By Dawn Kawamoto
Staff Writer, CNET News.com
February 15, 2006
SAN JOSE, Calif.--Psst buddy, got a security company to sell?
Security companies that are privately held and in the business of
protecting information from espionage and offering up secure access
are attractive among potential buyers, a panel of security titans and
bankers said here Thursday during the RSA Conference 2006.
The panel, speaking to a standing-room-only crowd, addressed the
current mergers and acquisition environment for security companies, as
well as what it takes for them to gain interest in potential buyout
The current valuation for privately held security companies, based on
projecting out future revenues, is a mean of slightly more than 6.5
times those revenues. But valuations for publicly traded security
companies are substantially lower, said Rob Owens, vice president of
equity research for Pacific Crest Securities and panel moderator.
"Most of the innovation comes from smaller companies," said Parveen
Jain, executive vice president of corporate development and strategy
for McAfee, in explaining the difference between valuing a private
security company and a public one.
Another issue for buyers is public companies tend to be more mature,
offering less potential revenue growth, said Michael Cristinziano,
vice president of strategic development for Citrix, which acquired SSL
VPN start-up Net6 for $50 million two years ago.
He added that the ability of a potential buyout target to add to his
company's earnings within a 12-month period is a key consideration on
whether to do a deal.
Symantec, which has been on a tear with acquisitions big and small,
wants its potential lifelong partners to have frank discussions with
the security giant on its financial outlook and performance. James
Socas, senior vice president of Symantec's corporate development,
recalled a time when a private company provided financial information
that showed declining revenues over a three-year period, yet had a
forecast of more than doubling its revenues in the following year.
McAfee, meanwhile, hones in on the candidate's operating team,
assessing whether they can deliver on the technology and financial
numbers they have projected, and be flexible if changes are needed to
their business plan.
In providing a broad view of areas in which they are interested in
making acquisitions, Jain said McAfee finds areas that need addressing
include industrial spying, or the tampering and theft of information.
Symantec is anticipating more companies will find it incumbent to take
on the role of managing their own security, similar to what consumers
have done. Citrix is focusing on deals that will provide its customers
with the "best access experience," Cristinziano said.
Technology to solve the leakage of sensitive information is an area
that a number of large potential buyers are interested in, said
panelist Neel Kashkari, an investment banker with Goldman Sachs.
Kashkari noted Microsoft's entry into the antivirus market has had a
negative effect on start-ups in a similar market that are seeking
funding or a buyout.
"It's created an overhang with valuations," he noted.
A number of security companies are turning to a buyout, rather than
going public, as a means to pay back initial investors, the panelists
noted, pointing to NetScreen Technologies' 2002 IPO as the last
"meaningful" public offering of a security company.
The regulatory environment, including Sarbanes-Oxley, has made
executives of private companies more hesitant to go public, rather
than selling their operations, the panelists said. Another issue is
that single product security companies are finding Wall Street is less
receptive in the post-bubble environment.
And then there are the attractive valuations for privately held
security companies, in the current climate.
"Mergers and acquisitions are white hot right now," Socas said. "We've
seen a lot of good companies on the private side."
Copyright =A91995-2006 CNET Networks, Inc. All rights reserved.
InfoSec News v2.0 - Coming Soon!