Last Thursday, FireEye‘s (NASDAQ:FEYE) stock price jumped by more than 6% during trading hours on rumors Cisco Systems (NASDAQ:CSCO) would acquire the cybersecurity specialist. The companies didn’t comment and the information remains uncertain. But independent of the outcome, investors should keep in mind such a transaction would not fit Cisco’s strategy.
Cybersecurity represents an attractive growth potential
Acquiring cybersecurity vendors makes sense for Cisco. The tech giant posted declining revenue last Wednesday and cybersecurity represents a solid growth opportunity with an estimated compound annual growth rate (CAGR) of 14.5% through 2025, according to the research company Mordor Intelligence.
In fact, Cisco is already growing as a major cybersecurity player with $748 million of revenue during the last quarter, up 9% year over year. Compared to its total revenue of $12 billion, that segment doesn’t look important. But cybersecurity has become a key element of the network infrastructures the company sells.
Besides, Cisco acquired several cybersecurity vendors over the last few years. For instance, it purchased the identity specialist Duo Security in 2018 for $2.35 billion, and it spent $635 million to acquire OpenDNS — now branded as Cisco Umbrella — in 2015 to develop its cloud-based security portfolio.
Cisco has been deploying the same acquisition strategy for many years. Thanks to the large cash position on its balance sheet, the company buys rather small vendors — relative to its size — that develop promising technologies. It then leverages its huge sales force, portfolio, and client base to scale these acquisitions. Without Cisco, these small players would need significant resources to access such growth opportunities. And Cisco justifies the premium it pays with the benefits it gets from its scale.
Why Not FireEye?
At first sight, FireEye seems to fit Cisco’s strategy. With its $889.2 million of revenue in 2019, the cybersecurity specialist remains small enough, and it needs scale to become profitable — losses under generally accepted accounting principles (GAAP) reached $257.4 million during that period. In addition, its cloud-based businesses are growing fast, from $188.4 million in 2018 to $241 million last year.
Besides, with $11.1 billion of cash — net of debt — on its balance sheet, Cisco could afford to pay a large premium to FireEye’s current market capitalization of $3.6 billion. Yet it shouldn’t make this acquisition.
FireEye still generated 52.6% of its 2019 revenue from its legacy hardware business, which mostly consists of selling devices that deal with advanced security threats. However, with the development of cloud computing, more and more companies have been moving some of their infrastructures and applications to the cloud, which makes this hardware business less and less relevant. Thus, it would not make sense for Cisco to try to scale that activity, which declined by 6.2% in 2019 and 11.2% during the last quarter.
Consultancy services represented 20.3% of FireEye’s revenue in 2019. Cisco could expand that business across its huge customer base. But in contrast with cloud-based software solutions that can be distributed at almost no cost, the operating leverage remains limited since it requires human resources — cybersecurity engineers — that don’t scale.
The rest of FireEye’s activities mostly includes cloud-based security offerings that could grow with Cisco’s size. Yet despite double-digit revenue growth, that business still represented only 27.1% of the company’s revenue in 2019, and it overlaps with Cisco’s existing security solutions such as endpoint protection and email security. In fact, Verodin, a cybersecurity risk assessment and management platform, remains one of the few of FireEye’s services that could create synergies with Cisco’s security portfolio. But that activity represents a small part of FireEye’s businesses with $70 million of expected billings in 2020.
It’s not the first time speculation exists around the possibility for Cisco to acquire FireEye or some other tech stock. Of course, these types of events remains uncertain. But before taking any action on such rumors, investors should first check whether the target company corresponds to Cisco’s strategy and portfolio. And given the limited benefits for Cisco to acquire FireEye, prudent investors are more likely to avoid a disappointing outcome by not speculating on a buyout by the tech giant.