Cybersecurity Software Company Valuations – June 2022
It is no secret that cybersecurity ranks among the top concerns for business leaders around the globe. There are endless articles describing all the different cybersecurity threats out there today that you have not thought of yet. Here are two such pieces piece 1 and piece 2! As a result, the demand for solutions to these issues continues to rise. Valuations of cybersecurity software companies rose precipitously over the last several years as demand skyrocketed. However, valuations declined towards the end of 2021 and through the first half of 2022.
We will examine some of the trends currently impacting the valuations of publicly-traded cybersecurity software companies.
This article updates our December 2021 analysis.
Important notes: This article examines potential driving factors for cybersecurity software company valuations from a financial statement perspective. An actual business valuation requires an in-depth analysis of the business operations and associated risk factors that are not always evident from the data on financial statements. Also, to keep the length manageable, this article will focus on what the author interpreted as the primary value drivers. It will not touch on every observation in the data. For a quick read on the basic concepts of risk and return and how they apply in the context of this article, please visit: What is Value? and Risk and Return in the Market Approach.
The industry constituents for this analysis are listed below. One company from our prior analysis was eliminated: Nxt-ID, Inc., as it had shifted its business focus to healthcare devices. The effective date of this analysis is June 30, 2022.
Figure 1 summarizes three items for the cybersecurity software companies:
- Total enterprise value calculated as the sum of market capitalization and interest-bearing debt less cash;
- Median revenues; and
- Median earnings before interest, taxes, depreciation, and amortization (“EBITDA”).
The latest fiscal year is notated “LFY” (calendar 2021), while the latest 12 months is labeled “LTM” (latest available information as of June 30, 2022).
Figure 1 illustrates a significant rise in the enterprise values of publicly-traded cybersecurity software companies through 2020 and their subsequent decline in 2021 and June 2022. We will seek to explain the recent decline in valuations in this article.
Software-as-a-Service (“SaaS”) companies tend to trade on revenue metrics due to the expectation of significant growth and, therein, the prospect of substantial future returns in the form of cash flow. Formal business valuations usually consider a vital revenue metric: annualized run rate. This figure is a forward-looking measurement of the current revenue-generating potential of a business based on currently subscribed customers. This analysis will be limited to the revenue reported in financial statements under Generally Accepted Accounting Principles (“GAAP”). For more information on SaaS companies, see our December 2020 analysis.
Valuation Multiples
Figure 2 presents the historical trend of revenue multiples for the industry.
Based on the trends in Figure 2, median revenue multiples rose dramatically through 2020 before stabilizing around 7.0x in 2021 and June 2022. Let’s dive into what seems to be impacting valuations.
The Growth Story
Growth often has a strong influence on how companies are valued. A summary of the consensus forecasts for each group is presented in Figure 3 below (note that “NFY” means next fiscal year; NFY = calendar 2022 for most companies).
In Figure 3, the orange line represents data as of June 30, 2021. The public cybersecurity software providers were expected to achieve strong revenue growth from 2021 through 2023. The blue line in Figure 3 represents information as of June 30, 2022. Revenue in 2021 fell in line with expectations. However, current growth estimates for 2022 and 2023 exceed those projected a year ago. Curiously, despite continued improvement in growth expectations for the industry, valuations declined.
We also looked to identify a meaningful correlation between projected growth rates and observed valuation multiples. See Figure 4 below.
In Figure 4, the companies with the highest growth rates appeared to have traded at the highest multiples, while those with lower growth rates appeared to have sold at lower multiples. However, the dispersion in the data suggests that other factors are likely playing a role in industry valuations.
The Size Story
Larger companies are generally perceived to have lower levels of risk relative to smaller companies. This dynamic can be due to several factors, including improved product or geographic diversification, deeper management teams, access to various distribution channels, and better availability of capital.
Figure 5 presents a possible correlation between size (measured by market capitalization) and LTM revenue multiples.
The data in Figure 5 suggests that larger companies tend to trade at higher valuation multiples. Variation in the data indicates that size is not the only determinant for how investors are pricing these companies.
The Profitability Story
Revenue multiples are typically heavily influenced by profitability. We usually observe higher revenue multiples in companies with higher levels of profitability. In Figure 6, we plot LTM revenue multiples against NFY EBITDA margins.
Companies with the highest margins generally traded at the highest revenue multiples. However, companies with lower EBITDA margins traded at a wide range of revenue multiples indicating that investors are likely considering other factors in assessing their values.
The Leverage Story
Debt usage tends to increase financial risk to equity holders. Debt holders have a senior position within a company’s capital structure, and debt servicing occurs before any cash flow benefits (i.e., dividends) are issued to equity holders. Greater levels of perceived financial risk to equity holders tend to reduce valuation multiples. In Figure 7, we plot LTM revenue multiples against their associated debt to total capital ratios (where available).
We could not discern a meaningful relationship from the data presented in Figure 7.
Tying it All Together
The trends observed in this article suggest that the valuations of publicly-traded cybersecurity software companies appear to be influenced heavily by growth and size and, to a lesser extent, profit margins. A summary of these observations is presented below compared to observations as of December 2021.
The factors impacting valuations between the end of 2021 and June 30, 2022 do not appear to have changed significantly. Growth continues to be a primary factor in how cybersecurity software companies are priced. Therefore, the downward shift in valuations may be caused by other factors, including potentially investor sentiment, the impact of competition, and the ability of larger public firms to adapt and innovate in an ever-evolving environment. Some of the factors that may have caused the broad decline are outlined in this write-up by Bessemer Venture Partners, including the addition of many new competitors offering new and innovative solutions addressing specific security challenges that arise on a nearly daily basis and the movement of capital away from larger legacy players in the market toward more recent entrants with more innovative platforms.
I hope you found this analysis helpful. Any input, feedback, suggestions, and questions (including disagreements with my high-level analysis) are welcome! Thanks for reading.
***
ValuAnalytics’ proprietary valuation analytics platform powered the quantitative industry analytics shown in this analysis. If you are a private equity firm looking to streamline your mark-to-market analyses at a cost-effective price or a business executive trying to benchmark your company against its peers, we are here to help. ValuAnalytics provides cost-effective, expert-level valuation analytics to give you the insight you need to make better-informed decisions around valuation. Click Request Service to get started.