Fortinet Vs. Palo Alto Networks (NASDAQ:FTNT) | #malware | #ransomware


spyarm/iStock via Getty Images

Investment thesis

The Internet has become an integral part of our lives, but it makes us more vulnerable to attacks by unscrupulous hackers. The addition of devices, machinery, and IOT sensors expands the attack surface which exacerbates the problem.

Accenture (ACN) estimates the cost of cybercrimes on society between 2019 and 2023 at an eye-popping $5.2 trillion. The number and cost of cyberattacks and the costs on individuals, organization, and society continue to climb.

Fortinet (FTNT) and Palo Alto Networks (PANW) are two leading cybersecurity appliance providers. Fortinet has a stronger international presence and provides customers with more “bang for the buck”, while Palo Alto Network is dominant in the US and its products are more expensive but feature rich.

Both companies and very well-run, but I am partial to Fortinet due to its higher margins, greater exposure to international and emerging markets, and stronger alignment of interest between management and shareholders stemming from top management’s very large ownership stakes.

The companies’ stock prices have come down with the recent market pullback, but valuations are still high and there may be additional downside risk if multiples regress to pre-2020 levels. I intend to add to my positions upon sharp market pullbacks.

Overview

The Internet is an integral part of our lives

The Internet communications infrastructure built over the last three decades has facilitated the digital revolution, which has greatly changed the way we live, organizations are run, and society functions. It has connected the world, enabled vast productivity improvements, and wrung out inefficiencies in the global economy in ways that were unimaginable just a generation ago.

Today, we depend heavily on the Internet and regard it as a necessary “utility”. We expect our Internet service provider to deliver our data connectivity with the same reliability that our electric utility delivers us our power. We take for granted the connectivity that enables us to communicate with friends, shop, work, bank, invest, or entertain ourselves, but we give little thought to the malice, theft, and damage that unscrupulous hackers can inflict over the Internet.

The vulnerabilities

As the volume of transactions and work conducted over the Internet increases exponentially, it becomes more lucrative for cybercriminals to take advantage of network vulnerabilities to siphon away society’s resources.

In recent years, individuals, corporations, governments, and even nations have been targets of cyberattacks. Some of the attacks have been executed with pinpoint precision while others have been indiscriminate. A few examples:

Political attacks:

  • Stuxnet (2010) was designed to crawl its way into offline computers in Iran’s Natanz nuclear plant that controlled the rotors of the uranium centrifuges, enabling those opposed to Iran’s nuclear program to destroy of a fifth of the centrifuges by causing them to spin out of control. This set the Iranian nuclear program back by years.
  • Petya (2015 and again in late-2016) targeted the electrical grid in Ukraine, shutting down power, emergency phone lines, and backup power to distribution centers in the dead of winter.
  • Not-Petya” (2017) attacked companies that conducted business in Ukraine, shutting down computer networks at pharmaceutical companies Pfizer and Merck; shipping companies Maersk and Fedex; and even food companies like Cadbury. The estimated damage was over $10 billion.

Cybertheft and Espionage:

  • Visa and MasterCard (2012), Target (2013), JP Morgan Chase (2014), Home Depot (2014), Equifax (2017) all suffered security breaches from the theft of a total of several hundred million consumer data or payment card data breaches
  • SolarWinds (discovered in 2020) was reported to be among the worst cyber-espionage incidents due to the sensitivity and high profile of the targets and the long duration. Affected organizations included NATO, the UK government, the European Parliament, the US Treasury Department, and the US Department of Commerce.
  • Former NSA (National Security Agency) chief General Keith Alexander said in a speech in 2012 that Cyberespionage constitutes the “greatest transfer of wealth in history” through the loss of industrial information and intellectual property theft.

Ransomware: victims of recent high profile attacks include:

  • The Colonial Pipeline (2021), which suffered a ransomware cyberattack on computerized equipment managing the pipeline. It was forced to halt all pipeline operations to contain the attack and paid the 75 bitcoins (~$4.4 million) demanded by the hacker group
  • JBS (2021), a Brazil-based meat processing company which supplies one-fifth of meat globally, suffered a debilitating cyberattack which disabled its beef and pork slaughterhouses. It paid $11 million in ransom money.
  • Steamship Authority (2021), the regulator and operator of ferry services between the Massachusetts mainland and the islands of Nantucket and Martha’s Vineyard, which was the victim of a ransomware attack which shut down its ticketing and reservation system. The authority did not pay the ransom, but it took ten days for the website to be restored.

This is just the tip of the iceberg and are a few examples of many known cyberattacks. Even though we sometimes read about high profile cyberattacks in the media, cybersecurity breaches often go unreported as most victims prefer to keep a low profile and do not publicize such attacks, unless required to by law, to avoid alarming their customers or tarnishing their reputation.

The longer-term implications are profound. Some security experts believe the cyberattacks we have seen are just test runs and precursors to what hostile nations could potentially adopt and unleash on the US and their other enemies. General Keith Alexander noted that the real threat on the Internet will come when cyberattacks become militarized, a threat he compared to the Pearl Harbor attack which the US must prepare to deal with immediately.

Why Cybersecurity is becoming increasingly important

Changes in the computing environment

The addition of mobile devices, industrial operational machinery, IOT (Internet of things) sensors, connected cars, coupled with the trend towards remote work and accessing data resources outside the office requires network perimeters to expand far beyond the traditional corporate network into the Internet infrastructure (figure 1). The enlarged surface makes networks increasingly complex and harder to protect and will become easier targets for unethical hackers.

Figure 1: Expansion of network perimeters increases network vulnerability

Fortinet investor presentation 2020

Fortinet investor presentation 2020

Cost to society

In its Ninth Annual Cost of Cybercrime Study, Accenture estimates that the total value at risk from cybercrime between 2019 and 2023 at ~US$5.2 trillion (figure 2), or about 6% of global GDP in 2020.

Figure 2: Value at risk from direct and indirect cyberattacks

Accenture Ninth annual cost of cybercrime study

Accenture Ninth Annual Cost of Cybercrime Study

Number of cyberattacks are on the rise

The percentage of organizations compromised by at least one successful cyberattack has increased from 77% in 2018 to 86% in 2021 (figure 3, left chart), and the number of unique ransomware detections have jumped ten-fold from July 2020 to July 2021 (right chart).

Figure 3: Increase in cyberattacks and ransomware threats

Increase in cyberattacks and ransomware threats

Fortinet investor presentation 2021

The number of records stolen and number of ransomware attacks have also increased exponentially (figure 4).

Figure 4: Cybersecurity threats continue to grow

Cybersecurity threats continue to grow

Fortinet investor presentation 2020

Cost per incident

Furthermore, the data breach incident cost is high and increasing–it averaged $9 million in 2021 in addition to the significant business disruption and downtime caused, while the average demand from ransomware in the first half of 2021 was $1.2 million, up 170% from a year ago (figure 5).

Figure 5: Cost of data breaches and ransom demands

Cost of data breaches and ransom demands

Fortinet investor presentation 2021

Increased spend on cybersecurity

Cyberattackers generally target lower hanging fruit by going after easier network targets without adequate cyber defenses. As a result, organizations without adequate cybersecurity protection are taking a big risk, and the return from cybersecurity spending can be attractive.

According to Fortinet CEO Ken Xie, cybersecurity spending increased from 1% of IT spending in the 1990s to 10% today, with network security growing faster than endpoint security.

The leading cybersecurity appliance vendors

Organizations typically protect their networks by installing a firewall between their network and untrusted networks (such as the Internet). The firewall monitors and controls network traffic based on predetermined security rules, and they often utilize artificial intelligence and machine learning algorithms to detect and neutralize threats.

A firewall can take the form of a hardware appliance running on special-purpose hardware, software appliance running on general-purpose hardware, or a virtual appliance running on a virtual host such as VMWare.

Fortinet and Palo Alto Networks are leading providers of next generation firewall appliances, but have expanded their offerings to include switches, network security control centers, SD-WAN (software defined wide area networks) and cloud storage products.

Gartner research and peer review ratings

Fortinet and Palo Alto Networks were both rated at the top end of Gartner’s 2021 magic quadrant in the Network Firewall and the WAN Edge Infrastructure categories (figure 6), and both companies were rated a solid 4.6 out of 5 in Gartner’s peer reviews (figure 7)

Figure 6: Gartner Rankings for Network Firewalls and WAN Edge Infrastructure

Gartner Rankings for Network Firewalls and WAN Edge Infrastructure

Fortinet investor presentation 2021

Figure 7: Gartner peer review ratings of Fortinet and Palo Alto Networks

Gartner peer review ratings of Fortinet and Palo Alto Networks

Gartner peer review website

Employee ratings

According to Glassdoor.com, Fortinet has better employee ratings and higher CEO approval. A higher percentage of Fortinet employees (87%) of who would recommend to a friend compared to Palo Alto Networks (75%).

Figure 8: Glassdoor employee ratings

Glassdoor employee ratings

Glassdoor.com

Share of Firewall Shipments

According to IDC, Fortinet accounts of over one-third of all firewall shipments worldwide, compared to 4% for Palo Alto Networks (figure 9)

Figure 9: Share of firewall shipments

Share of firewall shipments

Fortinet investor presentation 2021

What differentiates Fortinet from Palo Alto Networks

As I am not a network security expert and do not have the equipment or knowhow to test out either provider’s products or technical support first hand, I have relied on online reviews to make the comparison:

Security rating:

According to a 2019 NSS Labs study, Fortinet has a security effectiveness rating of 93%, compared to Palo Alto Network’s 98% (figure 10)

=> Palo Alto has a higher security rating

Performance

Fortinet’s next generation firewall appliances utilize patented ASIC (application specific integrated circuit) co-processor chips that are optimized to accelerate inspection of content for cybersecurity risks (figure 11 below)

=> Fortinet’s performance is enhanced by its ASIC technology

Cost to performance

Fortinet’s firewall costs under $2 to protect each Mbps compared to Palo Alto’s $20 per megabyte. (figure 10 below)

=> Fortinet’s cost per Mbps is substantially lower

Features

Based on Gartner peer review user feedback, Palo Alto is more feature rich but harder to configure

Setup and Implementation

Users report shorter implementation time for Fortinet

Technical Support

Fortinet: “Support team sends links rather than listen and support client; response slow; but product is solid build so don’t need to depend on CSR much”

Palo Alto: “cost of support is extortion and could replace the hardware many times over”

Palo Alto’s support is superior but more expensive

Overall user comments

“Both are really good”

“Fortinet offers best bang for the buck”

Sources:

Figure 10: Next generation firewall security value map

Next generation firewall security value map

NSS Labs independent validation of Fortinet Solutions

Figure 11: Comparison of SSL Inspection, connections per second, and power consumption

Comparison of SSL Inspection, connections per second, and power consumption

Fortinet investor presentation 2021

Historical stock returns

Over the last three and five years, Fortinet stock has outperformed Palo Alto Networks by a large margin (figure 12)

Figure 12: Fortinet and Palo Alto Network stock returns over the last five years

Fortinet and Palo Alto Network stock returns over the last five years

Yahoo Finance

Financials

Revenues

Overall revenues: Palo Alto Network’s revenues is about 30% higher than Fortinet’s (figure 13, solid lines/left axis), but both companies are growing at similar rates (dotted lines/right axis)

Figure 13: Overall revenues

Overall revenues

Created by author using information provided in publicly available financial reports

The two companies have different geographical strengths. Palo Alto Networks derives about 70% of its revenues from the Americas (figure 14, blue line), while over 60% of Fortinet’s revenues come from outside the Americas in the Asia Pacific and EMEA (Europe, Middle East and Africa) markets (figure 15, green and orange lines).

Figure 14: Palo Alto Networks revenue by geography

Palo Alto Networks revenue by geography

Created by author using information provided in publicly available financial reports

Figure 15: Fortinet revenue by geography

Fortinet revenue by geography

Created by author using information provided in publicly available financial reports

Palo Alto Networks dominates in the Americas (figure 14), but Fortinet has a stronger presence in EMEA (figure 15) and the Asia Pacific region (figure 16).

Figure 14: Comparison of Americas revenues

Pasted Graphic 24.png

Created by author using information provided in publicly available financial reports

Figure 15: Comparison of EMEA revenues

Comparison of EMEA revenues

Created by author using information provided in publicly available financial reports

Figure 16: Comparison of Asia-Pacific revenues

Comparison of Asia-Pacific revenues

Created by author using information provided in publicly available financial reports

Gross margins

Fortinet’s TTM gross margins have expanded since 2017 and is almost 650bp higher than that of Palo Alto Networks (figure 17). I conjecture that Fortinet’s use of ASICS security co-processors, which enables its equipment to deliver higher performance at a lower cost, helps contribute towards the wider gross margins.

Figure 17: Gross margin comparison

Gross margin comparison

Seeking Alpha charting

EBITDA margins

In the last five years, Fortinet’s EBITDA margin has expanded by over 1,000 bps to about 22% (figure 18, orange line).

Palo Alto Network’s EBITDA margin peaked in 2019 and has contracted into negative territory (blue line). This is in part due to the non-cash charges it has taken for stock-based compensation, which ballooned to $987 million for the trailing twelve months ended December 2021 (figure 19, last line). (Fortinet’s stock-based compensation charge over the same period was $238 million, or about one-quarter that of Palo Alto Network’s)

Figure 18: EBITDA margin comparison

EBITDA margin comparison

Seeking Alpha charting

Figure 19: Palo Alto Network’s non-cash stock-based compensation charges have ballooned

Pasted Graphic 35.png

Seeking Alpha financials

Shares outstanding

Palo Alto Network’s fully diluted shares outstanding has increased by almost 10% to 97.5 million since 2016 (figures 20 and 21). Fortinet has been far more disciplined with stock-based compensation– it has repurchased large blocks of shares that has more than offset stock compensation dilution and resulted in its reduction in the number of fully diluted share outstanding from 178 million in 2017 to 167.1 million in 2021 (figure 22).

Figure 20: Comparison of fully diluted shares outstanding

Pasted Graphic 32.png

Seeking Alpha charting

Figure 21: Palo Alto Networks full-diluted shares outstanding

Pasted Graphic 37.png

Seeking Alpha financials

Figure 22: Fortinet fully diluted shares outstanding

Pasted Graphic 36.png

Seeking Alpha financials

Insider ownership

Palo Alto Networks founder and CTO Nir Zuk currently owns 824,372 shares valued at $430 million. CEO Nikesh Arora owns 535,879 shares valued at $278 million. Both have been sellers of PANW shares, and their collective ownership represents less than 1.5% of total shares outstanding.

Fortinet founder and CEO Ken Xie owns 15.8 million shares while and his brother and CTO Michael Xie owns 14.3 million shares. Together, they own about 30 million shares valued at $10.7 billion, representing about 18% of total shares outstanding.

Perhaps Fortinet management’s large ownership stakes might partly explain its more disciplined stock-based compensation plan.

Valuation

Both stocks have declined along with the recent market pullback, and the price to cash flow valuations are approximately 32x and 30x for Palo Alto Networks and Fortinet respectively (figure 23). Even though the valuations of both attractive relative to the recent past, there may be additional downside risk if valuation multiples regress to pre-2020 levels.

Figure 23: Comparison of valuation

Pasted Graphic 33.png

Seeking Alpha charting

Concerns

My main concerns are:

(1) Valuation, as discussed above,

(2) Reputation risk should the companies suffer a high-profile failure to defend against cyberattacks, and

(3) Key man risk on the loss of founders Ken or Michael Xie at Fortinet, or the loss of Nir Zuk at Palo Alto Networks.

In summary

The Internet has become an integral part of our lives, but it makes us more vulnerable to attacks by unscrupulous hackers. The addition of mobile devices, machinery, and IOT sensors expands the attack surface which exacerbates the problem.

Accenture estimates the cost of cybercrimes on society between 2019 and 2023 at an eye-popping $5.2 trillion, and the number and cost of cyberattacks and the costs on individuals, organization, and society continue to climb.

Fortinet and Palo Alto Networks are the two leading cybersecurity appliance providers. Fortinet has a stronger international presence and provides customers with more “bang for the buck”, while Palo Alto Network is dominant in the US and its products are more expensive but feature rich.

Both companies are well-run, but I am partial towards Fortinet due to its higher margins, greater exposure to international and emerging markets, and stronger alignment of interest between management and shareholders stemming from top management’s very large ownership stakes.

The companies’ stock prices have come down with the recent market pullback, but valuations are still high and there may be additional downside risk if multiples regress to pre-2020 levels. I intend to add to my positions upon sharp market pullbacks.



Original Source link

Leave a Reply

Your email address will not be published.

85 − = seventy five