. However, growth expectations of cyber security stocks can’t be justified on the growth of cyber security industry. Last year was a stellar growth year for FireEye; expectations for 2015 are also very high. However, the industry will not support this explosive growth for long and a sharp decline in the topline growth can materially affect FireEye’s stock price. Further, much of the upside, if any, is already priced in as indicated by P/S. Overall, given the risks of slowing growth, difficult comparisons and conflicting industry and Wall Street consensus growth projections, investors should steer clear of FireEye for now.