Posted by I got a call from a friend the other day. We’ll call him the Undercover CISO. He is a polymath who frets over M2 Velocity, can name the entire 1987 Chicago Cubs roster, knows all Taylor Swift’s album sales numbers by heart, and also has a deep cyber background from a technical and business level. I could tell he was irked about something right off the bat.
He growled, “Have you seen the CrowdStrike financials lately?” Of course I had. CRWD is the darling of cybersecurity stock pickers.
“A $30 billion company??!!” His voice boomed in my ear.
“Well, they have great offerings and have been growing very fast,” I replied.
He was having none of it. “How could they not be growing fast? We are in the golden age of EDR [Endpoint Detection and Response]. Companies have been buying EDR products like crazy to secure their remote workforces. EDR and toilet paper are the hottest commodities around.”
I probed him for more information. “What about their competitors? FireEye, for one, has really dropped out of sight.”
He chortled. “FireEye is a good case study. They had the best products in the security industry. Great margins. Great business model. Then they merged with Mandiant, a services company with lower margins. They also overpaid for Verodin, a security testing company. That is what happens to these security companies. They have enormous growth expectations and the only way they can get there is through M&A [mergers & acquisitions]. But consolidating to create a broader set of security offerings rarely works well. If the NASDAQ gave an award for the flattest stock price over the last five years, FireEye would win hands down.”
He continued his rant. “Speaking of security products on the decline, Cylance is dead. They just don’t know it yet. Blackberry should spin out the corpse like a mafia hitman drops a body out of the back of his trunk,” he said rather matter-of-factly.
He was on a roll. “What about Carbon Black?” I asked.
“Nobody inside or outside VMWare knows why they bought Carbon Black. It was like Kim Kardashian in a Beverly Hills furniture store. They had the cash to buy something flashy but had no idea where to put that lime-green sofa when they got it home.”
He continued. “Now McAfee is going IPO [Initial Public Offering]. Good for them. Actually, their six month revenues were $1.4 billion, almost a billion dollars more than CrowdStrike’s over the same period. And they have squeezed out a positive net income and have a large customer base. But they are looking for a valuation of $8 billion? Good luck with that. They are not a growth stock. They have a stable of long-in-the-tooth security products. Even John McAfee is too sober to buy at that valuation.”
“But you called me about CrowdStrike,” I said.
He got back on track. “Oh yeah. The problem with CrowdStrike is the problem FireEye had. They need to grow really fast to justify their stock price. Now they are talking about having a suite of integrated products. Suites are great for the vendor that wants to ‘lock-in’ customers. Not so great for customers that want flexibility in their tooling and competitive pricing. Product suites the Death Star [his term for Microsoft] has with Azure are the sure things. The cloud is king. When I hear about product suites and AI, I want to puke. And don’t you dare mention what Cisco is doing in security. I just ate breakfast and don’t need to shower again.” Apparently he was not a fan of Cisco’s security portfolio.
He continued. “The bottom line, the security industry is in a cycle of hype, M&A, decline, spin-offs, cutbacks, and reinventing. But that is a topic for another day. I have to run to get my short trades set up for these cybersecurity flops. Let’s meet up later to watch the Cubs. I can’t believe you root for that team from the swamp.” I didn’t bother to remind him that my Washington Nationals won the World Series last year.
A lot to think about. Opinionated? Absolutely. The Undercover CISO certainly does not hold anything back. I’m sure we will hear more from him soon.
Are you an Undercover CISO who has a tip? Drop us a line at info@bobcatcyber.com. And scroll down to subscribe so you never miss a new post.
Security Economics 
4 comments
Comments are closed.