Skip to main content
close search
site logo
Dive Brief

Palo Alto revenue surges amid ‘unprecedented’ cyberthreats

Escalating cyberthreats and related regulatory pressures are keeping customer demand high, the company’s CEO said.

Published Nov. 16, 2023
Alexei Alexis's headshot
Reporter
Palo Alto Networks
Cybersecurity professionals gather at the Palo Alto Networks' booth on the show floor in April 2023 at a conference in San Francisco. Matt Kapko/CFO Dive

Dive Brief:

  • Palo Alto Networks said its revenue grew 20% during the first quarter of the company’s 2024 fiscal year as businesses grapple with escalating cyberthreats, coupled with related regulatory and legal risks.

  • The Santa Clara, California-based cybersecurity company’s total revenues increased to $1.9 billion during the quarter, compared with $1.6 billion in the year-earlier period, according to results released Wednesday.

  • "An unprecedented level of attacks is fueling strong demand in the cybersecurity market," Palo Alto CEO Nikesh Arora said in a press release.

Dive Insight:

Despite Palo Alto’s strong quarter, concerns about its outlook weighed on the company’s shares in after-hours trading on Wednesday, the Wall Street Journal reported. The company lowered its full-year guidance for total billings to between $10.7 billion and $10.8 billion, from a prior range of $10.9 billion and $11 billion, the publication noted.

In a Wednesday interview with CNBC’s Jim Cramer, Arora downplayed the billings guidance, while acknowledging that it “marginally spooked” the market. He doubled down on his press release comments, saying cybersecurity attacks are driving “tremendous” customer demand.

The global average cost of a data breach between March 2022 and March 2023 was $4.45 million, a 15% increase over three years and an all-time high, according to a report published by IBM in July. Detection and escalation costs jumped 42% during the same period, representing the highest portion of breach costs, and indicating a shift towards more complex breach probes, the research found.

Destructive attacks that left systems inoperable accounted for one out of every four attacks, and another 24% involved ransomware, which involves a criminal’s use of malicious software to prevent companies from accessing their own computer files, systems or networks until a ransom is paid. Such attacks can also involve a threat to leak sensitive data to the public internet.

In one incident observed by Palo Alto Networks, bad actors extracted 2.4 terabytes of data in just 14 hours, Arora said during an earnings call on Wednesday.

“Ransomware attacks are increasing in frequency and severity,” he said, adding that adversaries may be leveraging generative artificial intelligence as a tool to make attacks more sophisticated in some cases.

This year is shaping up to be one of the most lucrative years on record for ransomware organizations as they focus on bigger targets amid shifting cybercrime market forces, according to cyber risk management company Resilience, as previously reported by CFO Dive.

Ransomware purveyors extorted a record $939.9 million in 2021, according to blockchain analysis firm Chainalysis. After a lull in 2022, big game hunting — the targeting of large, deep-pocketed organizations — seems to have bounced back, the firm reported in July.

Raising the stakes for C-suite executives, federal agencies such as the Securities and Exchange Commission have ramped up cybersecurity enforcement actions against companies.

Last month, the SEC sued Austin, Texas-based SolarWinds and its chief information security officer, accusing them of defrauding investors by mischaracterizing cybersecurity practices that were in place at the company leading up to a major breach discovered in December 2020. The company’s CFO was previously put on notice that he could face charges but was not named in the suit as a defendant.

Meanwhile, over the summer, the SEC adopted new rules requiring public companies to disclose “material cybersecurity incidents” to the agency within four days of determining that such a breach has occurred.

While the new rules went into effect in September, the SEC has set compliance dates that are scheduled to come later. All covered entities other than smaller reporting businesses are required to comply with the new breach disclosure requirements starting on Dec. 18. Smaller reporting companies will be subject to these mandates as of June 5 of next year.

The current trends have resulted in “a continued focus across organizations on understanding security posture, cybersecurity risk and how to mitigate this risk effectively,” Arora said during the Wednesday earnings call. “This increasingly involves not only the CISO but the entire IT organization, legal, finance and the CEO and the full board of directors.”

Still, the cybersecurity industry hasn’t been immune from macroeconominc pressures.

Cybersecurity spending grew at a slower pace this year amid inflation and recessionary fears, according to a September report from IANS Research and Artico Search, as previously reported by CFO Dive. Companies increased their cybersecurity spending by 6% on average this year, a significant drop from the previous budget cycle’s 17% rise.

“CFOs are scrutinizing deals, which means you have to be better prepared to answer their question and show the business value that you bring to them with your cybersecurity products,” Arora said during an August earnings call.

Editors' picks

  • The Internal Revenue Service sign in capital letters on a tan building on a sunny day.
    Image attribution tooltip
    Pgiam for iStock via Getty Images
    Image attribution tooltip

    How Trump 2.0 could revamp tax policy

    Businesses need to prepare for potentially “fast moving” changes to tax policy as questions swirl around President-elect Trump’s plans, EY’s Martin Fiore said.

    By Maura Webber Sadovi • Nov. 15, 2024
  • image of an income statement with dollar bills next to it
    Image attribution tooltip
    alfexe via Getty Images
    Image attribution tooltip

    FASB issues new, long-anticipated income statement expense rules

    Compliance with the standards update “isn’t going to be cheap” for many firms, but the FASB has taken steps to reduce the cost to preparers, board member Fred Cannon said.

    By Maura Webber Sadovi • Nov. 4, 2024

Company Announcements

View all | Post a press release
Cybrid Responds to Market Demand for Stable, Efficient Cross-Border Payments with Enhanced Sta…
From Cybrid
November 20, 2024
Legion Technologies Partners with Vail Resorts to Expand Workforce Management Across 37 Resort…
From Legion Technologies
November 19, 2024

Want to share a company announcement with your peers?

Get started

Editors' picks
  • The Internal Revenue Service sign in capital letters on a tan building on a sunny day.
    Image attribution tooltip
    Pgiam for iStock via Getty Images
    Image attribution tooltip

    How Trump 2.0 could revamp tax policy

    Businesses need to prepare for potentially “fast moving” changes to tax policy as questions swirl around President-elect Trump’s plans, EY’s Martin Fiore said.

    By Maura Webber Sadovi • Nov. 15, 2024
  • image of an income statement with dollar bills next to it
    Image attribution tooltip
    alfexe via Getty Images
    Image attribution tooltip

    FASB issues new, long-anticipated income statement expense rules

    Compliance with the standards update “isn’t going to be cheap” for many firms, but the FASB has taken steps to reduce the cost to preparers, board member Fred Cannon said.

    By Maura Webber Sadovi • Nov. 4, 2024
Latest in Financial Reporting
image/svg+xml
Industry Dive is an Informa business
© 2024 Industry Dive. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell