John Katsaros

Today Websense announced its plans to acquire information leak prevention vendor Port Authority, a few months after having announced an OEM partnership with the company.  We've previously discussed Websense's desires to increase its portfolio of security product offerings so its move into the content inspection market isn't surprising.  In 2006 we produced several reports covering the content inspection market.  So far, this market has proved to be a disappointment to investors as the products in this space haven't been barnburners as, for instance, were the spam appliances when that market was taking off.  It's been our view that the first generation of content analysis products didn't provide enough value and, to do so, would require much more comprehensive capabilities and integration within the infrastructure.  Plus, the expansion of existing product functionality such as what's happening with Exchange 2007 and its feature packed content inspection capabilities would reshape customer content inspection demands.  So it's not surprising that after many years of being in startup mode and $23M of venture investment, Port Authority's investors would choose the acquisition route - $90M in cash makes a pretty good return on this investment.  We've counted over 30 startups in this arena, most with a combination of interesting technology and disappointing market performance.  It's likely that this acquisition may kick off a series of actions by other big security players to go shopping for content inspection functionality which they can infuse into their product lines and investors, having learned the long term difficulties in this space, will be pleased to get out.

Speaking of EMC, it's worth checking out their recently announced product -- Infoscape.  It's a content analysis product that discovers and classifies documents in an enterprise's infrastructure.  That sounds simple enough but can be a difficult problem for even a mid sized company.  It's a product that answers the questions -- "What do we know, Where do we keep it and how we protect it?"  It's an interesting start for EMC in an interesting market.

In a deal that looks strangely like a mid-term exam question from an MIT accounting class, Secure Computing announced their intent to acquire CipherTrust.  From 50,000 feet the deal looks sensible. The companies have related business. CipherTrust accretively adds a lot of revenue to Secure and they only end up paying 15% of the equity to do that. But as you start to look closer at this acquisition, you start to wonder what they're collectively thinking -- clearly the financial community is wondering that, especially since Secure's prior acquisition of CyberGuard hasn't yet delivered.  The deal is $183M in cash ($70M in cash and $113M in new debt) -- we can see Greylock and the other VC's smiling on the way to the bank -- and then 10M shares of Secure Computing stock (which will represent roughly 15% of the combined company). It's hard to calibrate exactly what the market thought of the deal because on the same day Secure announced that they had seriously missed their quarterly targets. The resulting 34% haircut took more than the $183M out of the market cap while giving no obvious benefit to the acquisition. (So basically Secure Computing is valued Thursday at $279M after, the day before paying $270M plus for this acquisition which sounds a little unusual.)  CipherTrust has always been an enthusiastic user of momentum financial releases that sounded great but actually had no new facts. At least now we'll be able to paw through their financials in gory detail.  Secure has had its recent difficulties in the market.  Now their next hurdle will be to get shareholder approval for this transaction.