Summer Savings! Get unlimited digital access for 13 weeks for $13.
Business
Business

Cisco to buy Columbia's Sourcefire for $2.7B

A marquee name in the technology industry said Tuesday that it is buying Columbia-based Sourcefire — a homegrown player in the hot cybersecurity field — for $2.7 billion cash.

Cisco Systems wants to bolster its security offerings with Sourcefire products, which protect the computers and networks of major businesses and government agencies. The Silicon Valley firm — eager to tap new talent and increase its footprint in the East Coast's major cyber hub — said Sourcefire's headquarters will remain in Columbia and it does not plan any job cuts.

Sourcefire employs more than 650 worldwide, 320 of them locally.

"We're very much looking forward to having this team continuing to innovate, continuing to grow," said Christopher Young, senior vice president of Cisco's security group. "We need this team. We need their product portfolio."

The deal comes as businesses and governments focus more and more on protecting their computer networks and data as cases of hacking and stolen data mount. There are frequent reports of data breaches and growing evidence of fresh cyber threats from hackers, criminal enterprises and foreign governments.

Cisco tops the market in network security, but its technology has fallen behind in recent years, said Rob Owens, a senior analyst at Pacific Crest Securities in Portland, Ore. Sourcefire offers cutting-edge products to a company that needs them, he said, while the much bigger Cisco can get those products to a broader customer base.

As the threats worsen, companies and governments must spend more to keep their systems safe, Owens said.

"It's a white hot field, and it's going to remain so for many years to come," he said.

The boards of both companies approved the $76-a-share deal, which San Jose, Calif.-based Cisco expects will close later this year.

The price is nearly 30 percent higher than Sourcefire's $59-a-share stock price at the market's close Monday. And the $2.7 billion price blows away a $206 million offer Sourcefire spurned in 2008.

"Definitely a very healthy valuation," said Jonathan Ho, a research analyst at William Blair & Co.

But the price — nine times higher than Sourcefire's expected revenue this year — doesn't strike him and other analysts as unreasonable for Cisco to pay.

Sourcefire is one of the leaders in detecting and preventing intrusion in computers, networks and mobile devices, with about 11 percent of the global market, according to William Blair. Cisco has a 14 percent share, just behind No. 1 McAfee.

Tech entrepreneur Martin Roesch, who started Sourcefire in his Carroll County living room in 2001, plans to remain with the merged company. Cisco said he will become vice president and chief architect of its security group.

Sourcefire's roots reach back three years before its founding, when Roesch made a network security program called Snort and put it online for free. He launched Sourcefire to develop a commercial version of the program.

Snort — downloaded nearly 4 million times— remains free and "open source," which means that a worldwide community of computer programmers can see and vet its code.

That open-source ethos made Sourcefire a tough sell to investors early on. But in recent years it's been seen as a strength — many eyes looking for holes and offering fixes, producing a harder-to-hack product even though hackers can see the code, too.

Cisco's Young told analysts Tuesday that Sourcefire's "vibrant open-source community" is part of what his company found attractive about the Columbia firm. By crowdsourcing security, Roesch was ahead of his time, Young said.

"You have my and Cisco's unwavering commitment to this community," Roesch said to open sourcers Tuesday. "Snort is now and always will be free."

Sourcefire — which has more than 2,500 customers in over 180 countries — makes its money off other products, which detect cyber threats and prevent attacks. Sourcefire's advanced malware protection, for instance, detects and blocks malicious programs that aim to burrow into computer systems and do damage from within.

Young said the anti-malware technology and Sourcefire's newest generation of products designed to prevent intrusion into computer systems will break new ground for Cisco. And where the companies' products overlap, the customer bases are largely different, he said.

Cisco — with revenues of $46 billion in its last fiscal year, compared with Sourcefire's $223 million — does a lot more than cybersecurity. It sells routers, wi-fi technology, networking services and videoconferencing products, to name a few.

But the Sourcefire acquisition speaks to Cisco's decision to make security its top priority, Young said. It's a field with ever-increasing threats.

"When this is described as a war, it's not an overexaggeration," he said. "The inability for companies, for service providers and governments to defend against this type of attack can have disastrous consequences."

That's made cybersecurity a fertile sector for Sourcefire.

The company's revenue jumped 35 percent last year. Profit was down 19 percent, to $5 million, but only because the firm plowed $8.4 million more into research and development than it did the year before.

Sourcefire's stock price, meanwhile, was hovering around a record high of $60 a share before the Tuesday offer. The deal pushed values up to $75.49 a share at the close of trading.

But a few years ago, things weren't going so well. Sourcefire lost $5.6 million in 2007, its first year as a public company.

When anti-spam firm Barracuda Networks first offered $186 million and then $206 million to buy the company in 2008, the per-share price worked out to less than the $15 investors paid in the initial public offering. Sourcefire rejected both bids.

The company did like an earlier suitor. It accepted a $225 million offer from Israeli-based Check Point Software Technologies in 2005. But concerns about foreign ownership of a company providing cybersecurity to federal intelligence agencies scuttled the deal the next year.

By waiting seven years, Sourcefire ended up with an offer 12 times larger.

Ho, the William Blair analyst, noted that the deal comes about two weeks after McAfee closed on its $389 million acquisition of firewall firm Stonesoft and a month after a private equity firm paid $1 billion for cybersecurity firm Websense.

"The theme is, the larger companies have difficulty innovating," he said. "They rely on the smaller, newer companies to come up with ideas, and then they acquire them."

jhopkins@baltsun.com

twitter.com/jsmithhopkins

Baltimore Sun reporter Steve Kilar contributed to this article.

Sourcefire over the years

1998: Martin Roesch makes a program called Snort, which "sniffs out" network hackers and viruses, available for free online.

2001: Roesch founds Sourcefire in his Carroll County living room in order to produce a commercial version of Snort.

October 2005: Check Point Software Technologies Ltd., an Israeli company, announces plans to acquire Sourcefire for $225 million.

March 2006: Check Point abandons the acquisition after a federal panel begins investigating the deal. Federal officials opposed the acquisition, fearing it could result in the exposure of the government's network practices.

October 2006: Sourcefire applies to list its common stock on Nasdaq under the ticker symbol FIRE.

March 2007: Sourcefire's stock debuts and closes at $15.49, up 3.2 percent over the IPO price.

February 2008: CEO E. Wayne Jackson III announced his departure from the company after fourth-quarter profit dropped 59 percent.

June 2008: Barracuda Networks Inc. offers to buy Sourcefire for $206 million. Sourcefire rebuffs the bid.

July 2013: Cisco announces it is acquiring Sourcefire for $2.7 billion.

Source: Baltimore Sun archives

Copyright © 2015, The Baltimore Sun
Related Content
  • Sourcefire CEO retires as he fights colon cancer

    John C. Burris led cybersecurity firm since 2008

  • Baltimore People on the Move archive

    Baltimore People on the Move archive

    Readers submit photos and information on employees who have recently been promoted, hired or honored at area businesses. Select photos will be published in the Maryland Business section of Tuesday editions of The Baltimore Sun. Caption size is limited and only photos are accepted in this feature....

  • Health Professionals on the Move archive

    Health Professionals on the Move archive

    Readers submit photos and information on medical professionals who have recently been promoted, hired or honored. Select photos will be published in the Health and Medicine section of Sunday's edition of The Baltimore Sun. Caption size is limited and only photos are accepted in this feature. Submit...

  • Jobs in Health

    Jobs in Health

    Learn about the wide variety of careers in the health-care field in the words of local professionals. Also see the latest hirings and promotions at Health Professionals on the Move.

  • Sagamore to use Aquarium land in Port Covington

    Sagamore to use Aquarium land in Port Covington

    Kevin Plank's Sagamore Development Co. can use land owned by a unit of the National Aquarium in Port Covington for a planned technology incubator nearby, under a new agreement.

  • Emails reveal concerns, offers of help from business leaders after unrest

    Emails reveal concerns, offers of help from business leaders after unrest

    The morning after the city broke out in riots on April 27, T. Rowe Price Group CEO James A.C. Kennedy sent an email to Baltimore Deputy Mayor Colin Tarbert. Attached were two tweets, one calling for protests at T. Rowe and other major downtown businesses, and another saying "imagine if" rioters...

Comments
Loading
88°