Just how cheaply might one pick up an Internet security firm once valued at $7.2 billion? For those that might be interested, it's all a question of timing.
Irish e-security vendor Baltimore Technologies seems to be a strong takeover target, following three profit warnings this year and the recent resignation of CEO Fran Rooney. Baltimore's share price, which has fallen more than 90% since early last year, surged on reports of an approach from privately held encryption specialist Chantilley Corporation last week, and then slumped back to under 0.30 pounds after Baltimore announced it had rejected the offer.
Chantilley was not offering any cash, which is what Baltimore needs after an aggressive acquisition spree last year. The company had just 54 million pounds left in the bank at the end of its last quarter, during which it burned through 24 million in cash. Analysts estimate that Baltimore needs at least another 20 million on top of the anticipated savings from current cost-cutting efforts.
More feasible are rumors of a takeover by a large software firm like Computer Associates. Baltimore, though, denies newspaper reports it has entered formal talks with CA. CA's current marketing pitch is all about using software agents to manage e-business infrastructure, and e-security is an area CA has identified as key to its future sales strategy. CA's current public key infrastructure (PKI) product - a method of securing Internet transactions and communications by using cryptography - only covers communications inside an organization. CA has gone on record as saying it will look at the opportunities in business-to-business PKIs when that market develops sufficiently, and most industry analysts believe it eventually will. Market analyst Datamonitor predicts that global investment in PKI products and services will grow from $436 million in 2000 to $3.4 billion in 2006.
But the financial markets would be unlikely to react favorably to such a move from CA. The firm has acquired a great deal already, and has had enough problems organizing the 1,000 or so IT products it currently has in its portfolio. Also, CA receives 90% of its revenues from products, as opposed to services, and would have to undergo a major reorganization to develop the expertise to implement and install outward-facing PKI systems.
Similar reports of a possible takeover by software giant Microsoft might seem even less likely. After all, Microsoft has its own proprietary PKI system which it includes in Outlook, and it recently agreed a partnership with VeriSign to embed PKI digital certificates in products that are part of Microsoft's forthcoming .Net Web services initiative. Baltimore, though, has an e-security product portfolio that covers more than just the issuance of digital certificates. These could help with Microsoft's current poor reputation for Web security. Microsoft took a good look at Baltimore's technology as part of the process to make it Windows 2000 compliant.
Internet security firms Check Point and Network Associates have also been mentioned as possible buyers for Baltimore. Check Point, though, is profitably focused on out-of-the-box firewall products, and Network Associates uses the PGP (Pretty Good Privacy) encryption standard, which conflicts with the S-Mime standard used by other vendors, including Baltimore.
The main reason a merger with a large software house like CA or Microsoft is cited as beneficial for Baltimore is that either company could take a lot of the costs out of Baltimore's business in a comparatively short time. Because 63% of Baltimore's operating costs are related to sales and marketing, a large IT firm with its own sales force could make Baltimore profitable within a year. These companies could also sell directly into existing installed bases and negotiate PKI deals directly with corporate boards.
So will anyone buy? Baltimore's market cap is under 150 million pounds at current prices, and some investors are said to be desperate for a buyer to rescue them. Still, it is very unlikely that anyone will buy a failing company before it has completed a restructuring program. Baltimore will announce its second-quarter results and the outcome of its restructuring efforts next month. It would appear to be then that any large suitor will make a move.
The challenge in buying Baltimore will be to turn the Irish firm into a far more services-focused organization. PKI vendors like Baltimore, Entrust and VeriSign are finding they can't compete on technology anymore, because many customers use more than one PKI supplier, and common standards are becoming necessary to sell PKI products. PKI security, like many other IT sectors, is becoming a market in which participants will have to compete on the services they offer and how easy they are to use. This is why PKI service provider VeriSign is beating out competitors in the current environment.
the451 (www.the451.com) is an analyst firm that provides timely, detailed and independent analysis of news in technology, communications and media. To evaluate the service click here.