There is a made in Italy of IT security. And now he wants to grow on the stock market
There are still a few national cybersecurity companies, but they want to get big. Tinexta and Cyberoo launch the challenge on the Stock Exchange
Cybersecurity (Getty Images) Tinexta played the last move. With a triple acquisition of 47.8 million euros, the former Tecnoinvestimenti group, controlled by the Tecno Holding safe of the main Italian Chambers of Commerce and their federation, Unioncamere, has set foot in the IT security industry. The research and development branch of Corvallis, a Milanese IT company; Emilian Yoroi, already at the center of a cybersecurity aggregation two years ago; Swanscan, specialized in cloud for security tests, make up the new business unit of Tinexta. With total revenue projections of 60.8 million euros and a gross operating margin of 6.7 million, the trio promises to increase the group's turnover by 20% and margins by 10%. "A pole is born to make Italy grow in a strategic sector, in which the country has great delays but also great promises, especially for small and medium-sized enterprises", commented the president of Tinexta, Enrico Salza.Cybersecurity is still a matter for extra-small sizes in Italy. Just scroll through the list of companies registered in the Business Register that include IT security among their activities: there are 1,861. of which 65.6% declare fewer than ten employees. A fabric of small companies, often dedicated to the assistance and repair of PCs. On the other hand, on the Stock Exchange, the cybersecurity sector groups can be counted at the tip of the fingers: ten, including the national defense champion, Leonardo, who also presides over the so-called fifth domain, namely cyber space.
Borsa Italiana (Gian Mattia D’Alberto / lapresse)
Cyber business in Piazza Affari
In particular, two listed companies make IT security their main job: Cyberoo and Cy4Gate. Both registered in the Aim, the list of novice freshmen, the first landed on the stock market in October 2019 and today travels with a capitalization of 38.1 million (data as of October 16, 2020), while the second, which arrived last June and participated from the defense group Elettronica spa, amounted to € 63.6 million. To these is now fully added also Tinexta (998 million capitalization), which is betting many of its chips on the new business unit. "We want to build a hub capable of serving our reference markets: banks and finance, corporate and SMEs," observes CEO Pier Andrea Chevallard. The goal, he adds, is that "the turnover linked to digital activities will reach 55% of the total".Even in Piazza Affari, however, companies related to cybersecurity are medium-small in size, as evidenced by a data extraction provided to Wired by Borsa Italiana. Excluding Leonardo from the list, six of the nine freshmen who in some way also deal with IT security (even if it is not their main business) are listed on the AIM. In addition to Cyberoo and Cy4Gate, there are Dba group (8.7 million capitalization), Digital Value (309.7 million), Relatech (55.4 million) and Reti (9.3 million). A step higher in there is Exprivia (29.9 million capitalization). And even higher, the Star (which rewards excellent companies), are Tinexta, Sesa (1.28 billion) and Wiit (420.9 million).
(Photo: Getty Images)
The surge in business
Cybersecurity is a market destined to grow. A report by IBM on a global level (3,400 managers) shows that 74% of companies still do not have a plan against cyber attacks. Or it is ineffective. Result: if he falls victim he does not know how to react and repairing the damage is more expensive (up to 1.2 million dollars more). In the five-year period 2017-2021, the Cyber security ventures newspaper estimates that spending on cybersecurity globally will exceed one trillion dollars. It went from 3.5 billion in 2004 to 120 billion in 2017: an increase of over 35 times.But the necessary surge requires strong stomachs. So much so that companies are studying ways to strengthen themselves. Through the stock exchange, as Sumo Logic did on Wall Street in mid-September, or McAfee, a historic cybersecurity company, which plans to return after its exit in 2011. Or by external lines. See Fastweb, which at the beginning of October bought 70% of 7Layers, a leading company in IT security services, founded in 2012 in Florence and included for four consecutive years, from 2017 to 2020, by the Financial Times in the ranking of one thousand fastest growing companies in Europe. In addition to connectivity, the telephone company also offers protection services, threat analysis and preventive management, having, as the group declares, control from a to z "of the entire life cycle of the services provided and to respond even faster. to the needs of the business world ".
Italy's competitiveness on the international chessboard also passes from the strengthening of companies. "As confirmed by the data of the chamber of commerce, today Italy is teeming with companies of modest size compared to the large international players, which provide skills and cooperation skills even to the largest companies in the country", points out Domenico Raguseo, head of the department of IT security by Exprivia. Result? "In Italy we continue to feel similar to but inferior to the Americans and as much as we like to play with technology, we never feel up to par with other realities", says Sofia Scozzari, founder and CEO of HackManac, an Emirati company specializing in IT security, as well as a member of the scientific committee of Clusit (the Italian Association of Information Security): “On the other hand, abroad we are respected and even better paid”. "We are good - Raguseo echoes - and perhaps they still notice it more abroad than in Italy".
Hacker violates a smartphone (Getty Images)
The way to exports
For Cyberoo, internationalization is the next goal. Thanks to the listing, the company, born in Reggio Emilia and led by Fabio Leonardi (who controls it through the Sedoc holding company), has structured a strategy of landing on the markets. “We went public in 2019 after a journey that began in 2016. It was a strategic choice to move from a company that bought software from third parties and sold it to a real vendor”, explains Veronica Leonardi, Cyberoo's marketing manager.And he adds: “Thanks to the IPO (initial public offering, ed) we have achieved our goals for 2020. Expanding distribution to all of Italy, strengthening the organizational structure and bringing the detection and response at a higher level thanks to the partnership with Gartner ”. And then there is a visibility factor: with a collection in the IPO phase of 40 million euros compared to 7 expected, that of Cyberoo was a chat quotation on Piazza Affari.
The next milestone is international expansion. “We start from France and Switzerland. In particular, the first has an affinity for the size and structure of the companies with Italy, "says Leonardi. Next on the radar are Germany and Israel, the cradle of cyber security firms. Cyberoo aims to specialize in the MDR segment. An acronym for managed detection and response, which is managed surveillance and response to attacks. And it is with this in mind that the growth of the group will be addressed, also through external lines (read acquisitions). “For Gartner, 50% of medium-sized enterprises will need an MDR by 2025”, comments Leonardi.
For Tinexta, on the other hand, the direction is that of a bond between IT defenses and digital identity. "We are thinking of developing an integrated offer with Inforcert, integrating digital trust with cybersecurity", says Marco Comastri, head of the new business unit. The eye always goes to the SMEs and the technological services of the galaxy of the Chambers of Commerce. In the agreements with Corvallis (also registered in the Elite program, with which Palazzo Mezzanotte recruits companies interested in the listing), Yoroi and Swanscan, the group left the door open to take over the minority stakes remained in the hands of their respective entrepreneurs (respectively 30%, 40% and 49%) by 2024 to increase its specific weight in the sector.
According to Raguseo, IT security "works in a similar way to the healthcare world, where a general practitioner is accompanied by the specialist experience of experts in every part of the body or even specific diseases. Such a composite market can be the right environment to foster cooperation between small and large players, able to satisfy both domestic and foreign demand. Seeing Italian companies working in Israel, for example, is starting to not be so unusual ”.
Borsa (archive) - Piazza Affari
Palazzo della Borsa - Photographer: tamtam
Lights and shadows
In general for Raguseo “in the last two or three years the Italian market has shown a more sustained and homogeneous growth, in response to an already growing demand before the lockdown and then significantly increased by the arrival of the pandemic ”.However, there are still problems to be solved. For Scozzari, the first is that "in Italy it is unfortunately full of very high skills that struggle to emerge, both due to an ineffective allocation of cyber security resources in the budget of companies and a lack of skills on the part of those who often have to spend that money ". And he adds: "Solutions and software are often preferred, for example antivirus software, only because they have heard of them, without going into the merits of product quality and preferring foreign services to those found at home".
“Half of my job is to convince companies that they will not solve all their problems by buying a cyber appliance, which promises to do everything but leaves something to be desired in terms of results - Scozzari diagnostics -. Better to invest in employee awareness courses and the purchase of specific solutions for specific problems, allowing employees to fully understand how it works ".
And the critical mass of the cyber segment must grow on the Stock Exchange as well. "Aim is a not very liquid market - observes Leonardi -. The purchase of a few shares is enough to move a stock in a sudden way. There is a high volatility ". So much so that Cyberoo has given itself two years to have the numbers to go to Star.
Specialized ETFs (exchange traded funds) are also growing around cybersecurity. That is, funds that replicate the performance of baskets of companies. This is the case of the product of Legal & General, one of the largest European asset managers, which covers both hardware and software suppliers and consultancy and is one of the four ETFs dedicated to cybersecurity also listed in Milan. Together with Rize, which specializes in themed funds and based on a basket of 45 companies, and First Trust, which has assets of 35.7 million. The titan of investment funds, Blackrock, who manages nearly $ 1 billion in assets on cyber security, also entered the arena.