Tough World Aids Security Firms

• Donna Howell
• On 7:06 pm EDT, Thursday October 29, 2009

Some tech security firms have lifted on the wings of government spending lately, as the feds seek to boost cybersecurity against worsening threats.

"Growth in government is outpacing enterprise and consumer right now -- absolutely -- relative to Internet security companies," said Pacific Crest analyst Rob Owens.

Businesses face some of the same threats as the feds, but they've battened down their budgets in the recession. And the latest earnings from security leaders and fast-rising smaller computer security firms were across the board.

Symantec (NasdaqGS:SYMC - News), whose stock shot up 12.8% on Thursday after late Wednesday reporting better-than-expected fiscal second-quarter profit amid cost cuts, saw strong performance in the government niche, CEO Enrique Salem told IBD.

"This was the fiscal year-end for the government, and we saw double-digit growth in that segment," he said.

The firm's overall sales fell 3%, but that beat expectations amid what Salem called a stabilizing market overall. Symantec also announced it was allocating $1 billion to buy back shares.

Federal funds are flowing at a good clip to smaller outfits ArcSight (NasdaqGM:ARST - News) and Sourcefire (NasdaqGM:FIRE - News). These two firms lead IBD's 18-company Computer Software-Security industry group in Relative Strength -- they outpaced 96% of stocks in performance over the last 52 weeks, far ahead of much larger and more diversified Symantec and McAfee (NYSE:MFE - News).

Tech security has been hit by the economic slowdown. In its fiscal first quarter, for instance, Symantec said firms were opting for shorter contracts.

For its quarter ended Oct. 2, the Cupertino, Calif.-based company said per-share profit fell 3% from the year-earlier quarter, to 36 cents. But that was 3 cents higher than the consensus estimates of analysts polled by Thomson Reuters. Sales came in at $1.47 billion.

Analyst Owens estimates that government now accounts for north of 10% of Symantec's business. He says last quarter, Symantec made "some rather sizable wins across the federal government," including for its newer data-loss prevention products, as well as traditional data backup wares.

Salem said Wednesday on his earnings conference call with analysts that "there's a range of things" government agencies are trying to do "where we see a lot of opportunity."

After hours on Thursday, McAfee shares were down 6% after the company reported third-quarter sales, and gave a fourth-quarter sales outlook that lagged views. The company said sales rose 18.5% to $485.3 million, but analysts were expecting $486.6 million. It said it expects sales of $505 million to $525 million this quarter, where analysts were expecting $506.7 million.

Big-Deal Record At McAfee

McAfee, though, saw businesses making purchases. It said third-quarter sales to corporations rose 25% to $308 million.

"We set a new record for $1 million-plus deals," CEO Dave DeWalt said in a conference call. Thirty-one deals topped that mark.

McAfee's per-share profit, minus items, rose 17% to 62 cents.

Meanwhile, Sourcefire's shares rose 10.9% in regular trade Thursday, after reporting its latest results before the open. Sales rose 35% from a year ago to $27.4 million and it recorded a per-share profit minus items of 16 cents, vs. a penny loss.

CEO John Burris told IBD that government sales, 29% of Sourcefire's overall revenue, rose 64% the first nine months of '09 vs. a year earlier.

The federal sector is doing well, Burris said, but "our results dictate that a lot of other people have budgets as well."

Sourcefire sells network intrusion prevention and other security products, including some built atop the "Snort" tool for network analysis -- a practice crucial to federal efforts to beef up security.

"There are a couple key areas where we see immediate demand," Input analyst John Slye said of government information security. "One is in the area of what we call situational awareness." That includes network monitoring, "something that allows an agency to see what's happening and make decisions about whether there's suspicious activity."

Also, Slye said, "anywhere they can use technology to automate what people are doing now is a strong play."

Reston, Va.-based Input predicts an $11.7 billion "vendor-addressable" market for U.S. federal information security technology by the 2014 federal fiscal year, up from $7.9 billion in fiscal 2009, which ended Sept. 30. In a recent report, Slye and co-authors call for a compound annual growth rate of 8.1% through fiscal 2014.

Key drivers Input sees include the complexity and impact of threats, security legislation, the president's cyber-review and heightened attacks from Web enemies.

"There's definitely a heightened awareness around this kind of persistent and very sophisticated threat being conducted by enemy nation-states," ArcSight CEO Tom Reilly said. "Not only against government but critical infrastructure, which includes things like the power grid and financial system."

He counts 14 bills having to do with cybersecurity that are circulating on Capitol Hill -- three to do with the power grid, about five touching on data privacy and the rest related to cyberespionage and cyberwarfare.

ArcSight Government Sales Up

Government accounted for 37% of ArcSight's business in its fiscal first quarter that ended in July, up from 25% a year earlier. That quarter, its per-share profit jumped to 9 cents from a penny a year earlier, and sales rose 25% to $34.6 million. The Cupertino-based company's main product is a security suite called ArcSight ESM.

"Their particular technology is I think well-suited for very high-end, very large, complicated networks with a complex security infrastructure," said Signal Hill analyst Erik Suppiger. "That lends itself very well to government adoption."

One program Owens says is bolstering government information security spending is the Comprehensive National Cybersecurity Initiative, established by President George W. Bush in 2008, and supported and augmented by President Barack Obama. It seeks to improve defenses against network intrusions and to anticipate future threats across federal computer networks, Input says, via an estimated budget of $40 billion over several years.

"The business and government sectors have some very good catalysts," Suppiger said.

Buzz up!