Enterprise customers might be tightening their belts, but cybersecurity players have been reporting higher deferred revenue. This growth is expected to continue as companies look to protect themselves from the rising threat of ever-more sophisticated attacks and hacks.
- F5 Networks has been seeing some customers delaying or downsizing cybersecurity projects.
- Companies are streamlining their expenditure to optimise cash flows.
- Spend forecast to bounce back as attacks get more sophisticated.
When F5 Networks [FFIV] reported its second quarter (Q2) 2023 results on 19 April, it warned of soft demand for cybersecurity software. While total revenue rose 11% year-over-year, software revenue dropped 13%.
On the earnings call, president and CEO François Locoh-Donou spoke about how the company has been seeing its customers scrutinising their budgets and holding back on some of their spending since Q1 2023.
“These dynamics were even more pronounced in Q2 when we saw previously approved projects going through multiple additional levels of approvals. In some cases, approvals are reaching the C-suite or board level only to be delayed or downsized,” said Locoh-Donou on the call.
The company announced it would be cutting around 620 employees, or approximately 9% of its workforce, and it also issued weak guidance. Q3 2023 revenue is expected to be between $690m and $710m, which, at the midway point, would represent a growth rate of 3.8% on the $674.5m revenue reported in the year-ago quarter.
The earnings triggered a sharp drop in the F5 Networks share price, which set a 52-week low of $127.05 when the market opened on 20 April. As of Monday, the company’s shares are down 5% year-to-date.
Cybersecurity demand holds up despite headwinds
F5 Networks’ job cuts arguably make it an outlier. Cybersecurity has, for the most part, been protected from the layoffs that have gripped the broader tech sector.
A survey by (ISC)² published in February found that workers in cybersecurity were least likely to be let go. While 85% of 1,000 C-suite executives indicated that layoffs would likely be a necessity this year, only 10% expected their cybersecurity departments to be affected, compared to human resources (30%), finance and operations (both 24%), and marketing and sales (both 22%).
Cybersecurity employees tend to be the last to be laid off because of their technical skills and the role they play in helping businesses protect and defend their infrastructure. This is also true of cybersecurity companies themselves, who see high demand for their products and services, and face less of a need to lay off staff.
“As the market for cyberattacks continues to rapidly expand, cybersecurity names must continue to invest and innovate to provide solutions to the increasingly sophisticated attacks of the future and therefore maintain a competitive advantage,” Rize ETF associate director Tom Barker wrote in research published in March.
Barker analysed the earnings reports of companies in the Foxberry Tematica Research Cybersecurity & Data Privacy basket and noted that, while customers were focusing on optimising their cybersecurity expenditure to improve their cash flows, deferred revenue actually increased in three out of four quarters last year. This trend is expected to continue through 2023.
“[T]hat really alleviates concerns over declining spending on cybersecurity where deferred revenue continues to move higher,” wrote Barker.
The need for cybersecurity protection will continue to grow
Even if publicly listed companies wanted to reduce their cybersecurity spending, they can ill afford to. Data breaches can damage investor confidence and cause share prices to plunge.
“Cybersecurity is something you might be able to pause, but you can’t put off indefinitely … That’s absolutely what we’ve been seeing,” CrowdStrike [CRWD] CEO George Kurtz told Yahoo Finance last month.
Meanwhile, Locoh-Donou is confident that demand will bounce back. Customers are currently focusing their budgets on critical and urgent projects, but this will only be temporary.
“Customers are telling us that the delays we are seeing are a matter of budgets and approvals, not competitive pressures or architectural shifts,” said Locoh-Donou on the Q2 2023 earnings call. He also said he had had conversations with some 100 customers and partners in the January–March quarter.
Demand for cybersecurity products and software will be driven by the need for companies to protect themselves in the face of ever-more sophisticated cyber-attacks and threats.
Just last week, the UK government warned that Russia wants to “disrupt or destroy our infrastructure”. In the US, Fortinet [FTNT] announced last week that it’s to join the US government’s Joint Cyber Defence Collaborative (JCDC), a partnership between the private and public sectors established in 2021 to enhance cybersecurity resilience both at home and abroad. The aim of the collaboration is to reduce risk and prevent security breaches through knowledge sharing. Japan telecoms giant Nippon Telegraph and Telephone (NTT) [9432.T] joined the JCDC in January.
Funds in focus: Rize Cybersecurity and Data Privacy ETF
Looking to the future, the development and deployment of 5G internet and a broader adoption of the Internet of Things are going to expand each and every attack surface. This will likely mean companies will have to ramp up their cybersecurity spending, boosting the toplines of cybersecurity companies and making them more valuable in the process.
The Rize Cybersecurity and Data Privacy UCITS ETF [CYBR.L] is designed to track the price and performance of the Foxberry Tematica Research Cybersecurity & Data Privacy Index, which is weighted in favour of companies that earn a significant percentage of their revenues from cybersecurity.
Fortinet is the fourth-biggest holding as of Monday, with a weighting of 5.56%, while CrowdStrike is the seventh-biggest holding, with a weighting of 4.76%. F5 Networks accounts for 1.26% of the portfolio. The fund is up 4.5% in the past month and up 11.9% year-to-date.
The WisdomTree Cybersecurity ETF [WCBR.L] has Fortinet as its fourth-biggest holding, with a weighing of 5.19%. CrowdStrike is again the seventh-biggest, with a weighting of 5.05%. The fund is up 3.8% in the past month and up 19.7% since the start of the year.
Disclaimer Past performance is not a reliable indicator of future results.
CMC Markets is an execution-only service provider. The material (whether or not it states any opinions) is for general information purposes only, and does not take into account your personal circumstances or objectives. Nothing in this material is (or should be considered to be) financial, investment or other advice on which reliance should be placed. No opinion given in the material constitutes a recommendation by CMC Markets or the author that any particular investment, security, transaction or investment strategy is suitable for any specific person.
The material has not been prepared in accordance with legal requirements designed to promote the independence of investment research. Although we are not specifically prevented from dealing before providing this material, we do not seek to take advantage of the material prior to its dissemination.
CMC Markets does not endorse or offer opinion on the trading strategies used by the author. Their trading strategies do not guarantee any return and CMC Markets shall not be held responsible for any loss that you may incur, either directly or indirectly, arising from any investment based on any information contained herein.
*Tax treatment depends on individual circumstances and can change or may differ in a jurisdiction other than the UK.