Cyber-security vendors’ revenue is growing steadily, helped by acquisitions and strong demand

The revenue of major cyber-security vendors grew at an average rate of 15% in 2018, largely due to acquisitions and the strong demand for cyber-security services. However, this revenue growth was far from uniform; for example, Splunk’s revenue grew by 37.7%, while Symantec registered only 0.3% revenue growth. Revenue Europe and Asia grew faster than that from North America, and revenue generated through subscriptions grew faster than that from products and hardware. This explains the large variation in revenue growth to some extent.

This article explores the trends in the revenue generated by leading cyber-security vendors and selected telecoms operators that compete in the cyber-security space. It draws upon Analysys Mason’s Cyber-security vendors’ revenue tracker.

All of the leading cyber-security vendors are experiencing revenue growth, albeit at very different year-on-year rates

The average year-on-year (YoY) revenue growth rate for the ten cyber-security vendors shown in Figure 1 was 15% in 2018. The three telecoms operators that report security revenue achieved higher year-on-year revenue growth rates than some of the vendors shown, but did so from relatively small bases.

Figure 1: Revenue generated by the major cyber-security vendors and security revenue generated by telecoms operators, 2017 and 2018

Source: Analysys Mason, 2019

Symantec, the largest cyber-security vendor in Figure 1 (in terms of revenue), had the lowest revenue growth rate of the players included in this article at just 0.3% in 2018. This was due to a decline in its ‘Enterprise Security’ sales; revenue from this segment decreased by 12.1% (from 54.9% to 49.5% of the vendor’s total revenue). Conversely, its ‘Consumer Digital Safety’ revenue increased by 9.1% YoY in 2018. Symantec announced plans to cut around 8% of its global workforce due to this slow-down in sales to business customers.

Splunk, on the other hand, achieved the highest revenue growth rate of the vendors shown in Figure 1 at 37.3% in 2018. Splunk is focused on security information and event management (SIEM), as well as the monitoring and analysis of IT operations and IoT device data, and it increased its total number of customers from around 15 000 to over 17 500 in 2018. It also acquired Phantom, a security orchestration, automation and response (SOAR) specialist, and VictorOps, a company focused on collaborative incident management. Splunk’s approach to working with channel partners, including managed service providers (MSPs), systems integrators, resellers and professional services firms, was a major contributor to its revenue growth in 2018. Splunk’s partner bookings increased by 63% YoY and its channel partners brought in 76% of the new customers. The vendor’s focus on expanding its product portfolio and updating its existing products also resulted in an increase in average customer spend in 2018.

IBM and Palo Alto Networks, the second- and third-largest cyber-security vendors in Figure 1 (in terms of revenue), also achieved high revenue growth rates in 2018. IBM’s security revenue benefited from a strong growth in demand for the vendor’s SIEM (QRadar) and SOAR (Resilient) offerings, following the company’s acquisition of Resilient Systems for a reported USD100 million in 2016. The main revenue growth engines for Palo Alto Networks are acquisitions and cross-selling. The vendor acquired three companies in 2018 and a further three in 2019 (as of June), for a total of around USD1.6 billion. Palo Alto Networks was initially focused on firewalls, but in recent years, it has expanded its portfolio to cover various other enterprise security fields, including endpoint, public cloud and SaaS security. This, helped by the vendor’s acquisitions which brought in some of this expertise and a number of customers, created cross-selling opportunities that are being exploited.

The cyber-security revenue of all three telecoms operators featured in Figure 1 grew in 2018; Orange and Telefónica achieved double-digit growth rates. Telefónica’s revenue grew the most quickly (and from the largest base) out of all three operators and has continued to grow in 2019. In 1Q 2019, it grew by 34.6% YoY on the back of the opening of a new security operations centre in the UK and the sustained increase in the number of business customers. We expect that Orange will roughly double its security revenue in 2019 as a result of its acquisitions of SecureData and SecureLink. These acquisitions will also accelerate the implementation of the operator’s strategy to become a pan-European leader in cyber security. Singtel’s security revenue growth rate was relatively low at 4.1% in 2018, but the demand for the operator’s managed security services was strong, particularly in the Asia–Pacific region. Its security revenue suffered from the continued decline in demand for Trustwave’s legacy payment card industry data security solutions, which are facing commoditisation.

Upon reviewing the detail of the cyber-security vendors’ revenue landscape, we can see the following trends.

• Revenue from Europe, the Middle East and Africa (EMEA) typically grew the fastest in 2018, outpacing that from Asia–Pacific and North America. For the vendors that report their regional revenue splits, revenue from EMEA grew by 19% on average, compared to 15% for that from Asia–Pacific and 10% for that from North America.

• Revenue from subscriptions (sometimes including licences) grew by 30% on average in 2018; this represents a much faster growth rate than was seen for revenue from products and hardware. Palo Alto Networks had the highest reported subscription revenue of the vendors tracked, and this grew by 30.7% in 2018.

• No clear trend emerged on the split of revenue between business and consumer security products/services. For example, F-Secure’s ‘Corporate Security’ revenue grew by 32.8% in 2018 to form the majority of the company’s total revenue (just over 50%), while its ‘Consumer Security’ revenue decreased by 2.6% in the same period. Avast and Symantec saw the opposite trend, while revenue from both the business and consumer customer segments grew for Trend Micro in 2018. These results were mainly influenced by the individual offerings from each vendor, and the geographies that were primarily served.

The full details of the tracked revenue of the cyber-security vendors that are mentioned in this article are available in Analysys Mason’s Cyber-security vendors' revenue tracker.