Proofpoint (PFPT) isn’t your daddy’s spam protector.
The highly-rated cybersecurity firm jumped to the cloud in 2008. And within three years of its April 2012 initial public offering, Proofpoint launched social and mobile products that, today, are swiping share from rivals Cisco Systems (CSCO) and Symantec (SYMC).
CEO Gary Steele credits Proofpoint’s nimble nature, which he says hasn’t changed since it was a venture capital-backed Silicon Valley newbie in 2002 with 10 employees. Now, Proofpoint boasts more than 1,300 staffers.
“In a world where you’re in an ongoing war against bad actors, we have to be nimble and responsive to the changes we see in the marketplace,” he told IBD. “And I think that’s one of the things that has truly distinguished the company.”
Proofpoint on Friday cleared a 76.93 buy point from a short consolidation. The stock climbed 0.9% to 77.20 on the stock market today, but in light volume.
Proofpoint stock has surged 19% year to date, outplaying IBD’s 26-company Computer Software-Security industry group, down nearly 8%. But the group, too, is seeing a resurgence and ranks No. 30 out of 197 industries tracked, up from No. 191 over 13 weeks.
IBD’S TAKE: Proofpoint is ranked No. 4 in IBD’s security software group. Go to IBD Stock Checkup to find the top three cybersecurity stocks — and how they stack up vs. Proofpoint.
That’s because cybersecurity spending is taking a larger-than-expected chunk of total IT spending, Dougherty analyst Catharine Trebnick says. Panic spending forced valuations to rocket in 2015 and the first half of 2016 couldn’t keep up.
But the second half is turning out to be a different story, Trebnick told IBD.
“You’re seeing in IT spending, security is still a No. 1 priority,” she said. “And in this whole security area, email is the No. 1 threat vector. It’s also the place where people feel they have control over their network.”
And that’s where Proofpoint is winning, she says.
Social Engineering Drives Proofpoint’s Thesis
Proofpoint got its start as a spam-blocker. But today’s hackers are less interested in selling a “Rolex” and more interested in credential theft. Thus, social engineering is at the heart of most attacks.
Such was the case in February and March when Seagate Technology (STX) and Snapchat were duped into dispensing thousands of W-2 forms. Seagate’s breach came down to a phishing attack whereas Snapchat was duped by a spoofed email.
Both are nascent email cons. Phishing emails contain legitimate-sounding requests for information. Spoofing changes a key figure in an email address. So in Snapchat’s case, CEO Evan Spiegel’s last name could have been spelled with the number 1.
“The email threat vector is really vulnerable,” Piper Jaffray analyst Andrew Nowinski told IBD. “It’s easier to trick a human into clicking a link than it is to write sophisticated malware.”
Since January 2015, businesses lost a collective $3.1 billion in email compromise schemes across the globe, the FBI found. Last year, 30% of targeted people opened a malicious email, according to a recent Verizon study.
Proofpoint’s targeted attack protection (TAP) aims to solve that equation by filtering out malware-ridden emails before they arrive in the inbox. And for spear-phishing and spoofing, last Wednesday Proofpoint announced the $18 million acquisition of Return Path’s email fraud protection business.
Last year, industry tracker Gartner predicted TAP, data loss prevention and encryption would continue driving secure email gateway (SEG) growth. Overall, the SEG segment is expected to sustain 2%-4% growth annually over the next several years.
“The SEG market is mature. The penetration rate of commercial SEG solutions is close to 100% of enterprises,” Gartner wrote. “Despite the market maturity, companies can’t do without SEG solutions. … Despite the low overall growth, we do see individual vendors that are taking market share.”
Cisco, Symantec, FireEye Losing Out
A Piper Jaffray survey of resellers found Proofpoint is most often beating out Cisco and Symantec, with FireEye‘s (FEYE) on-premises solution trailing, Nowinski told IBD. Mimecast (MIME), which filed its IPO last year, targets small and midsize businesses (SMBs), while Proofpoint’s focus is larger companies and enterprises.
Proofpoint is outgrowing Cisco and Symantec. In 2015, Proofpoint grew its sales 31%, leading 16% growth in Cisco’s security segment. Symantec shrank 10%, though its Blue Coat Systems acquisition will likely help it grow this year.
“Cisco is really pushing their security angle,” Dougherty’s Trebnick said. “They’re trying to establish a bundle, but I wouldn’t say they have any new function or features. Only Proofpoint and Mimecast have whaling (spoofing) detection. … Cisco is late to the game.”
The proof is in the pudding for Proofpoint, Rosenblatt analyst Marshall Senk said in an Aug. 1 research report. During Q2, Proofpoint hit “an inflection point,” crushing Wall Street’s sales, earnings, billings and free cash flow projections, and hitting profitability two quarters ahead of time.
Revenue growth accelerated for a second straight quarter, to 41%, its best gain in seven quarters.
Beyond that, Proofpoint expects to hit $1 billion in annual sales by 2020. To do that, the company would have to maintain a 20%-32% compound annual growth rate. Since 2013, Proofpoint has grown an average 37% annually. Sales have grown by more than a third for the past 11 quarters.
It’s also beaten sales expectations by an average of 4.3% for the past eight quarters. It has met or topped EPS minus items views for the last seven of eight quarters. Nowinski credits Proofpoint’s keen forecasting skill to the fact 97% of its sales stem from subscriptions.
“The average contract length is between 15 and 22 months,” he said. “They have two years of visibility already from all the contracts they’ve been signing.”
Intel, Palo Alto, Microsoft Tailwinds
Perhaps the biggest tailwinds for Proofpoint stem from cooperation. Earlier this summer, Proofpoint announced partnerships with Palo Alto Networks (PANW), Splunk (SPLK), CyberArk Software (CYBR) and Imperva (IMPV) for technical integration.
The partnerships open Proofpoint up to nonoverlapping customer bases like Palo Alto Networks’ 26,000 customers, Wells Fargo analyst Gary Powell wrote in a July 25 research report. Meanwhile, Intel (INTC) McAfee is obsoleting its services and recommending customers to Proofpoint.
Nowinski models an $80 million to $100 million McAfee opportunity for Proofpoint. Steele wouldn’t put a dollar-figure on the potential windfall. Dougherty’s Trebnick expects it to be a five-year push.
On top of that, the transition to Microsoft (MSFT) Office 365 adds another three- to four-year charge. Microsoft launched its cloud-based Office 365 in 2011. But only about 13% of all publicly listed firms have made the switch to cloud-based office systems, Trebnick says. It has online threat protection built in, and offers sandboxing on its enterprise model, but doesn’t include spoofing protection.
“CIOs (chief information officers) say that there’s too much latency with (Microsoft’s) new products, so they’d rather choose the (enterprise) version with either the Mimecast piece of it or install the Proofpoint piece,” she said. “They work in conjunction.”