Guillaume Letourneur

🐐 Are Palo Alto and Nikesh Arora the GOAT acquirers in cybersecurity? What can we learn from their M&A strategy? June 2018, I remember sitting in the audience as Nikesh Arora was introduced to investors as Palo Alto’s next CEO. Palo Alto’s market cap was $19B, modestly bigger than firewall competitor Check Point at $16B. Since then, Palo Alto has made 18 acquisitions and spent over $4B on M&A. In the last 5 years, acquisitions have become more frequent, larger, and cover more strategic areas beyond network security (including the $325M acquisition of @felicis company @dig_security for data security). Palo Alto recently crossed $100B in market cap and expects to hit $8B revenue this year - milestones that few software companies have achieved. All while Check Point $CHKP remains at a $19B market cap, having spent ~$1B on 9 acquisitions (half of that $1B was the recent Perimeter 81 deal). Sound M&A and Arora’s foresight solidified @PaloAltoNtwks leadership in its core network security market while also expanding to lead new categories like Cloud, SecOps and more. It will go down as a great case study, and there is a lot for VCs and investors to learn from closely tracking Palo Alto’s M&A strategy: 💰 Lesson 1: Cybersecurity M&A is rarely over $1B: Palo Alto is the biggest acquirer (ex Cisco) and has never spent over $1B. Over the last 15 years, peers like Crowdstrike $CRWD Fortinet $FTNT Check Point, Proofpoint have never spent over $500mn on a deal. 📈 Lesson 2: Their M&A forecasted big new markets: Palo Alto made three of its largest acquisitions in 2018-19—Redlock, Evident, and Twistlock—all in Cloud Security. Wiz wasn’t founded until 2020. The deal activity showed potential for Cloud as a new standalone category. 🏆 Lesson 3: Arora’s fearless M&A and conviction won: In a market like cybersecurity, where innovation moves particularly fast, organic development only takes you so far. It’s clear Arora identified where the market was going and made acquisitions for quality assets without fear. 🌱 Lesson 4: M&A as a source for new startups: Across the 14 largest acquisitions, 6 teams are still at Palo Alto. The other 8 had at least 1 founder go on to start a new cybersecurity company. 🧩 Lesson 5: Identifying targets is half the battle: The next challenge is integration. Investors are clearly supporting Arora’s strategy, and discussion now shifts to enhanced integration as the next act. Any big acquirer has to avoid becoming a “Frankenstein” product. ❓ What’s Next? In cybersecurity, you’re either expanding your platform or losing the market, so there’s more to come. Bigger swings in new markets like Identity, DevOps, and Email may come when the time is right. Near-term, priorities are likely AI Security and Data Ingestion/SIEM (similar to $ZS acquiring Avalor) for $PANW to better aggregate the signals across the portfolio and improve its XDR position. 🎉 Cheers to @nikesharora @danbenjamin_il @jakestorm_ on the Dig deal and to the next $100B in market cap.

$PANW Palo Alto Networks CEO Nikesh Arora shared some great insights in a recent interview. My summary: Bold Leadership Decisions: "It was a pretty unique board at Palo Alto which made the decision to go multiple standard deviations away from the norm." "Most boards are thought to be down the middle, look for experience, try not to rock the boat." "(Most) Boards are designed because of all the governance we have in place, all the fiduciary stuff that kicks in, you're actually risk minimizing all the time." Startup Acquisitions Strategy: "We looked at 600 to get there... you find the right company, you find at the right price, you find the right team." "There is a reason somebody is number one and best, and you just don't give enough credit to it." "It's not just about acquiring a product, you're actually acquiring a team that works well, is cohesive, and has a differentiated product vision." Balancing Product with Sales and Marketing: "Silicon Valley spends way too much time overemphasizing product and not thinking about marketing and storytelling." "There's a balance you have to strike when you're trying to break into a market." "People spend a lot of time and money trying to figure out how to get you to experience the product." Managing Large Teams Effectively: "If you're not learning in your job, if you're not picking stuff up, you're not intellectually curious, I think it makes for a horrible career." "You have to keep things simple, you have to communicate a lot more, you have to be consistent." "People Model Behavior of leadership; it's not just what you say, it's what you do." Hiring Based on Competence, Passion, and Relatability: "We start with competence, passion, and the ability to relate to people." "My first job out of college was with no domain expertise." "The question is, what skills are needed for the job? What proportion do you bring with you, and what do you learn on the job?" Embracing AI in Cybersecurity: "We're sitting and reviewing where we are on a weekly basis because the market changes every week." "There's always a new thing in cybersecurity; it is a constantly changing field because it follows technology." Invite 150 speakers in AI to PANW per week. Product Leadership in the CEO Role: "No tech company became great because of a great business guy; they became great because of great product people." "To be a good tech CEO, you've got to be domain aware, domain savvy." "Product obsession is extremely important, especially in tech." Cybersecurity as a Mission-Driven Field: "You're fighting the good fight; you're protecting businesses from bad actors." "We're trying to make sure that businesses can go on and do what they need to do." "Cybersecurity was about protecting businesses and individuals from cyber threats." Career Path and Adaptability: "Just make sure what you take on as a role is something you can see yourself doing for a long period of time." "Being truthful to yourself, understanding what you're going to enjoy, what your skills are, what do you bring to the table, can you make something really good out of it." "You have to be able to look back and say, 'I made good decisions.'"

At Google 2004, I evangelized the Internet to CEOs. Many hired Chief Digital Officers delegated their responsibility because they were busy with the "here and now". All of them have mobile/web first competitor's. Don't hire a Chief AI officer - lead from the front. Transform.

Our #Sgdigitaljourney continues. A great time of sharing experiences and vision with our top60 digital leaders. Some insight from @Reezocar and @Dataiku on their partnership with @Société Générale. 🚀

Cette levée de fonds place @SorareHQ et ses cartes "Panini" virtuelles directement à la 2e place des plus grosses licornes 🇫🇷. - @dataiku : 4.6 milliards $ - @SorareHQ : 4.3 miliiards $ - @Contentsquare : 2.8 milliards $ - @ManoMano_FR : 2.6 milliards $

La Société Générale acquiert le spécialiste de la voiture d'occasion Reezocar. L'appui de la banque permettra à la start-up de 150 salariés de proposer une offre plus riche à ses clients, et notamment en matière de financement et d'assurance trib.al/XGjJ9wl

Financial service orgs outspend vertical sector peers on #cybersecurity, but the cyber hits keep coming. In an article featured by @Forbes, Crypsis’s Rob Holmes explains why this doesn’t mean they are falling behind in security diligence. hubs.li/H0x3JPP0

We’ve been working with @Nutanix to help customers transform their data centers into highly efficient, secure private clouds. We’re proud to be named the Nutanix Technology Alliances Solution Partner of the Year. bit.ly/2R7me4e

🔥 BLURtooth (CVE-2020-15802) A new unpatched #Bluetooth pairing vulnerability could let attackers bypass authentication and easily target vulnerable nearby devices. Read details — thehackernews.com/2020/09/new-bl… #infosec #cybersecurity #tech

Keep it simple with #zerotrust ... It needn't be a matter of rip and replace. Often, existing security tech can be reconfigured to be more in line with the zero-trust model. @CynjaChaseC, @kindervag and Kieran Norton share best practices. bit.ly/3j86iun

On recrute toujours chez @reezocar ! Merci @LesEchos et @FRdigitale linkedin.com/posts/laurent-…

Thanks for having me on the podcast! Glad we could meet in person at RSA. Happy to do it again sometime! #ZeroTrust

Coronavirus gives us a real world metaphor that we can use to better understand #CyberSecurity and its future. #ZeroTrust

How do we apply lessons from the coronavirus (COVID-19) pandemic to the world of cybersecurity? Ideas @Kindervag bit.ly/2K3TbuS #coronavirus #cyberscurity

Whoa > #France has evacuated some #COVID19 patients from their worst-hit region via a specialized high-speed train outfitted with medical teams and equipment @jblefevre60 #Covid_19 #CoronavirusLockdown .

L’@APHP remercie @LVMH de sa proposition de fabriquer et distribuer gratuitement des gels hydroalcooliques en grande quantité. Ils seront livrés gracieusement dès lundi à l’AP-HP notamment. Engagement de LVMH maintenu le temps nécessaire en lien avec autorités sanitaires

Is your organization teleworking because of #COVID19? Here are some go.usa.gov/xdMYJ key recommendations on enterprise VPN security. #CyberVigilance #Cyber Cybersecurity #Infosec

🛡️[#SaferInternetDay] En cette journée pour un Internet plus sûr, apprenez à vous protéger et réagir face aux cyberattaques en suivant nos conseils : mots de passe, sauvegardes, mises à jour, réseaux sociaux, appareils mobiles, #phishing, #ransomware... 👉cybermalveillance.gouv.fr

New opportunities offered by technology can also bring new risks and danger to the table. What can #ZeroTrust do to secure your information? Find out in this piece from @SecurityRT. bit.ly/2NU265c bit.ly/2kMrCNF

Nikesh Arora, @PaloAltoNtwks CEO, shares his vision for cybersecurity on CNBC's "Squawk on the Street" cnbc.com/video/2019/09/… bit.ly/2QuZOfV