Palo Alto Networks surpassed Cisco to become the largest network security vendor in 2020
Listen to or download the associated podcast
Palo Alto Networks’ revenue increased to USD3.8 billion in 2020, representing year-on-year growth of 21%, and making it the largest network security vendor in terms of revenue, surpassing Cisco. However, much of Palo Alto Networks’ revenue growth in 2019 and 2020 was inorganic. Fortinet’s performance was also strong in 2020 – 20% year-on-year revenue growth, and most of it organic. Of the four vendors analysed in this article, Fortinet was arguably the star performer in 2020. Telecoms operators also rated Fortinet as the best security vendor for the small and medium-sized business (SMB) market in Analysys Mason’s 2020 survey of 34 operators worldwide.
The data presented in this article is also available in Analysys Mason’s Cyber-security vendors’ revenue tracker.
Palo Alto Networks’ revenue continues to rapidly grow as a result of numerous acquisitions
Palo Alto Networks’ quarterly revenue exceeded USD1 billion for the first time in the quarter to 31 January 2021. The CAGR of its revenue during 2015–2020 is also significantly higher than those of its main competitors (see Figure 1). Palo Alto Networks’ sustained strong revenue growth has been supported by significant investment in sales and marketing activities, as well as 12 acquisitions since the beginning of 2018 (on which the vendor spent nearly USD3.5 billion). The acquisitions varied in size – six were under USD200 million, four were over USD200 million but under USD500 million and two were over USD500 million.
The vendor’s acquisition approach has been to diversify – for example, the companies that Palo Alto Networks acquired specialised in the fields of:
- software-defined wide-area networking (SD-WAN) and secure-access service edge (SASE) (CloudGenix)
- IoT security (Zingbox)
- endpoint detection and response (EDR) (Secdo)
- container security (Twistlock)
- security orchestration, automation and response (SOAR) (Demisto)
- public cloud infrastructure security (Evident.io and RedLock).
Figure 1: Annual revenue of the four market-leading network security vendors (‘security revenue’ in the case of Cisco), 2015–20201
Source: Analysys Mason
Cisco’s and Fortinet’s approaches to cyber-security acquisitions were different from that taken by Palo Alto Networks
Cisco was the largest player in the network security market for many years before 2020. Like Palo Alto Networks, it spent a significant amount of money (roughly around USD2.4 billion) on acquisitions in 2018 and 2019. However, unlike its competitor, Cisco spent most (USD2.35 billion) of this money on one company – Duo Security. This acquisition enabled Cisco to markedly expand its capabilities in identity and access management, one of the fastest-growing areas of network security business spend.
Fortinet made six acquisitions during 2018, 2019 and 2020, but it just spent under USD100 million on these. It has focused on smaller-scale deals with minimal execution risk. However, similarly to Palo Alto Networks, the technology that Fortinet obtained through these acquisitions has allowed it to expand capabilities in the fields of EDR, SOAR and SASE.
Check Point remains highly profitable, and Fortinet is catching up
Check Point has a long history of being profitable, unlike Palo Alto Networks and Fortinet. Check Point’s strategy is focused on profitability and stability rather than growth – it has consistently spent around 25% of its revenue on sales and marketing activities and around 10% on R&D activities, and it generated a net profit equal to over 40% of its annual revenue.
However, Check Point’s R&D expenditure is lower than that of Fortinet and Palo Alto Networks, both in absolute terms and as a percentage of its revenue (see Figure 2), and it risks being outpaced on innovation. Fortinet’s revenue and net profit are growing significantly more quickly than Check Point’s.
Palo Alto Networks continues to generate losses, unlike Check Point and Fortinet. Its accumulated deficit surpassed USD1.4 billion in the quarter to 31 January 2021, and its annual net loss more than doubled in 2020.2 However, Palo Alto Networks is the most growth-focused of the vendors discussed in this article – it spent by far the most money on acquisitions in recent years, and it spent more on sales and marketing and R&D in absolute terms in 2020 than Check Point and Fortinet combined.
Figure 2: Selected financial and operational metrics for Check Point, Fortinet and Palo Alto Networks, calendar year 20203
(year ending 31 December 2020)
(year ending 31 December 2020)
Palo Alto Networks
(year ending 31 January 2021)
|Revenue (year-on-year increase)||USD2.06 billion (+3.5%)||USD2.59 billion (+20%)||USD3.78 billion (+21%)|
|R&D expenditure (percentage of revenue)||USD253 million (12%)||USD341 million (13%)||USD916 million (24%)|
|Sales and marketing expenditure (percentage of revenue)||USD570 million (28%)||USD1072 million (41%)||USD1596 million (42%)|
|Operating profit (loss)||USD882 million||USD532 million||(USD208 million)|
|Net profit (loss)||USD847 million||USD489 million||(USD368 million)|
|Deferred revenue (percentage of revenue)||USD1.48 million (69%)||USD2.61 billion (100%)||USD4.16 billion (110%)|
|Number of employees (year-on-year increase)||5198 (+1%)||8238 (+16%)||9038 (+18%)|
Source: Analysys Mason
Palo Alto Networks will continue to face the challenge of integrating the different businesses that it purchased and keeping its organic revenue growth rate up, while improving profitability. Unlike Palo Alto Networks, Check Point is possibly too cautious with its approach – the portfolio expansions of Fortinet and Palo Alto Networks represent a real threat. Fortinet is now consistently profitable, which is a major milestone, and it needs to make sure that it keeps up with the pace of change in the market. Cyber security is not the core of Cisco’s business (it accounted for around 7% of its total revenue in 2020), but it has the potential to account for a much higher share of Cisco’s revenue. Changes in working patterns caused by the COVID-19 pandemic present Cisco with the opportunity to tie its cyber-security solutions more closely to its networking, collaboration and cloud products.
1 The chart is based on calendar years rather than financial years. Check Point’s and Fortinet’s financial years coincide with the calendar year, while Cisco’s and Palo Alto Networks’ do not. February is taken to be the starting month of their calendar years here.
2 Accumulated deficit: the sum of Palo Alto Networks’s net losses since its inception.
3 Cisco is excluded from this table because it reports a more limited set of metrics related to its cyber-security business.