Security software gears up for more M&A: sources

By Nadia Damouni

NEW YORK (BestGrowthStock) – Tech behemoths rushing to fill hardware and software holes in their portfolios may buy up most of the remaining public security software companies over the next 12 to 24 months, according to tech investment bankers and analysts.

Intel Corp (INTC.O: ) paved the way in August when it announced a $7.7 billion deal to buy U.S. security software company McAfee (MFE.N: ). Just a month later, Hewlett-Packard Co (HPQ.N: ) said it agreed to pay a rich multiple to acquire cyber-security vendor ArcSight Inc (ARST.O: ) for $1.5 billion.

As consumers and enterprises increasingly use mobile and other devices to access software and data from web servers, threats to security have become even more critical, said those bankers and analysts.

“I’m surprised it has taken this long for folks to get around to security acquisitions, but would expect that pretty much the whole space will be consolidated with the larger players over the next 24 months,” said one of tech bankers.

The handful of security software companies still left in the public sphere may find that remaining a stand-alone is quite a feat, these sources said.

Security companies such as Websense Inc (WBSN.O: ), Sourcefire Inc (FIRE.O: ) and Fortinet Inc (FTNT.O: ) would fit into the portfolios of tech giants looking for ways to increase security in their data centers, said two other software bankers.

“The larger security players have a strong footprint, but some of the smaller ones have better intellectual property,” said Eric Mandl, global head of software banking at UBS. “The smaller guys are going to get snatched up, unless they can grow to a level where they can remain competitive.”

Last year San Diego-based Websense received a takeover approach from an undisclosed suitor, but talks broke down over valuation, said a separate familiar with the matter. The company has not run a sale process but has spoken to major acquirers over the past few months, said a second person familiar with the matter.

Websense has made a name for itself in area known as Web security filtering, but the first source familiar with the Websense situation said the real growth area in security is “hosted security solutions” — also referred to as software-as-a-service (SaaS).

Websense’s chief executive, Gene Hodges, has said publicly that the company is open to a takeover bid.

The company, which has a market cap of $784 million, would fit best under the leadership of one of the tech giants, the sources said, as its brand is no longer considered as competitive as some of its peers.

One such peer includes open source security provider Sourcefire, which over the past few years has received a number of takeover approaches, including unsuccessful offers from Israel’s Check Point Software Technologies (CHKP.O: ) and Austria’s Barracuda Networks (PHIO.VI: ).

“It’s amazing that company is still independent,” said the second source. With a market cap at just north of $800 million, Sourcefire is bite size, the source said, adding that a number of logical buyers, including IBM, Oracle and Dell, are holding off until they can see the benefits of combining various security and software businesses.

Sourcefire declined to comment for the story. David Meizlik, director of product marketing at Websense declined to comment on takeover rumors.


As traditional hardware vendors move deeper into the security industry, questions have been raised as to whether stand-alone companies will be able to compete effectively .

James Beer, chief financial officer of security software maker Symantec Corp (SYMC.O: ), which has been under the spotlight since its acquisition of storage business Veritas in 2005, said he’s not feeling a competitive threat from the likes of Intel and Hewlett-Packard.

“While it is absolutely true to say that you see more of the traditional hardware players looking to get more involved in the software sector, they get involved from the perspective of their own hardware or operating system platform,” Beer said.

This is a message that a number of stand-alone security companies are arguing will keep them ahead of the tech giants.

Yet, in the enterprise-software business if one of the stand-alones is not aligned with a data center vendor it could eventually hurt sales, said Sunit Gogia, an analyst at Morningstar.

Although there are still opportunities for the independent security firms to solve their problems, Gogia said if the consolidation continues, the stand-alones won’t want to be left out.

(Editing by Steve Orlofsky)

Security software gears up for more M&A: sources