Integrative research means our extensive company research informs every thesis and perspective. The result is deep industry knowledge, expertise, and trend insights that yield valuable results for our partners and clients.

About the Author:
Howard Smith
Managing Director
Howard Smith has nearly three decades of experience at First Analysis, working with entrepreneurs as an investor and as an advisor on growth transactions to help build leading technology businesses. He leads the firm’s work in the Internet of Things, cybersecurity, and internet infrastructure sectors. He also built the firm's historical franchises in call centers and computer telephony. His thought-leading research in these areas has been cited for excellence by the Wall Street Journal and other publications. He serves on the boards of AppDetex, Fortress Information Security, VisiQuate and ObservIQ. Prior to joining First Analysis in 1994, he was a senior tax consultant with Arthur Andersen & Co. He earned an MBA with honors from the University of Chicago and a bachelor’s degree in accounting with highest honors from the University of Illinois at Urbana-Champaign. He is a certified public accountant.
First Analysis Cybersecurity Team
Howard Smith
Managing Director
Matthew Nicklin
Managing Director
First Analysis Quarterly Insights
Demand accelerates in 2021, notably strong growth at larger firms
April 1, 2022
  • We present our annual analysis of publicly traded, enterprise-focused cybersecurity firm performance. We highlight that 2021 revenue grew 27%, a notable acceleration from 2020's 19.8% growth and 2019's 20.3% growth, and that actual 2021 revenue exceeded initial guidance by an average 7% and a median 6%, suggesting robust overall demand has only increased.
  • We also highlight the emergence of two giants in the cybersecurity sector, something that hasn't happened previously in the sector's history. Fortinet (FTNT) and Palo Alto Networks (PANW) have accomplished what competitors in the past failed to do: successfully extend their offerings to new growth areas and thereby grow above industry-average rates at massive scale.
  • With this change, the cybersecurity market structure is for the first time beginning to look more like many other software markets, where a few megacap leaders dominate and many smaller players fill emerging voids.
  • We examine the correlations between top- and bottom-line outperformance and stock price performance and believe they indicate cybersecurity investors are still more focused on top-line growth than bottom-line metrics.
  • Our analysis of one-, three-, and five-year cybersecurity stock performance through March 28, combined with other elements of our sector analysis, points to prospects for the group to outperform the broader indexes over longer time frames than we've seen historically.


Includes discussion of CHKP, CRWD, CSCO, CYBR, FTNT, MIME, NET, OKTA, OSPN, PANW, S, SCWX and ZS

How we looked at the market

Revenue growth suggests demand accelerated

Demand strong, growth accelerating

Cloud continues to shine

Revenue guidance outperformance also points to strong demand

Connection between EPS guidance and stock performance less clear in 2021

See prospects for sustained cybersecurity stock outperformance

Cybersecurity index continues to outpace S&P 500 and Nasdaq

Q1 cybersecurity M&A activity declines from Q4 surge

Q1 cybersecurity private placement pace within recent range

How we looked at the market

This report presents our annual analysis of publicly traded, enterprise-focused cybersecurity firm performance. Unlike our previous annual analyses published in December, which relied on preliminary indications of full-year performance, the late-March timing this year enables us to include final results for companies with a Dec. 31 fiscal year and those with a Jan. 31 fiscal year, which we treat as 2021 in our analysis.

To be included in this year's analysis, companies had to be listed on a U.S. exchange, have most-recent year revenue greater than $100 million, derive the vast majority of their business from supplying cybersecurity solutions to businesses and government customers (not consumers), and have been public for all of 2021. Relative to our most recent annual analysis in December 2020, we have removed three companies that were acquired during the year: McAfee, Proofpoint and Zix. In addition, due to the mid-year sale of Mandiant's (MNDT, formerly FireEye) products division, we exclude Mandiant from our revenue growth and guidance analysis, as its original 2021 guidance included this divested division. Consistent with our focus on business-to-business companies, we again exclude consumer-focused cybersecurity companies such as NortonLifeLock (NLOK).

To access the full report, please provide your contact information in the form below. A First Analysis representative will follow up with you shortly. Thanks for your interest in First Analysis research.
First Name required!
Last Name required!
Email required!
Industry required!
Unfortunately, your request to access the complete report has failed.

Please check the contact information you have entered.

If the form submission failure persists, please contact Person at (xxx) xxx-xxxx to handle your request. Thank you.
©2024 by First Analysis Corporation.
One South Wacker Drive
Suite 3900
Chicago, IL 60606