There are still a few national cybersecurity companies, but they want to grow up. On the Stock Exchange Tinexta and Cyberoo launch the challenge
To play the last move was Tinexta. With a triple acquisition of 47.8 million euros, l’former Tecnoinvestimenti group, controlled by the Tecno Holding safe of the main ones Italian Chambers of Commerce and from their federation, Unioncamere, has set foot in the industry of IT security. The research and development branch of Corvallis, Milanese it company; the Emilian Yoroi, already in the center two years ago of a cybersecurity aggregation; Swanscan, specialized in cloud for security tests, make up the new business unit of Tinexta. With projections of total revenues of 60.8 million euros and an EBITDA of 6.7 million, the trio promises to increase the group’s turnover by 20% and margins by 10%. “A pole is born to make Italy grow in a strategic sector, in which the country has great delays but also great promises, especially for small and medium-sized enterprises”, The comment of the president of Tinexta, Enrico Salza.
Cybersecurity is still a matter for extra-small sizes in Italy. Just scroll through the list of companies registered in the Register of Companies that include IT security among their activities: they are 1.861. of which the 65.6% report fewer than ten employees. A fabric of small companies, often dedicated to the assistance and repair of PCs. Conversely, in bag cybersecurity industry groups can be counted at the fingertips: ten, also including the national defense champion, Leonardo, which also presides over the so-called fifth domain, namely cyber space.
Cyber business at Piazza Affari
In particular, two listed companies make the IT security their main profession: Cyberoo e Cy4Gate. Both registered in theAim, the list of novice freshmen, the first it went public in October 2019 and today travels with a capitalization of 38.1 million (data as of October 16, 2020), while the second, which arrived last June and participated by Elettronica spa defense group, it stood at 63.6 million. To these is now fully added also Tinexta (998 million capitalization), which is betting many of its chips on the new business unit. “We want to build a hub capable of serving our reference markets: banks and finance, corporate and SMEs”, Observes CEO Pier Andrea Chevallard. The goal, he adds, is that “The turnover linked to digital activities reaches 55% of the total”.
Even in Piazza Affari, however, cybersecurity companies have medium-small size, as evidenced by a data extraction provided at Wired right from Borsa Italiana. Excluding Leonardo from the list, six of the nine freshmen who in some way also deal with IT security (even if it is not their main business) are listed on the AIM. Besides Cyberoo and Cy4Gate, there are Dba group (8.7 million capitalization), Digital Value (309.7 million), Relatech (55.4 million) e Networks (9.3 million). A step higher in there Exprivia (29.9 million capitalization). And even higher, at the Star (which rewards excellent companies), they rank Tinexta, Sesa (1.28 billion) e Wiit (420.9 million).
Cyber security is a market destined to grow. A global IBM report (3,400 managers) shows how the 74% of businesses still do not have a plan against cyber attacks. Or it is ineffective. Result: if he falls victim he does not know how to react and repairing the damage is more expensive (up to 1.2 million dollars more). In the five-year period 2017-2021 the magazine Cyber security ventures calculate that spending on IT security globally it will exceed one trillion dollars. It went from 3.5 billion in 2004 to 120 billion in 2017: an increase of over 35 times.
But the necessary surge requires strong stomachs. So much so that companies are studying ways to strengthen themselves. Through the bag, how did he do Sumo Logic on Wall Street in mid-September, or McAfee, a historic cybersecurity company, which plans to re-enter it after leaving the scene in 2011. Or by external lines. You see Fastweb, which in early October bought the 70% of 7Layers, a leading company in IT security services, founded in 2012 in Florence and included for four consecutive years, from 2017 to 2020, from Financial Times in the ranking of the thousand fastest growing companies in Europe. In addition to connectivity, the telephone company also offers protection services, threat analysis and preventive management, having, as the group declares, control from a to z “the entire life cycle of the services provided and to respond even faster to the needs of the business world”.
The strengthening of companies also passes the competitiveness of Italy on the international chessboard. “As confirmed by the data of the chamber of commerce, today Italy is teeming with small businesses compared to large international players, which provide skills and cooperation skills even to the largest companies in the country”, Specifies Domenico Raguseo, head of Exprivia’s IT security department. Result? “In the beautiful country we continue to hear each other similar but inferior to the Americans and as much as we like to play with technology, we never feel up to par with other realities“, Says Sofia Scozzari, founder and CEO of HackManac, an Emirati company specializing in IT security, as well as a member of the scientific committee of Clusit (the Italian Association of IT security):”On the other hand, we are respected and even better paid abroad”. “We are good – Raguseo echoes – and perhaps they still notice it more abroad than in Italy”.
The way of export
Per Cyberoo internationalization is the next goal. Thanks to the listing, the company, born in Reggio Emilia and led by Fabio Leonardi (who controls it through the Sedoc holding), has structured a landing strategy on the markets. “We went public in 2019 after a journey that began in 2016. It was a strategic choice to move from a company that bought software from third parties and sold it to a real vendor ”, explains Veronica Leonardi, Cyberoo’s marketing manager.
And he adds: “Thanks to the IPO (initial public offering, ed) we have achieved our goals for 2020. Expand distribution throughout Italy, strengthen the organizational structure and bring the service of detection and response to the next level thanks to the partnership with Gartner“. And then there is a visibility factor: with one collection in the IPO phase of 40 million euros compared to the 7 expected, that of Cyberoo was a chat quotation on Piazza Affari.
The next milestone is international expansion. “Let’s start from France and Switzerland. In particular, the first has an affinity for size and structure of companies with Italy”Says Leonardi. Next on the radar are Germany and Israel, the cradle of cyber security firms. Cyberoo aims to specialize in the Mdr segment. Acronym for managed detection and response, that is, surveillance and managed attack response. And it is in this perspective that the growth of the group will be addressed, also by external lines (read acquisitions). “For Gartner, 50% of midsize companies by 2025 will need a mdr”, Leonardi comments.
For Tinexta, however, the direction is that of one welding between cyber defenses and digital identity. “We are thinking of developing an integrated offer with Inforcert, integrating digital trust with cybersecurity”Says Marco Comastri, head of the new business unit. The eye always goes to the SMEs and the technological services of the galaxy of the Chambers of Commerce. In the agreements with Corvallis (also registered in the Elite program, with which Palazzo Mezzanotte recruits companies interested in the listing), Yoroi and Swanscan, the group left the door open to take over the minority stakes left in the hands of their respective entrepreneurs (respectively 30%, 40% and 49%) by 2024 to increase its specific weight in the sector.
According to Raguseo, IT security “it works in a similar way to the healthcare world, where a general practitioner is accompanied by the specialist experience of experts in every part of the body or even specific diseases. Such a composite market can be the right environment for encourage cooperation between small and large players, able to satisfy both domestic and foreign demand. Seeing Italian companies working in Israel, for example, is starting to not be so unusual”.
Lights and shadows
In general for Raguseo “in the last two or three years the Italian market has given proof of a more sustained and homogeneous growth, in response to an already growing demand before the lockdown and then significantly increased precisely since the arrival of the pandemic”.
However, there are still problems to be solved. For Scozzari the first is that “in Italy unfortunately it is full of very high skills that struggle to emerge, both for an ineffective allocation of cyber security resources in the budget of companies and for a lack of skills on the part of those who often have to spend that money“. And he adds: “Solutions and software are often preferred, for example antivirus, only because they have heard of them, without going into the merits of product quality and preferring foreign services to those found at home”.
“Half of my job is to convince companies that they won’t solve all their problems by purchasing a cyber appliance, which promises to do everything but leaves something to be desired in terms of results. Scozzari diagnostics. Better to invest in awareness courses of employees and on the purchase of specific solutions for specific problems, allowing employees to fully understand how they work”.
And the critical mass of the cyber segment must grow on the Stock Exchange as well. “Aim is a very liquid market – Leonardi observes -. The purchase of a few shares is enough to move a stock in a sudden way. There is a high volatility“. So much so that Cyberoo gave herself two years to get the numbers to go to the Star.
Around cybersecurity are also growing etf (exchange traded fund) specialized. That is, funds that replicate the performance of baskets of companies. This is the case with the product of Legal & General, one of the largest European asset managers, which covers both hardware and software suppliers and consultants and is one of the four etf dedicated to cybersecurity also listed in Milan. Together with Rize, which specializes in themed funds and based on a basket of 45 companies, and First Trust, which has assets of 35.7 million. The investment fund titan, Blackrock, which manages nearly $ 1 billion in assets on cyber security.