& cplSiteName &

Cisco Slammed on Security Performance

Iain Morris

Cisco has fared poorly in a new index ranking vendors of security products on sales performance, coming in seventh out of eight companies on recent quarterly growth.

Security sales rose just 3% in what Cisco Systems Inc. (Nasdaq: CSCO) refers to as its most recent fourth quarter (covering May to July), to $558 million, compared with the year-earlier period, according to the third edition of the HardenStance Network Security Spending Index (NSSI), which began monitoring security vendors in March this year.

Table 1: Year-on-Year Quarterly Sales Growth

Vendor ranking Vendor Q2 2017 YoY sales growth Q2 2017 sales ($M) Q2 2016 sales ($M)
1 Symantec +33% $1,175 $884
2 Palo Alto +27% $509 $401
3 Fortinet +17% $364 $311
4 Sophos +11% $142 $127
5 Check Point +9% $459 $423
6 Trend Micro +6% $318 $287
7 Cisco +3% $558 $540
8 Juniper -12% $69 $78
Source: HardenStance.

That means Cisco grew at a slower rate than Symantec Corp. (Nasdaq: SYMC), Palo Alto Networks Inc. , Fortinet Inc. , Sophos plc , Check Point Software Technologies Ltd. (Nasdaq: CHKP) and Trend Micro Inc. in their equivalent March-to-June or April-to-July quarters.

Only Juniper Networks Inc. (NYSE: JNPR) did worse than Cisco, reporting a 12% year-on-year drop in quarterly security sales, to $69 million.

Perhaps even more importantly, Cisco also performed badly when measured on sales growth in a 12-month period, coming sixth in the eight-vendor ranking.

Table 2: Sales Growth over 12-Month Reporting Period

June 2017 rank Vendor Growth in the 12 months to June/July 2017 vs 12 months to June/July 2016 12-month sales to June/July 2017 ($M) 12-month sales to June/July 2016 ($M)
1 Palo Alto +28% $1,762 $1,379
2 Symantec +21% $4,310 $3,572
3 Fortinet +20% $1,385 $1,153
4 Trend Micro +19% $1,290 $1,080
5 Sophos +11% $544 $492
6 Cisco +9% $2,153 $1,969
7 Check Point +7% $1,808 $1,689
8 Juniper -22% $301 $387
Source: HardenStance.

Revenues were up 9% in the year ending July, to about $2.15 billion, compared with the preceding 12-month period, putting Cisco behind Palo Alto Networks, Symantec, Fortinet, Trend Micro and Sophos, but ahead of Check Point and Juniper for the equivalent 12-month reporting period.

Despite its comparatively sluggish rate of growth, Cisco continues to rank as the second-biggest security vendor on total sales. But it falls a long way behind market leader Symantec, whose revenues were double Cisco's in the latest 12-month reporting period.

Known as the world's largest vendor of Internet Protocol network equipment, Cisco has made a push into the fast-growing security market as it tries to offset a slowdown at its mainstream hardware business.

But HardenStance founder and principal analyst Patrick Donegan flags concern about several aspects of Cisco's positioning in the security space, including its firewall products. "I continue to hear of customers not being happy with their firewall software," he tells Light Reading.

Donegan also calls into question some of the security claims that Cisco has made about Network Intuitive, its recently announced intent-based networking initiative.

"The ability to detect malware from a encrypted traffic stream with the whole Network Intuitive push may well have real value -- let's see what customers make of it," he says. "But certainly Cisco's initial pitching of it has had far too much of a marketing-driven 'silver bullet' ring to it -- and that's just not the real-world, incremental, risk-mitigating tone that a lot of enterprises expect from a leading security partner."

Want to know more about cloud services? Check out our dedicated cloud services content channel here on Light Reading.

Donegan broadly welcomes Cisco's focus on security but sees a risk that its bullish rhetoric will backfire.

"The core of the security strategy is fine, it makes good sense," he says. "They're just getting a bit ahead of themselves -- talking the talk quite a bit better than they walk the walk. I just don't think that's going to help them in this market space."

HardenStance's latest ranking comes shortly after Cisco was forced to defend the performance of its security business during an earnings call with analysts.

"I have zero concerns about the business -- this is a revenue-timing issue," said Chuck Robbins, Cisco's CEO, according to a Seeking Alpha transcript, after one analyst raised concern about the slow rate of growth in the security business. "We saw some of the strongest order growth in the quarter as we've seen in the last two years ... So the strength in the business I'm still comfortable with."

Along with some other vendors in this space, Cisco's security strategy has been fueled largely by takeover activity over the last few years, including the $293 million acquisition of CloudLock in June 2016 and a $452.5 million takeover of Lancope in late 2015.

Donegan says acquiring a security portfolio, including a number of leading-edge companies, doesn't automatically make for a leader in security. "Buying up a quarter of Bordeaux's vineyards doesn't make you a sommelier. It doesn't even mean you're a great wine merchant," he says. "It just means you own a load of real estate in the south-west of France."

— Iain Morris, Circle me on Google+ Follow me on TwitterVisit my LinkedIn profile, News Editor, Light Reading

(8)  | 
Comment  | 
Print  | 
Newest First  |  Oldest First  |  Threaded View        ADD A COMMENT
User Rank: Lightning
9/18/2017 | 4:08:56 PM
Re: can not see
All of the large and medium sized security vendors derive the large majority of their revenues from enterprise verticals other than the telecom sector. Most of them view telecom as just one of the several - five or six - unique industry verticals that they serve.
User Rank: Lightning
9/18/2017 | 4:05:50 PM
Re: can not see
The HardenStance Network Security Sales Index (NSSI) puts together a sample of eight of the largest security vendors and tracks their sales figures as published in their quarterly earnings reports.

Focusing on eight of the largest security players the NSSI provides a pretty robust indicator of how fast the market in security hardware and software is growing using irrefutable data. Hence the very long list of mostly smaller vendors that aren't included.

The NSSI also provides objective benchmarking as to which among the eight security vendors are doing well - and which are doing not so well - relative to peers.

There's a link to full report in Iain's article.

Look for the next edition in December. 

Patrick Donegan (HardenStance). 
User Rank: Light Sabre
9/18/2017 | 8:03:10 AM
Re: can not see
Probably Iain can answer this better but the vendors mentioned here are in the enterprise space with large piece of the pie. The only one I don't know too much is Sophos but becaue it is more Euro-centric. And some like Kaspersky not mentioned probably because they don't have the metrics and/or too small. I can think of niche providers like CyberArk, Barracuda, Rapid 7 etc.

Additionally, I think Intel (am a shareholder) has mismanaged McAfee into obsolescence. Now that it is in the hand of private equity, who knows what its future hold. It stands in contrast with Symantec, after jettisoning Legato and buying Blue Coat and then LifeLock, it is riding high with the Equifax hack
User Rank: Light Sabre
9/18/2017 | 7:42:33 AM
Re: M&A
Cisco seems to have been the recipient of lots of criticism in recent quarters and while they've certainly mertied some, it's still an open question of how their earnings and sales may perform in the future. But they have their work cut out for them to move forward despite sometimes not so good numbers.
User Rank: Light Beer
9/12/2017 | 10:20:48 AM
can not see
Hi, nice article. But I can not see McAfee there ? Is this becasue they are not on NASDAQ ?
User Rank: Lightning
9/7/2017 | 4:01:13 AM
Re: M&A
Consolidation has already occurred at a pace (as you mention) and still has a considerable way to go.

At the same time, new entrants are pouring into the cyber security market at (an even faster) pace.

In part, buyers are still looking to the big guys to do the consolidating for them. But in parallel we're also starting to transition to more of a global cloud provider model featuring a smaller number of larger cyber security platforms into which multiple independent security software vendors rapidly integrate and hence proliferate rather than being swallowed up by one of the big boys.

Momentum Partners, for example, state that in Q2 VC activity in the cyber security space "saw a tremendous increase while M&A activity declined through 2Q17". They report total announced cyber security M&A volume in Q2 totaling $509M across 25 transactions which they describe as "a significant decline".

The sign of things to come. 
User Rank: Light Sabre
9/6/2017 | 1:31:54 PM
Nice writeup but the devil is in the details.

Case in point, while I am a shareholder of SYMC and nice to see its sales growth, it is only fair to point out there is no break out of organic v. acquisitive growth. 

That said, CSCO has been buying growth for as long as I can remember, so it may not be an excuse. Also, while CSCO's business is more diversified, one of its goals is to dominate the security space. 

Upshot? Security is ripe for consolidation. SYMC CEO said so, even after the two big transactions in Blue Coat and LifeLock. So CSCO may have to stop pandering shareholders for a while and start making meaningful acquisitions
User Rank: Lightning
9/6/2017 | 10:58:21 AM
headline and body text
Wouldn't have been my first choice of headline, Iain, but nice piece notwithstanding that.
Featured Video
From The Founder
John Chambers is still as passionate about business and innovation as he ever was at Cisco, finds Steve Saunders.
Flash Poll
Upcoming Live Events
June 26, 2018, Nice, France
September 12, 2018, Los Angeles, CA
September 24-26, 2018, Westin Westminster, Denver
October 9, 2018, The Westin Times Square, New York
October 23, 2018, Georgia World Congress Centre, Atlanta, GA
November 7-8, 2018, London, United Kingdom
November 8, 2018, The Montcalm by Marble Arch, London
November 15, 2018, The Westin Times Square, New York
December 4-6, 2018, Lisbon, Portugal
All Upcoming Live Events
Hot Topics
The Telco Debt Binge May End Badly
Scott Raynovich, Founder and Principal Analyst, Futuriom, 6/15/2018
Mavenir's Billion-Dollar Blueprint
Ray Le Maistre, Editor-in-Chief, 6/18/2018
Larry Ellison Laughed at the Cloud, Now the Cloud Is Laughing Back
Mitch Wagner, Executive Editor, Light Reading, 6/20/2018
Source Packet Routing Gets Real in 2018
Sterling Perrin, Principal Analyst, Heavy Reading, 6/15/2018
5G Transport – Where Do We Start?
Ray Le Maistre, Editor-in-Chief, 6/21/2018
Animals with Phones
Backing Up Your Work Is Crucial Click Here
Live Digital Audio

A CSP's digital transformation involves so much more than technology. Crucial – and often most challenging – is the cultural transformation that goes along with it. As Sigma's Chief Technology Officer, Catherine Michel has extensive experience with technology as she leads the company's entire product portfolio and strategy. But she's also no stranger to merging technology and culture, having taken a company — Tribold — from inception to acquisition (by Sigma in 2013), and she continues to advise service providers on how to drive their own transformations. This impressive female leader and vocal advocate for other women in the industry will join Women in Comms for a live radio show to discuss all things digital transformation, including the cultural transformation that goes along with it.

Like Us on Facebook
Twitter Feed