- Rival FireEye blamed `lull' in cyber attacks for revenue miss
- CyberArk now down 2% this year after rallying as much as 86%
Try telling investors a dearth of high-profile data breaches won’t hurt security software companies bent on eliminating cyber threats.
That’s exactly what Udi Mokady, the 47-year-old chief executive of CyberArk Software Ltd. relayed in meetings in New York and San Francisco last week -- as well as on CNBC’s Mad Money -- after peer FireEye Inc. said a lull in attacks and a U.S.-China deal to ban cyber espionage were partly to blame for disappointing earnings. Its shares tumbled 23 percent the next day, dragging CyberArk and others down with it.
It was hacker assaults on JPMorgan Chase & Co. and Apple Inc. that helped drive up valuations of data security companies. CyberArk, which has been public just a little over a year and whose stock more than tripled in value through mid-June, is now having to convince shareholders it’s no FireEye.
“That is totally not the case in our world,” Mokady said by phone from San Francisco Nov. 12. “It’s not our business model -- our model is to put in privileged account security ahead of time, and we’re seeing increased demand, increased awareness of that.”
Mokady’s pitch is that CyberArk -- whose customers include banks, healthcare companies and manufacturers -- is focused on privileged account management, a new layer of security that businesses and governments are investing in regardless of headline-grabbing hacks.
CyberArk’s revenue rose 43 percent to $40 million in the third quarter, while adjusted net income jumped 57 percent to $9.2 million, beating analysts’ estimates. It also raised its fourth-quarter revenue forecast, but not enough to surpass the 81 percent sales growth it posted at the end of 2014.
Investors have yet to be swayed. After advancing to a peak of $73.89 in June, it’s now trading at nearly half of those highs. The shares dropped 18 percent last week to $38.78, the lowest since February. The stock lost 0.8 percent to $38.48 at 10:46 a.m. in New York on Monday.
The hype surrounding data breaches and the relative newness of many data security companies have made them especially vulnerable to a correction, said Peter Andersen, chief investment officer at Congress Wealth Management in Boston, which oversees $7.5 billion in assets, including CyberArk shares.
“This is really a developing market and it’s very hard to get a sense of what the growth rates will actually be,” Andersen said. “You had a little bit more of unnatural growth just because of the circumstances of high-profile hacking.”
For now, investors have lumped CyberArk and FireEye together. The PureFunds ISE Cyber Security exchange-traded fund, which includes both companies, is down 2.4 percent this year, after attracting $1.2 billion in the eight months through Aug. 25.
Vitor De Souza, a spokesman for FireEye, said the emergency spending fueled by last year’s breaches has dissipated, but that wasn’t the only reason for FireEye’s sales miss.
“These cycles happen in the market and a few vendors are well positioned to emerge as the consolidator,” De Souza said. “The market continues to grow.”
JPMorgan has been underweight CyberArk since it soared above $70 in February. While the company has “shown a consistent ability to under promise and over deliver,” its growth rate “continues to show the deceleration we have expected,” analysts wrote in a Nov. 6 note. Bank of America Corp. downgraded the shares to neutral from buy on Nov. 10.
“We have not seen any signs of weak performance yet, but our concerns over earnings in the next few quarters drive our cautiousness,” the Bank of America analysts wrote.
Mokady insists there is plenty of room to grow by protecting more pieces of his clients’ IT infrastructure as well as widening the customer net.
The company won 10 U.S. federal government contracts in the third quarter, a significant win, according to Andrew Nowinski, an analyst at Piper Jaffray in Minneapolis who recommends buying CyberArk shares.
“The pressure on CyberArk is clearly related to valuation,” Nowinski said by phone. But when you compare the company’s valuation to its ability to generate cash, “it’s one of the cheapest names in the space.”
(A previous version of this story was corrected to show CEO said privileged account security in fourth paragraph.)