Cybersecurity Software Companies – December 2021 Update

It is no secret that cybersecurity ranks among the top concerns for business leaders around the globe. Valuations of cybersecurity software companies have risen precipitously over the last several years. However, towards the end of 2021, valuations declined. This article will examine some of the trends currently impacting the valuations of publicly-traded cybersecurity software companies.

This article updates our June 30, 2021 analysis.

Important notes: This article examines potential driving factors for cybersecurity software company valuations from a financial statement perspective. An actual business valuation requires an in-depth analysis of the business operations and associated risk factors that are not always evident from the data on financial statements. Also, to keep the length manageable, this article will focus on what the author interpreted as the primary value drivers. It will not touch on every observation in the data. For a quick read on the basic concepts of risk and return and how they apply in the context of this article, please visit: What is Value? and Risk and Return in the Market Approach.

The industry constituents for this analysis are listed below. The effective date of this analysis is December 29, 2021.

Industry constituents analyzed in this article.

Figure 1 summarizes three items for the cybersecurity software companies:

  • Total enterprise value calculated as the sum of market capitalization and interest-bearing debt less cash;
  • Median revenues; and
  • Median earnings before interest, taxes, depreciation, and amortization (“EBITDA”).

The latest fiscal year is notated “LFY” (calendar 2020), while the latest 12 months is labeled “LTM” (latest available information as of December 29, 2021).

Historical trend of enterprise values and revenue

Figure 1 illustrates a significant rise in the valuations of publicly-traded cybersecurity software companies over the last several years and the overall decline in enterprise values at the end of 2021. Increases in enterprise value appeared to have coincided with improvements in revenue up until the LTM period. We will seek to explain this decline in this article.

Software-as-a-Service (“SaaS”) companies tend to trade on revenue metrics due to the expectation of significant growth and, therein, the prospect of substantial future returns in the form of cash flow. Formal business valuations usually consider a vital revenue metric: annualized run-rate. This figure is a forward-looking measurement of the current revenue-generating potential of a business based on currently subscribed customers. This analysis will be limited to the revenue reported in financial statements under Generally Accepted Accounting Principles (“GAAP”). For more information on SaaS companies, see our December 31, 2020 analysis.

Valuation Multiples

Figure 2 presents the historical trend of revenue multiples for the industry.

Historical trend of median revenue multiples

Based on the trends observed in Figure 2, the median valuation multiple decreased in the LTM. This makes sense given the decline in enterprise values despite continued growth in revenue. However, median multiples can only tell us so much about the industry. Let’s dive into what seems to be impacting valuations.

The Growth Story

Growth often has a strong influence on how companies are valued. A summary of the consensus forecasts for each group is presented in Figure 3 below (note that “NFY” means next fiscal year; NFY = calendar 2021 for most companies).

Historical and projected revenue growth trend (current year vs. prior year)

In Figure 3, the orange line represents data as of December 31, 2020. At the time, projections for the industry suggested a slow-down in revenue growth in 2020. Expectations for 2021 and 2022 indicated a robust post-pandemic recovery.

The blue line in Figure 3 represents information as of December 29, 2021. Ultimately, revenue growth slowed as expected. However, growth in 2021 is currently expected to be less than projected as of the end of 2020. The revenue levels previously projected for 2021 are now expected to be reached in 2022. This lag may be the culprit for a the adjustment in valuations between December 2020 and 2021.

We also looked to identify a meaningful correlation between growth and observed valuation multiples. See Figure 4 below.

Chart plotting NFY revenue multiples against NFY+1 revenue growth

In Figure 1, the companies with the highest growth rates appear to have traded at the highest multiples, while companies with lower growth rates appeared to have sold at lower multiples. However, the dispersion in the data suggests that other factors are likely playing a role in industry valuations.

The Size Story

Larger companies are generally perceived to have lower levels of risk relative to smaller companies. This dynamic can be due to several factors, including improved product or geographic diversification, deeper management teams, access to various distribution channels, and better availability of capital.

Figure 5 presents a possible correlation between size (measured by market capitalization) and LTM revenue multiples.

Chart plotting market capitalization vs. LTM revenue multiples

The data in Figure 5 suggests that larger companies tend to trade at higher valuation multiples. There are variations in the data, which again suggest that size is not the only determinant for how investors are pricing these companies. For example, Check Point Software Technologies Ltd. was among the largest of the industry constituents. The positive aspect of this company’s size, however, may be offset by its low 2022 growth rate (at 3.5%, it has one of the lowest growth rates among its peers).

The Profitability Story

Revenue multiples are typically heavily influenced by profitability. We usually observe higher revenue multiples in companies with higher levels of profitability. In Figure 6, we plot NFY revenue multiples against NFY EBITDA margins.

Chart plotting NFY revenue multiples vs. NFY EBITDA margins

We did not identify a meaningful relationship between profitability and revenue multiples for the public cybersecurity software companies. Since SaaS businesses’ future success depends on their ability to scale up, it makes sense that revenue multiples tend to be more aligned with growth than with profitability.

The Leverage Story (***New***)

New to this update, we consider the impact of financial leverage (or the companies’ use of debt) and their impact on the valuation multiples. In the last year, we have noticed an increasing trend of risk mitigation among investors, both in the private and public markets. Therefore, we have included financial leverage among the considerations we analyze to explain the observed valuation multiples.

Debt usage tends to increase financial risk to equity holders. Debt holders have a senior position within a company’s capital structure, and debt servicing occurs before any cash flow benefits (i.e., dividends) issued to equity holders. Greater levels of perceived financial risk to equity holders tend to reduce valuation multiples. In Figure 7, we plot NFY revenue multiples against their associated interest coverage ratios (where available).

Chart plotting NFY revenue multiples vs. interest coverage ratios

The interest coverage ratio measures a company’s ability to pay its interest obligations. The higher the ratio, the greater the company’s ability to cover its interest expense with its operating income. We were unable to discern a meaningful relationship from the data presented in Figure 7.

Tying it All Together

The trends observed in this article suggest that the valuations of publicly-traded cybersecurity software companies appear to be influenced by growth and size. A summary of these observations is presented below and compared to observations as of December 31, 2020.

Summary of financial metrics on valuation multiples

The factors impacting valuations between as of the end of 2020 and December 29, 2021 do not appear to have changed significantly. Growth continues to be a primary factor in how cybersecurity software companies are priced. In fact, a reduction in growth expectations between December 2020 and December 2021 may be the cause of the recent decline in enterprise values.

Despite the reduction in growth expectations for the industry, demand for cybersecurity software is not likely to decline for the foreseeable future. As the global work environment continues to evolve amid the pandemic, companies have moved to mitigate the risk of data breaches and ransomware attacks through stricter data control protocols. Jeremy Swenson of Abstract Forward put together a great article summarizing cybersecurity trends in 2021 and how they are likely to impact 2022. These trends are likely to continue to drive demand for the industry (and growing valuations).

I hope you found this analysis helpful. Any input, feedback, suggestions, and questions (including disagreements with my high-level analysis) are welcome! Thanks for reading.

***

The quantitative industry analytics shown in this analysis was powered by ValuAnalytics’ proprietary valuation analytics platform. If you are a private equity firm looking to streamline your mark-to-market analyses at a cost-effective price or a business executive trying to benchmark your company against its peers, we are here to help. ValuAnalytics provides cost-effective, expert-level valuation analytics to give you the insight you need to make better-informed decisions around valuation. For private equity funds, we can help with your annual mark-to-market accounting exercise. Click Request Service to get started.