Cyber Fantasy Versus Reality
I took the Chairman CEO of Palo Alto Networks to task on Linkedin this morning. Character limits prevented me from explaining how the market for cybersecurity products really works.
Nikesh Arora posted to Linkedin shortly after his company bled out $25 billion in market cap. His post was an attempt to explain his philosophy and why they announced steps to give away products for free to get new customers on to their platform. Sadly, his post reveals a deep misunderstanding about how the cybersecurity industry works.
Let me preface my remarks with an understanding that Palo Alto Networks is the best run cybersecurity company ever. Its executives have made smart acquisitions and executed on rebranding them under the PAN umbrella. Its customers and Wall Street have recognized that as evidenced by continued revenue growth and appreciation in its stock.
Rather than re-hash the best-of-breed versus platform arguments let me just spell out how the industry really works.
A vendor led by an entrepreneur comes up with a better solution. Eventually it wins out as the best of breed. Often it goes public based on increasing market share in its category.
Leveraging its large install base and good reputation with its existing customers it seeks out and acquires other fast growing cybersecurity companies. Typically it focuses on its own category and buying center be that network, endpoint, data, identity, or GRC.
It offers those newly acquired products to its existing customers who appreciate buying from a company that gives them good service. Often they are able to see revenue of 50-100% of the purchase price in the first year.
Repeat the process.
To do this well takes professional management. It can’t be shoot-from-hip cowboy style like Symantec and McAfee were famous for. The best example was Cisco in the early days when they focused on networking, not so much when they got into email security and DNS security.
There are many pitfalls to avoid when executing on a strategy of growth by acquisition. You have to make wise choices and not be swayed by what your competitors are doing. You have to excel at absorbing and integrating the people you acquire while not distrupting the pipeline they bring. You have to avoid selling to a new buying center.
There is no question that Palo Alto’s management have been executing on the above better than any vendor before them in security. But, as I said yesterday, actually implimenting a strategy based on platformization is fool hardy. Sure let the marketing team create a marketecture slide deck that pulls everything together. But don’t buy into that.
I think the massive blunder here was PANW offering lower guidance. They have misread the market and overall economy. The need for cybersecurity does not fluctuate much. It always goes up. A year of delayed or reduced spending will be followed by a scramble to retire technical debt. The bad guys do not go home when interest rates rise. PANW is probably going to beat its targets. Do not mistake that for their platform sales message actually working. It will be because they are selling good products at good prices that they succeed.
Well said. I think they are trying to be AI player via consolidated platform strategy. They have good team and if executed well PANW has opportunity to become the greatest company.
While this approach has the potential to streamline operations and improve efficiency, it's important to acknowledge the challenges faced by some high-flying networking and cybersecurity companies in the past.
One potential risk is that the need for internal justification for every new feature could lead to innovation being stifled. Striking a balance between efficiency and fostering a culture of innovation will be crucial for PANW's success.
Ultimately, the success of PANW's platform strategy will hinge on its ability to avoid decision paralysis, prioritize genuine customer conversations (CUSTOMER SUCCESS), and navigate the potential pitfalls associated with platform consolidation.
NA should not be running PANW. He has no background in Networking, cybersecurity or even managing a company of this magnitude. He drew a hefty salary at SoftBank with nothing to show for. He’s had a good run for the last 5 years, but in 4 quarters he’ll be in front of the board justifying his run. This is the beginning of the end for him.