Security sector ripe for M&A

Contact: Ben Kolada

Thousands of security executives, bankers and investors descended on San Francisco last week for the annual RSA and America’s Growth Capital West Coast Information Security & Emerging Growth conferences. (Many of them also joined us at our executive-only breakfast last week.) Nearly 700 companies exhibited at the two conferences, and after speaking with many of these companies we walked away convinced that the number of M&A opportunities in enterprise security seem as large as ever.

Many of these companies saw explosive growth in 2011, and the forecasts are equally bullish for this year. One such company is network security analytics startup Solera Networks. Following RSA last year, we predicted that NetWitness would soon sell – we were right. This year, we expect NetWitness rival Solera to get some acquisition attention. We hear that the company generated just under $10m in sales last year, but is growing quickly. Although Solera’s current revenue is much smaller than what NetWitness generated in the year before its sale, we wouldn’t be surprised if its investors expect a comparable valuation. Including a recent $20m series D funding round secured in January, Solera’s investors have collectively put $51m into the company. NetWitness, on the other hand, had taken in just about $20m before its sale.

For more real-time information on tech M&A, follow us on Twitter: @MAKnowledgebase

EMC bolsters security portfolio with NetWitness

Contact: Brenon Daly, Josh Corman

Announcing its first deal in almost five months, EMC moved to bolster its security management portfolio by picking up fast-growing NetWitness. The purchase adds the rich network data and powerful analysis capabilities of the NetWitness NextGen platform, which is a bit like a TiVo for network traffic – capturing, indexing and storing massive amounts of network traffic. From a financial point of view, it is EMC’s first significant security acquisition since buying RSA Security in mid-2006.

In fact, we would estimate that the price of NetWitness tops EMC’s spending, collectively, on the four bolt-on acquisitions it has made to RSA since the $2.1bn deal. According to our understanding, NetWitness more than doubled revenue to about $45m in 2010. Given the growth rate and premium customer list NetWitness had assembled, we have no trouble believing market speculation that EMC paid $450-500m for NetWitness. A double-digit multiple isn’t out of whack for a fast-growing startup that has strategic value to EMC. We understand, for instance, that last summer EMC paid just shy of $400m for Greenplum, a data-warehousing startup that was clipping along at just under $30m in sales.

RSA = Rumors Swirling Around

Contact: Brenon Daly

Candidly, one of the main reasons we’ve always enjoyed the RSA conference is all the gossip at the event. From the show floor to get-togethers that take place along the periphery of the conference, people talk. That’s especially true at the boozy after-hours parties sponsored by vendors and their backers, where the focus is more on martinis than malware.

And once again, last week’s conference didn’t disappoint, with ‘RSA’ once again living up to its abbreviation of ‘rumors swirling around.’ Of course, most of the speculation centered on which security company was going to get taken out next. That’s more than a guessing game if you consider the following conference regulars that have been gobbled up just since last year’s RSA event: McAfee, ArcSight, PGP, SonicWall, Arcot Systems along with dozens of other smaller companies.

As for the next significant player to go, we heard a fair amount of M&A buzz around NetWitness. The company sells a powerful network-analysis platform for traffic capture, classification and analysis, and is thought to be running at roughly $60m in sales. The Washington DC-based startup is run by Amit Yoran, who already sold a company to Symantec back in 2002. (Private equity firm Summit Partners picked up a minority stake in NetWitness about a year ago.) The two names that came up most often as the rumored buyer of NetWitness were Hewlett-Packard, looking to add to its recent ArcSight acquisition, and Cisco, which has already done deals to add security to its core network business.

Sizing up Secure Computing

In many ways, Secure Computing’s divestiture of its authentication business to Aladdin Knowledge Systems raises more questions than it answers. Secure’s rationale for the sale is pretty simple: pay down some debt and get out of a sideline business that’s dominated by RSA and has a solid number two in Vasco Data Security. (For the record, Vasco is about four times the size of Secure’s SafeWord business and runs at a highly respected 25% operating margin.)

So it’s pretty clear why Secure was a willing seller (in fact, we hear that Secure had been a willing seller of the business for more than a year). Less clear is why Aladdin was a willing buyer of the property – at a relatively rich price of 2x sales, no less. Aladdin investors chose not to stick around for the company’s explanation of why it was willing to shell out two-thirds of its cash holdings for a product line in a cutthroat market. They fled the stock, trimming 14% off the price and sending Vasco to its lowest level since January 2004.

Of course, Secure has had an even rougher run of it on the market recently, as the company has come up short of Wall Street estimates for the past two quarters. Shares of Secure currently change hands lower than they have at any point during the past half-decade. Since the beginning of the year, the stock has shed 60%, a decline that recently cost longtime CEO James McNulty his job.

The long, uninterrupted slide in Secure’s valuation raises an even larger question about the divestiture: Was the sale of SafeWord just a prelude to an outright sale of the company itself? The numbers certainly don’t work against a deal. In fact, Secure is currently valued at basically 1x sales – just half the level it got for the divested property. (Usually, it’s the reverse, with corporate cast-offs getting sold at less than half the overall company’s valuation.)

Any planned acquisition, however, would probably have to go through Warburg Pincus, which holds the equivalent of about 7% of Secure’s common stock, going back to a financing deal it struck to help Secure buy CipherTrust in July 2006 for $264m. Warburg invested $70m at a time when Secure stock was trading at about 3x higher than it is now. With Warburg that far underwater on its holding, we can only imagine the pointed questions the private equity firm will ask Secure.