Days after Twitter (TWTR) accounts belonging to Facebook (FB) CEO Mark Zuckerberg and the NFL were hacked, cybersecurity firm Proofpoint (PFPT) says its total addressable market has never been bigger -- $10 billion by 2019.
That will have doubled since 2013, according to industry tracker IDC. Then, emerging markets, which includes social media, represented less than 1% of the TAM. By 2019, that business could be a $2.9 billion opportunity, or 15% of the TAM, says IDC.
And social media security is only in nascent stages, Proofpoint CEO Gary Steele told analysts Wednesday at the company's analyst day in San Francisco. Proofpoint, with 2015 revenue of $265 million, already is swiping share from rivals such as Symantec (SYMC), Cisco Systems (CSCO) and FireEye (FEYE), Steele claims.
Proofpoint's $2.7 billion market cap pales vs. Cisco's $147 billion and security leader Check Point Software Technology's (CHKP) $15.2 billion value, but Proofpoint outperforms its rivals time and time again, Steele says.
"We manage the threat data for a high efficacy rate," he said. "That's how we sell. That's how Tracey's (head of global sales Tracey Newell) team wins every deal. Simply put, we scare the (expletive) out of people. We show people what we catch."
Since its IPO in 2012, Proofpoint has achieved a 35% compound annual growth rate and, despite Wall Street whispers of a cybersecurity slowdown in 2016, Steele says Proofpoint hasn't seen any "choppiness" in the market.
"We've seen no reduction in budgets as it relates to our projects," he said. "We're clearly over the line in ... being high-priority in terms of (spending). We've seen no change in macro."
Proofpoint stock rose 1.4% in the stock market today, to 64.40, touching a five-month high. Shares are up more than 80% since hitting a 20-month low in early February.
Malware Campaigns Spike On Phishing
Malware campaigns jumped 800% vs. the year-earlier quarter and 66% sequentially in Q1, Steele said. David Knight, head of information security products, blamed user naivete. Since January 2015, human-error attacks have accounted for $2.3 billion in losses, says the FBI.
That's because the user is most vulnerable, Knight told analysts. Whereas the infrastructure is susceptible to brute force, phishing attacks -- by email, social media and mobile -- appear legitimate and prey on users' good intentions.
Such was the case in February and March when a phishing scheme duped Snapchat and Seagate Technology (STX) into dispensing thousands of W-2 forms. It's a matter of simply "tricking" users into handing over their credentials, Knight said.
Devin Redmond, Proofpoint's vice president of social media security and compliance, expects phishing attacks to burgeon this year and next. He says the "angler phish" is most complex -- requiring fake accounts and websites to prey on real customers.
For example, @John_Smith tweets to @bank that he's having trouble logging into his account. A spoof account -- appearing wholly legitimate -- offers to help @John_Smith with his login issue and provides a link to its credential-confirming website.
It looks real, Redmond said.
"The website asks for his pin code, security questions, ATM card number, pin number, social security number and data of birth," he said. "It's not just getting his credential, it's getting all of the customer's information and then cleaning out his bank account."
Phishing attacks can be used to spread malicious links, Redmond said.
Tapping Rival Platforms
Proofpoint is hoping to throw a wrench into hackers' processes by teaming up with CyberArk Software (CYBR), Imperva (IMPV), LinkedIn (LNKD) and Splunk (SPLK) -- a series of partnerships announced this week.
Earlier, Palo Alto Networks (PANW), Mobileiron (MOBL) and VMWare (VMW) integrated with Proofpoint's Nexus One platform.
"We heard it loud and clear from customers, that what they needed is the products they buy from multiple vendors to work together," Steele told IBD. "It's strategically important for us to create that for the customer for their environment."
But the overall industry has made embarrassingly little collaborative progress, Steele says. Proofpoint has integrated with eight or nine social media applications and 150 app stores, "not just Apple (AAPL) and Google (GOOGL) Play," Knight told analysts. And it's free, Steele says.
He credits Proofpoint's platform, Nexus, for the ability to integrate with other systems. Nexus controls Proofpoint's email, social and mobile visibility. Companies like Palo Alto Networks and CyberArk now can use that data in their own cyberbattles.
It's a huge cybersecurity step forward, Steele says.
"We saw lots of vendors delivering discrete point solutions, many of which didn't operate well with each other," he said. "We believe vendor platforms need to integrate natively and you need to be able to make those relationships work well together."
