The Undercover CISO’s 2022 Security Product Predictions

Posted by

I was just settling back to work after a nice holiday vacation when my phone rang. It was the Undercover CISO.

“Happy New Year, UC!”

Of course, he was in his usual foul mood.

“Happy New Year? This year is going to be a mess for security companies!” he growled.

“How so?” I asked. Although I wasn’t really in the mood to hear his rant.

“Don’t you see? Interest rates are rising. Growth is slowing. This is the year that stock valuations are going to tank. There are too many security companies and they are way overpriced. None of these companies have net earnings to speak of, if any at all. They are also too overvalued to buy out. Something’s going to break.” He seemed to cool down as he continued.

“Are we looking at consolidation? A correction in security stock prices?” I asked.

“Of course!” He was again on the edge of agitation. “One good example: have you seen CrowdStrke’s stock price? This is a company that is doing everything right. They beat earnings estimates every quarter. They have a best-in-breed product and focus on cloud-based technology. And…their stock price is dropping. The bubble is starting to burst, and not just them.”

“Why is that?” I asked the question, but knew the answer.

“Because they have picked all the low lying fruit. Interest rates are rising. Their revenues are increasing nicely, but only linearly. That growth rate doesn’t support their valuation. Now they are at a point where they have to diversify, and/or obtain smaller-market customers. Either way, that is a drag on their margins. And, Microsoft looms large to mop up a lot of market share. Did I mention Microsoft essentially gives away its security products for free?”

Before I could offer a word, he continued. “I placed a big short bet on DarkTrace. You know, the so-called AI security company? They are a marketing company that also does some kind of security function that is apparently great because it uses AI. If you ever go to a security get-together and there are two booths, one of them will be a DarkTrace booth. Does the product actually work? No one knows, but it uses AI. Anyway, I have to short the dumpster fire SentinelOne before the market closes. Bye!”

Despite his abrasive nature I always seem to learn something new from the Undercover CISO. He made some good points. I did some number crunching on DarkTrace and a couple endpoint security companies:

SentinelOne is the new hot endpoint security company, and its stock is flying high since going public last year. Of course, none of these stocks have substantial net income. If we look at the market cap-to-revenues ratio, we find outsized numbers even for growth stocks.

A good indication of whether a stock price is disconnected from economic growth is market cap per customer. In its last financial statement, SentinelOne reported 6,000 customers. At the current market cap of $11.39B, that works out to almost $1.9M of market cap per customer. Do you know how many of SentinelOne’s customers provide over $100K of revenues per year? Under 500. Not terribly impressive for a company that 1) is in a crowded market, 2) lost $67M on revenues of $237M in its last quarter, and 3) has gross margins ten percent lower than CrowdStrike’s.

Further, it is unclear if the pandemic-induced shift to a largely remote workforce accelerated the growth of these stocks in the years 2020-2021 and things will slow down in 2022. Either way, if the Undercover CISO is right, and valuations come back to earth, we will see a big shakeout. The weaker security product players will continue to fade and others will merge. Unfortunately for them, they will be merging to compete with Microsoft’s offerings.

It is going to be a very interesting year.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s