FireEye Needs to Keep the Heat On

The Four Percent


Going from predator to prey back to predator again has been a profitable ride for

FireEye

investors. How it works out for the company itself remains to be seen.

High-profile network breaches have often been a boon for cybersecurity stocks, and the massive

SolarWinds

hack has been no exception. The NYSE FactSet Global Cyber Security Index has jumped 12% since the attack was reported on Dec. 13. The 12 largest pure-play vendors on that index are now up an average 18% in that time, based on Monday’s closing prices.

The attack used a flaw in the network-management software sold by SolarWinds, a Texas-based IT company that counts many federal agencies as customers. But ironically, it was brought to light by FireEye, which specializes in hack investigations and was itself a victim of the attack.

It has been a wild ride. FireEye’s shares sank 13% after it reported the breach of its own system on Dec. 8. That seemed like very bad news for a company that is often the first call for other companies who suffer an attack. Citigroup analyst

Walter Pritchard

warned at the time that FireEye faced a clear risk of “reputational damage,” even as the company described the attack as the work of “a highly sophisticated state-sponsored attacker utilizing novel techniques.”

But since more news has dribbled out about the scale of the attack and SolarWinds’ centrality to it, sentiment shifted hard. FireEye’s shares have soared 70% from their initial selloff and are now up 53% this month—beating out even other red-hot cybersecurity names such as

CrowdStrike

and

Zscaler

that analysts believe will be the primary beneficiaries of increased corporate IT security spending. Those two are up 39% and 28% for the month, respectively, and more than 300% for the year. SolarWinds, by contrast, has lost one-third of its market value since the attack became public.

Investors generally treat high-profile breaches as promotional events for cybersecurity companies. But the impact on actual business isn’t always clear-cut. FireEye played a major role in investigating the

Sony

hack in late 2014, but that didn’t stop the company’s revenue growth from decelerating sharply from the triple-digit rates it had been enjoying in previous quarters. And security already was the top spending priority for companies this year, according to a December survey of chief information officers by

Goldman Sachs.

Fatima Boolani

of

UBS

notes that checks with companies since the SolarWinds attack became public “indicate a ‘spending smart’ not ‘spending hard’ mentality.”

So cybersecurity stocks could be setting up for a big correction later as reality sets in. FireEye’s advantage here is that it is still one of the cheapest pure-play cybersecurity vendors, trading at just 5.4 times forward sales. And it isn’t alone in a sector long driven by a hot-or-not approach by investors. CrowdStrike and Zscaler carry multiples ranging from 46 to 48 times forward sales. By contrast,

Palo Alto Networks,

Check Point Software

and

Fortinet

—three of the largest cybersecurity pure plays by annual revenue—trade around eight to nine times forward sales.

But as Mr. Pritchard of Citi noted in a Dec 21 report, the most relevant countermeasures to the SolarWinds hack don’t involve the cloud, where the most highly valued companies specialize. He expects the hack to remind investors “that some ‘legacy’ players are less irrelevant than what is priced into shares.” FireEye just needs to translate that relevance into new business.

Write to Dan Gallagher at dan.gallagher@wsj.com

Copyright ©2020 Dow Jones & Company, Inc. All Rights Reserved. 87990cbe856818d5eddac44c7b1cdeb8

Appeared in the December 29, 2020, print edition as ‘FireEye Needs to Keep the Heat On.’



Source link Tech

Be the first to comment

Leave a Reply

Your email address will not be published.


*