Gillian Tan is a Bloomberg Gadfly columnist covering deals and private equity. She previously was a reporter for the Wall Street Journal. She is a qualified chartered accountant.

FireEye, a maker of malware detection systems, has gotten to the point where it may be prone to a takeover assault.  

The $2.2 billion cybersecurity company's shares sank 19 percent to $12.96 apiece as of Friday afternoon after FireEye named a new CEO and lowered its second-quarter earnings and revenue guidance. Now its depressed valuation -- with the stock sinking back toward the all-time low of $11.96 reached in February and its market value down more than 80 percent in the past two years -- may turn the company into a target.

Cheap Prey?
FireEye's shares are trading at a fraction of their all-time high, and below their $20 IPO price
Source: Bloomberg

FireEye's technology can prevent events like Target's 2013 data breach, when hackers laid claim to information on as many as 40 million credit cards. The company -- which has yet to post a profit -- is expected to finally do so by 2018, partly by containing costs. 

If that doesn't play out as expected, the chorus of voices agitating for the company to consider M&A -- or a sale of itself -- will get louder not only from external stakeholders but also insiders, according to Gur Talpaz, Stifel's head of security software research.

An unsolicited suitor also could emerge, lured by the fact that FireEye is cheaper than many of its rivals, and currently trades at roughly 13.5 its projected 2017 free cash flow. That's below its peer group average (17) and median (15.8), according to data compiled by Bloomberg. 

FireEye is cheaper than many of its rivals, based on its enterprise value relative to estimated 2017 free cash flow
Source: Bloomberg

FireEye has long been discussed as a takeover candidate for the likes of Cisco, which has been bulking up its security offerings. The $132 billion company paid more than $2 billion to acquire Sourcefire in 2013 and has since made a handful of smaller purchases including OpenDNS and ThreatGRID. In December, it completed a $452.5 million deal for Lancope

Cisco may covet FireEye for its ability to "ultimately serve as a glue between disparate products," because FireEye's technology would enable a buyer to integrate existing services into one comprehensive security solution, Talpaz told Gadfly. 

FireEye's free cash flow is expected to climb as part of the company's migration to a subscription model, which should result in higher recurring revenue (as opposed to less predictable upfront proceeds from licensing its products and services to clients). That could attract private equity investors, who use free cash flow to determine how much debt they can take on when in a leveraged buyout. These firms have also been longtime followers of the cybersecurity sector: Blue Coat Systems is currently owned by Bain Capital and Vista Equity Partners last year sold a majority stake in Websense to Raytheon, while a smaller rival, Crowdstrike, has the backing of Warburg Pincus. 

Positive Territory
FireEye's shift to a subscription-based model is having a near-term impact on sales but should prove to be beneficial to its long-term free cash flow
Source: Bloomberg

If an offer does land, FireEye's incoming CEO and board will likely have other ideas about how much the company is worth . But they'll have to contend with investors, who may see a deal in hand as better than none. 

This column does not necessarily reflect the opinion of Bloomberg LP and its owners.

To contact the author of this story:
Gillian Tan in New York at

To contact the editor responsible for this story:
Beth Williams at