A Lookback at Q4 Cybersecurity Earnings

FEATURED REPORT

Overlaying the growth prospects for “Cybersecurity and Data Privacy” spending with the Tematica Research Thematic Scorecard has allowed us to zero in on companies poised to gain share in this expanding market, driving revenue and EPS and leading to multiple expansion. The COVID-driven acceleration in demand for cybersecurity products and services is expected to drive performance in the most pure play companies in the sector, and when paired with a shift toward subscription business models, bodes well for outperformance at a time when the overall market’s P/E multiple is historically stretched.

Focusing on earnings growth

The fourth quarter 2020 earnings season is upon us, and if history holds it will be a fast-paced few weeks in which companies report their quarterly results, meeting, beating or missing consensus expectations and offering an outlook for the coming quarter if not the full year ahead. With major equity market indices at or near their recent record highs, companies will need to deliver upward revisions to EPS growth expectations to move their prices meaningfully higher from their current levels.

We say that given the current P/E multiple on consensus 2021 EPS of $168.39 (up 22.6% vs. 2020 and 3.2% compared to 2019) is 22.8x.[1] Over the prior 20 years, the S&P 500 has peaked at a P/E multiple higher than that three times – 2001, 2002, and 2020. Given what happened in each of those years, the market replicated what we tend to see with cyclical stocks during a recession – they look expensive on a P/E basis because the companies have depressed earnings. And for those wondering, the average annual P/E multiple associated with the S&P 500’s 52-week high for the last 20 years is 19.1x.[2] Needless to say, while we could see the market multiple move higher from its current 23x on 2021 EPS, it probably won’t be there for very long.[3]

One expected bright spot in the December quarter earnings is Information Technology, which is forecasted to grow its EPS 6.9% year-over-year. We’d note EPS expectations for that industry sector have moved nicely higher in recent weeks, likely due in part to improving demand prospects for chips associated with networking and 5G, and cybersecurity. The outlook for the current quarter has done the same.

The cybersecurity outlook remains bright

The COVID pandemic led to a surge in ransomware and other cyber-attacks in 2020 as work and learn from home resulted in new vulnerabilities for the attackers to exploit. Phishing attacks accounted for 1 in every 4,200 emails in 2020 according to Symantec.[4] Meanwhile, data from Chainalysis suggests, “ransomware was by far the biggest category in terms of activity growth” and estimated ransomware increased 311% in 2020.[5] Sophos predicts big ransomware families, such as Ryuk, RagnarLocker, Netwalker, REvil, Egregor/Maze, Dharma, and Buer Loade will become “more evasive and nation-state-like in sophistication, targeting larger companies with multi-million-dollar ransom demands, and Ransomware-as-a-Service will continue to let smaller players wreak havoc with everyone else.”[6]

As we closed out 2020 and entered 2021, there were several high-profile attacks, including the SolarWinds (SWI) hack that served as a springboard to penetrate federal government networks. The attack was “impacting enterprise networks across federal, state, and local governments, as well as critical infrastructure entities and other private sector organisations.”[7] Soon thereafter, it was reported that data belonging to employees of the United Parcel Service (UPS) and Norfolk Southern (NSC) was published online to a leak site by the gang behind Conti ransomware. The cyber-criminals claimed to have obtained the data during a December cyber-attack on Taylor Made Diagnostics.[8]

In the past, high-profile cyber-attacks such as those have served as harsh reminders of the growing threat of cyber-attackers and led to rising cybersecurity spending to shore up defenses and thwart prospective attacks. With cybersecurity becoming a Board issue and a corporate priority as companies look to protect their crown jewels, there are few reasons to think that will change, especially in the wake of high-profile attacks, which seems to be an increasing occurrence.

Those headline-grabbing attacks also serve to remind the government and companies that it’s not enough to protect their walls and crown jewels, they must be mindful of vulnerabilities at their suppliers as well. This likely means we will see an accelerated push in the coming quarters toward cyber audits for a company’s supplier ecosystem, and the deeper it goes down the supply-chain the greater the spending to comply.

Another reason to think cybersecurity forecasts are once again likely to prove conservative is comments from newly instilled US President Joe Biden soon after the SolarWinds revelation. “My administration will make cybersecurity a top priority at every level of government – and we will make dealing with this breach a top priority from the moment we take office.”[9] As part of Biden’s $1.9 trillion stimulus plan, federal cybersecurity would get $9 billion in new funding for programs at the Cybersecurity and Infrastructure Security Agency and the General Services Administration and an additional $690 million for improving security monitoring and incident response as well.[10]

As we march deeper into the December quarter earnings season, with more than 2,200 companies reporting over the next several weeks, consensus expectations published by Refinitiv call for 15% EPS growth over the 2019-2021 period for the 44 constituents of the Foxberry Tematica Research Cybersecurity & Data Privacy Index. That compares to 4.0% EPS growth over the same period for the S&P 500.[11]

What to listen for during December quarter earnings

In addition to the increasingly pervasive nature of cyber-attacks that are driving revenue, EPS, and cash flow growth at cybersecurity companies, there is also the ongoing shift to a cloud-based delivery model that is driving recurring subscription revenue. From an investor perspective, that shift offers greater predictability in revenue, earnings, and cash flow. In other industries when that’s happened, those benefits have led to higher valuations.

As cybersecurity companies report their quarterly earnings, investors will want to focus on quarter-over-quarter as well as year-over-year comparisons for average recurring revenue (ARR) growth as well as the percentage of revenue derived from subscriptions and similar metrics. For example, CrowdStrike Holdings (CRWD) ended the September quarter with $97 million in ARR, roughly 42% of revenue for the quarter, and grew its subscription revenue in the quarter to 92% of revenue.[12] Similarly, recurring revenue accounted for 74% of total software sales at OneSpan (OSNPN) during its September 2020 quarter.[13]

Subscriptions also allow companies to bundle and sell more services to customers. In the semiconductor world, we talk of dollar content per device – the more content per device and the more devices being sold, revenues multiply. We are seeing the same unfold in cybersecurity. Sticking with CrowdStrike and the same September quarter results, the company reported “rapid module adoption” as the percentage of all subscription customers with four or more modules increased to 61% and those with five or more modules increased to 44%. Meanwhile, 22% of its subscription customers adopted six or more modules.[14] Another example Ping Identity (PING) which exited the September quarter with subscription revenue representing 92% of total revenue.[15]

When it comes to the positive impact on valuations, these recurring revenue and subscription metrics favor pure-play companies over conglomerates or multi-sector businesses because they are not encumbered by other businesses that are not recurring or subscription-based in nature. As this business model evolution continues to account for a greater portion of revenue and profits, we are likely to see valuation multiples reflect that change. We’ll be watching this evolution and will be discussing it more on our March webinar with Rize ETF in which we will discuss the December quarter earnings season results and update our cybersecurity outlook for the coming quarters.

This Featured Article has been produced by Tematica Research LLC. Rize ETF Ltd make no representations or warranties of any kind, express or implied, about the completeness, accuracy, reliability or suitability of the information contained in this article.

Related ETF

CYBR: Rize Cybersecurity and Data Privacy UCITS ETF

References:

[1] FactSet, “Earnings Insight”, January 2021. Available at:  https://www.factset.com/hubfs/Website/Resources%20Section/Research%20Desk/Earnings%20Insight/EarningsInsight_012221.pdf?hsCtaTracking=31d0f488-5c02-4193-b93b-f1708067f4fa%7Cb994622e-6b82-4c98-ad34-76c848088314

[2] IBID

[3] IBID

[4] Varonis Systems, “134 Cybersecurity Statistics and Trends for 2021”, January 2021. Available at: https://www.varonis.com/blog/cybersecurity-statistics/

[5] CNBC, “Overall bitcoin-related crime fell last year, but one type of crypto hack is booming”, January 2021. Available at: https://www.cnbc.com/2021/01/24/overall-bitcoin-related-crime-fell-last-year-but-one-type-of-crypto-hack-is-booming.html

[6] ESecurity Planet, “Cybersecurity Outlook 2021: Trends and Predictions”, December 2020. Available at: https://www.esecurityplanet.com/threats/cybersecurity-outlook-2021/

[7] Yahoo News, “U.S. cyber agency says SolarWinds hackers are ‘impacting’ state, local governments”, December 2020. Available at: https://sg.news.yahoo.com/u-cyber-agency-says-solarwinds-030723810.html

[8] Cybersecurity Insiders, “Conti Ransomware hackers leak Truckers Medical Records”, December 2020. Available at: https://www.cybersecurity-insiders.com/conti-ransomware-hackers-leak-truckers-medical-records/

[9] The New York Times, “More Hacking Attacks Found as Officials Warn of ‘Grave Risk’ to U.S. Government”, December 2020. Available at: https://www.nytimes.com/2020/12/17/us/politics/russia-cyber-hack-trump.html

[10] Bloomberg Law, “Cybersecurity to Get $9 Billion Boost in Biden Plan After Hack”, January 2021. Available at: https://news.bloomberglaw.com/privacy-and-data-security/cybersecurity-to-get-9-billion-boost-in-biden-plan-after-hack

[11] FactSet, “Earnings Insight”, January 2021. Available at:  https://www.factset.com/hubfs/Website/Resources%20Section/Research%20Desk/Earnings%20Insight/EarningsInsight_012221.pdf?hsCtaTracking=31d0f488-5c02-4193-b93b-f1708067f4fa%7Cb994622e-6b82-4c98-ad34-76c848088314

[12] CrowdStrike Holdings, “CrowdStrike Fiscal Third Quarter 2021 Results Conference Call”, December 2020. Available at: https://ir.crowdstrike.com/events/event-details/crowdstrike-fiscal-third-quarter-2021-results-conference-call

[13] OneSpan, “OneSpan Reports Results for Third Quarter and First Nine Months of 2020”, November 2020. Available at: https://s24.q4cdn.com/314592314/files/doc_financials/2020/q3/Q3-2020-EPR-FInal.pdf

[14] CrowdStrike Holdings, “CrowdStrike Fiscal Third Quarter 2021 Results Conference Call”, December 2020. Available at: https://ir.crowdstrike.com/events/event-details/crowdstrike-fiscal-third-quarter-2021-results-conference-call

[15] Ping Identity, “Ping Identity Reports Third Quarter 2020 Results, Provides Outlook for Fourth Quarter”, November 2020. Available at: https://investor.pingidentity.com/news/news-details/2020/Ping-Identity-Reports-Third-Quarter-2020-Results-Provides-Outlook-for-Fourth-Quarter/default.aspx