Cisco to buy Columbia's Sourcefire for $2.7B

A marquee name in the technology industry said Tuesday that it is buying Columbia-based Sourcefire — a homegrown player in the hot cybersecurity field — for $2.7 billion cash.

Cisco Systems wants to bolster its security offerings with Sourcefire products, which protect the computers and networks of major businesses and government agencies. The Silicon Valley firm — eager to tap new talent and increase its footprint in the East Coast's major cyber hub — said Sourcefire's headquarters will remain in Columbia and it does not plan any job cuts.


Sourcefire employs more than 650 worldwide, 320 of them locally.

"We're very much looking forward to having this team continuing to innovate, continuing to grow," said Christopher Young, senior vice president of Cisco's security group. "We need this team. We need their product portfolio."


The deal comes as businesses and governments focus more and more on protecting their computer networks and data as cases of hacking and stolen data mount. There are frequent reports of data breaches and growing evidence of fresh cyber threats from hackers, criminal enterprises and foreign governments.

Cisco tops the market in network security, but its technology has fallen behind in recent years, said Rob Owens, a senior analyst at Pacific Crest Securities in Portland, Ore. Sourcefire offers cutting-edge products to a company that needs them, he said, while the much bigger Cisco can get those products to a broader customer base.

As the threats worsen, companies and governments must spend more to keep their systems safe, Owens said.

"It's a white hot field, and it's going to remain so for many years to come," he said.


The boards of both companies approved the $76-a-share deal, which San Jose, Calif.-based Cisco expects will close later this year.

The price is nearly 30 percent higher than Sourcefire's $59-a-share stock price at the market's close Monday. And the $2.7 billion price blows away a $206 million offer Sourcefire spurned in 2008.

"Definitely a very healthy valuation," said Jonathan Ho, a research analyst at William Blair & Co.

But the price — nine times higher than Sourcefire's expected revenue this year — doesn't strike him and other analysts as unreasonable for Cisco to pay.

Sourcefire is one of the leaders in detecting and preventing intrusion in computers, networks and mobile devices, with about 11 percent of the global market, according to William Blair. Cisco has a 14 percent share, just behind No. 1 McAfee.

Tech entrepreneur Martin Roesch, who started Sourcefire in his Carroll County living room in 2001, plans to remain with the merged company. Cisco said he will become vice president and chief architect of its security group.

Sourcefire's roots reach back three years before its founding, when Roesch made a network security program called Snort and put it online for free. He launched Sourcefire to develop a commercial version of the program.

Snort — downloaded nearly 4 million times— remains free and "open source," which means that a worldwide community of computer programmers can see and vet its code.

That open-source ethos made Sourcefire a tough sell to investors early on. But in recent years it's been seen as a strength — many eyes looking for holes and offering fixes, producing a harder-to-hack product even though hackers can see the code, too.

Cisco's Young told analysts Tuesday that Sourcefire's "vibrant open-source community" is part of what his company found attractive about the Columbia firm. By crowdsourcing security, Roesch was ahead of his time, Young said.

"You have my and Cisco's unwavering commitment to this community," Roesch said to open sourcers Tuesday. "Snort is now and always will be free."

Sourcefire — which has more than 2,500 customers in over 180 countries — makes its money off other products, which detect cyber threats and prevent attacks. Sourcefire's advanced malware protection, for instance, detects and blocks malicious programs that aim to burrow into computer systems and do damage from within.

Young said the anti-malware technology and Sourcefire's newest generation of products designed to prevent intrusion into computer systems will break new ground for Cisco. And where the companies' products overlap, the customer bases are largely different, he said.

Cisco — with revenues of $46 billion in its last fiscal year, compared with Sourcefire's $223 million — does a lot more than cybersecurity. It sells routers, wi-fi technology, networking services and videoconferencing products, to name a few.

But the Sourcefire acquisition speaks to Cisco's decision to make security its top priority, Young said. It's a field with ever-increasing threats.

"When this is described as a war, it's not an overexaggeration," he said. "The inability for companies, for service providers and governments to defend against this type of attack can have disastrous consequences."

That's made cybersecurity a fertile sector for Sourcefire.

The company's revenue jumped 35 percent last year. Profit was down 19 percent, to $5 million, but only because the firm plowed $8.4 million more into research and development than it did the year before.

Sourcefire's stock price, meanwhile, was hovering around a record high of $60 a share before the Tuesday offer. The deal pushed values up to $75.49 a share at the close of trading.

But a few years ago, things weren't going so well. Sourcefire lost $5.6 million in 2007, its first year as a public company.

When anti-spam firm Barracuda Networks first offered $186 million and then $206 million to buy the company in 2008, the per-share price worked out to less than the $15 investors paid in the initial public offering. Sourcefire rejected both bids.

The company did like an earlier suitor. It accepted a $225 million offer from Israeli-based Check Point Software Technologies in 2005. But concerns about foreign ownership of a company providing cybersecurity to federal intelligence agencies scuttled the deal the next year.

By waiting seven years, Sourcefire ended up with an offer 12 times larger.

Ho, the William Blair analyst, noted that the deal comes about two weeks after McAfee closed on its $389 million acquisition of firewall firm Stonesoft and a month after a private equity firm paid $1 billion for cybersecurity firm Websense.

"The theme is, the larger companies have difficulty innovating," he said. "They rely on the smaller, newer companies to come up with ideas, and then they acquire them."



Baltimore Sun reporter Steve Kilar contributed to this article.


Sourcefire over the years

1998: Martin Roesch makes a program called Snort, which "sniffs out" network hackers and viruses, available for free online.

2001: Roesch founds Sourcefire in his Carroll County living room in order to produce a commercial version of Snort.

October 2005: Check Point Software Technologies Ltd., an Israeli company, announces plans to acquire Sourcefire for $225 million.

March 2006: Check Point abandons the acquisition after a federal panel begins investigating the deal. Federal officials opposed the acquisition, fearing it could result in the exposure of the government's network practices.

October 2006: Sourcefire applies to list its common stock on Nasdaq under the ticker symbol FIRE.

March 2007: Sourcefire's stock debuts and closes at $15.49, up 3.2 percent over the IPO price.

February 2008: CEO E. Wayne Jackson III announced his departure from the company after fourth-quarter profit dropped 59 percent.

June 2008: Barracuda Networks Inc. offers to buy Sourcefire for $206 million. Sourcefire rebuffs the bid.

July 2013: Cisco announces it is acquiring Sourcefire for $2.7 billion.

Source: Baltimore Sun archives