Think cyberattacks and computer hacking have been contained? Think again. So far in 2018, writes BDO’s head of U.S. and International Cybersecurity Gregory Garrett, “we have seen a 350% increase in ransomware attacks, a 250% increase in spoofing or business email compromise (BEC) attacks and a 70% increase in spear-phishing attacks in companies overall.”
Hackers and cybercriminals are busier than ever.
To the credit of some, most of those attacks were rendered ineffective. At the other end of the spectrum though, the sheer number of these attacks is making consumers and individuals numb while stretching the resources of enterprise-level entities increasingly thin. Sooner than later, another hacker is going to break through a vulnerability. And, as ugly as some of recent data breaches have been, it’s unlikely bigger and better hacks aren’t in the cards.
While it’s clearly a troubling trend, it’s also an opportunity for investors willing to look past a company’s history and focus on the present. FireEye (FEYE), after years of expensive acquisitions and subsequent losses, has quietly reached a profitability tipping point at a time when demand for cybersecurity solutions has never been greater.
It may be time to pull the trigger.
The (Brief) Backstory
FireEye is classified as a cybersecurity outfit, but the description doesn’t do the company justice. It’s a threat-detection and threat-analytics service provider, using artificial intelligence to do what mere firewalls and anti-malware software can’t do – predict attacks. Channelnomics recently named FireEye an Innovation Award winner for its machine-learning-powered malware security solution.
FireEye went public in 2013 with the usual IPO fanfare. That is, it surged out of the gate, supported by a then-budding avalanche of data breach and digital-security breakdowns that looked and felt terrifying. The bullishness flamed out in the early part of 2014, however, as investors increasingly realized the company’s M.O. was simply to buy its way – and buy at rather indiscriminate prices – its way to market share. Revenue grew, but losses grew at an even faster clip.
Confused and frustrated, shareholders indirectly forced former CEO David DeWalt out in 2016, putting company founder and then-President Kevin Mandia in charge.
It was the right move, though not just because Mandia would slow down on the dealmaking and start extracting more value from all the company’s purchases. Mandia would introduce a twist in the way its software was sold that would make a world of difference.
It’s called Helix. Launched in late-2016, Helix aggregates all the different tools FireEye offers. That’s not the noteworthy detail, however. Helix was one of the early cybersecurity options that was offered on a subscription-basis. This flexibility allows users to enjoy an always-updated suite of products, and simultaneously translates into reliable, recurring revenue for FireEye.
Perhaps not coincidentally, that’s when the company’s bottom line reached a clear turning point. Revenue growth has been steady, and the pros are calling for top-line growth at the same rate going forward.
The business model works.
More important, customers are staring to line up in earnest. During the third quarter – and this is the part that’s largely been overlooked by the market – customer acquisition accelerated. The 243 clients it added a quarter ago was nine more than it picked up for the third quarter of 2017. It’s also ahead of 2017’s year-to-date subscriber additions pace, by 8%.
These are quality customers too. Of the 243 new paying customers, 43 of them were million-dollar customers. Year-to-date, subscribers worth $1 million in revenue are being added at a pace of roughly 10% better than 2017’s to-date tally.
The average contract length is also growing again, reaching 28.6 month during Q3 after slipping to just a bit more than 27 months earlier in the year.
All told, more than one-third of its top-line is now subscription-based, and its annualized recurring of $538 million as of the end of Q3 is 10% better than the comparable figure from a years earlier. Yet, the sales and earnings outlook may underestimate FireEye’s potential… a premise underscored by the fact that the company’s got a long history of earnings beats.
The list of major data breaches is becoming uncomfortably long. More uncomfortable is that it continues to grow at an even pace; hacks, trojan horses, malware and a whole host of other forms of digital disruption aren’t slowing down when they arguably should be.
They may be about to get worse too. Information Age believes “hackers will look to become more organized and more commercialized, perhaps even having their own call centers” in 2019, and that breaches will grow in complexity and therefore become tougher to prevent.
Ransomware will be rebirthed too, "Ransomware attacks come in waves, and I am sure it will make a return in 2019," says Gartner analyst Ramon Krikken, adding that "Many companies have implemented ransomware defenses, but in 2019 it will again hit some companies badly."
It’s also not been given its due attention, but the current tariff war is at least partially the result of cyber espionage, and that’s likely to be wielded as a political and capitalistic weapon much more so in the near future. (FireEye is already serving more than 60 governments, by the way.)
All told, Gartner anticipates $124 billion worth of IT security spending in the coming year, up nearly 9% from 2018’s likely final tally. That’s not the noteworthy number on Gartner’s radar, however. It’s what comes after 2019 that positions FireEye as such a compelling growth prospect. By 2022, annual spending on cyberdefense is expected to reach $170 billion, with always-updated and proactive threat-detection like FireEye’s technologies bring to the table.
Much of that money is FireEye’s to earn. While the organization has competition on most key fronts, some of which is better, FireEye has a deep and wide product lineup that serves as the simple one-stop solution enterprises are seeking.
Although the story is compelling, it would be short-sighted to think the company is bulletproof. There’s little barrier to entry into the cybersecurity market. For FireEye to remain the top prospect of its ilk, it has to remain better than the rest.
Thus far it’s been able to do so, leaning on machine learning to deliver some services that simply aren’t available via other vendors. The company announced on Monday, in fact, that its endpoint security solution won an award from AV-Comparatives, underscoring how well FireEye creates and updates its platforms. To continue growing the top and bottom line, however, it must keep doing so.
The only other potential stumbling block ahead may be the stock’s history.
While FEYE has seen net gains since its early 2017 low, progress has been inconsistent at best, and investors may be wary of stepping into a stock that’s not performed all that well… even when it arguably should have given the underlying fundamentals. This is still a ‘story stock,’ with all the sentiment-based trappings thereof.
Nevertheless, shares are trending high, having been guiding by a well-framed rising channel that’s finally inspiring higher highs. This consolidation phase has the potential to squeeze FEYE shares out of a narrow range and on to much higher highs in a hurry, with little to no warning. The key is simply in telling the story the right way, and in the right market environment. A break above the upper edge of that trading range, currently at $21.00, could be such a catalyst,
Whatever the case, from a risk/reward perspective, the lull since early this month looks like a fair buying opportunity for investors that are prepared to be patient… as in a year or more. Not many people have noticed how far this company has come in just the past couple of quarters. That may not be the case a year from now.
Subscribers to the Well-Rounded Investor newsletter heard about this idea first. If you'd like more trading ideas delivered to your inbox on a regular basis, take the Well-Rounded Investor service for a test drive. The newsletter maintains a full-blown portfolio of stock picks, as well as offering market insight.