The cybersecurity sector has come under pressure over the last couple of days following Microsoft’s introduction of a secure web gateway solution (SWG) called Entra, that complements the Tech giant’s leading franchise in identity/access management and extended detection and response (XDR).
SWG – which is one of the main components of Gartner’s defined Secure Access Service Edge (SASE) concept – protects PCs from the Web by filtering URLs, detecting malware, and controlling web-based applications among others. The relentless growth and exponential penetration of cloud-based computing has been making SWG solutions compulsory for corporates of any size and governments and some cybersecurity companies, like Zscaler and Cloudflare, have rushed into this booming market (45%+ revenue growth for both of them) and totally focused their business models on it.
Unsurprisingly, Microsoft’s announcement triggered a little panic-selling in SASE-related cybersecurity names which dropped between 5% and 10%, a reaction we view as overdone. Indeed, mid to large enterprises are usually operating in a hybrid (on-premise+cloud) and/or multi-cloud (e.g. Azure+AWS+Oracle+Google…) environment to avoid vendors lock-in. While the pure players (especially Zscaler) are mainly addressing this segment, Microsoft’s Entra will only be available, for the moment, to Microsoft 365 users, hence leaving aside the many other cloud-based apps commonly found in a multinational corporate environment (Saleforce’s CRM, Workday’s HR suite, ServiceNow’s IT management platform…). This suggests that the risk to revenue will be limited to small businesses that only have Microsoft as a cloud provider.
That being said, the Microsoft initiative is another illustration that Tech giants keep making a major push in cybersecurity as building comprehensive security offerings will allow them to differentiate their cloud services from rivals. As cloud computing is relentlessly eating away corporate on-premises infrastructures, IT security, which was stacked on existing infrastructure and provided by niche players specialized in firewalls, email security or identity and access management, is now increasingly being delegated to hyperscalers (Amazon AWS, Google Cloud, Microsoft Azure…) which must offer top-notch, cloud-native cybersecurity solutions in order to attract and retain the most demanding customers.
For the cybersecurity pure players, the implications from Big Tech’s growing presence in cybersecurity are two-fold. In the short term, they could attract M&A interest from Tech giants seeking to fill holes in their product offering or, at least, land commercial partnerships with them. Indeed, Microsoft, Google and cloud peers have massive M&A ammo, can afford high price multiples for businesses that have strategic importance and are unlikely to face antitrust concerns as the cybersecurity industry is highly fragmented. The smooth takeover of Mandiant by Google in 2022 and the 57% premium paid are telling.
But longer term, cybersecurity pure players could be at risk of being marginalized in an industry dominated by giants should they fail to strike partnerships or M&A deals.