The market cap of PAN (currently ~$130B in Nov. 2024) has increased 6.5x since Arora took the reigns as CEO. The Cyber market has increased significantly, but PAN is outpacing their competitors by a significant margin…

CISOs (Chief Information Security Officers) weren’t really a thing until enterprise org’s embraced the cloud.

The productivity & efficiency gains associated with migrating company data from on-premise servers to the public cloud were enormous. Storage became essentially limitless and the costs (at scale) reduced significantly.

Teams could easily access information, build “things” more efficiently, work more collaboratively and, in aggregate, accelerate the pace of innovation to remain competitive in the marketplace.

Within a few short years, migrating to the cloud became an absolute necessity - businesses couldn’t keep up without it.

The Rise of the CISO

In parallel, hacking became much, much easier. Nefarious actors no longer had to be in close physical proximity to a company’s server racks to steal sensitive information they could exploit for $$$.

So, while enterprise companies invested heavily in the cloud to remain competitive, they needed to build out a net-new office squarely focused on protecting their data, sensitive customer information and IP.

What makes a Chief Information Security Officer (“CISO”) tick?

These were previously VPs of Information Security that rolled up to the CIO. The CIO handled everything related to IT - like issuing employees new computers.

As digital security quickly became a company’s highest priority, enterprises split that function out from under the CIO, and hired an expert to assemble a team focused on building a digital Fort Knox.

Given their importance to cloud migration efforts, CISOs became some of the highest paid executives with the most discretionary spend. They invested in (lots of) tools, processes and workflows to ensure their company data was as protected as possible.

In response to this shift, VCs funneled tons of dough to cyber startups vying for the opportunity to be one piece of a CISO’s puzzle. This was a gold rush and many people were looking to cash in.

Several of the early players quickly established themselves as a necessity for every program. Developing core competencies focused on shoring up specific, yet major, vulnerabilities.

However, the fast followers, protecting more niche areas of the value-chain experienced difficulties scaling. Why?

CISOs don’t like sales people.

As the volume of sales outreach increased in proportion to the significant rise in Cyber companies (often with great technology), all members of security offices simply tuned out.

Nikesh Arora and Palo Alto Network’s Transformation

Let’s be clear, there are several cybersecurity companies with eye-popping market valuations. For example, Crowdstrike, even after the July incident, has a market cap of ~$83B dollars (as of Nov. 2024).

But the reason PAN is worth ~$130B (significantly outpacing any of it’s competitors) is not just because of the rise of cloud, it’s because of two business model innovations implemented by Nikesh Arora - CEO since 2018.

1. M&A Strategy:

When companies reach a certain stage of maturity, it’s typical to acquire next-gen technology to jumpstart growth and maintain relevance.

At the time, PAN was largely a hardware security company and desperately needed to shift towards SaaS. If not, they’d be rendered obsolete.

When defining the focus of their M&A strategy, Arora settled on paying a premium to acquire market leaders and great technology in more niche markets.

This based on the discovery that after ~$50M in ARR, these companies saw declining growth. There was a disconnect, as these were the best technologies in fast-moving market segments.

Why? Remember…CISOs were starting to really hate sales people.

As those great technologies got to a certain stage, VCs pushed them to invest heavily in sales & marketing to scale. Annoyed with the state of their inboxes, CISOs shifted away from evaluating markets for the best technology, to asking incumbent vendors to provide solutions.

If these vendors had products they were often sub-par technologies. But it eliminated the time and effort associated with a prolonged market evaluation. CISOs were dissatisfied with this reality but it checked-the-box…

Paying a premium for the market leader turned out to be a great long-term strategy. PAN could now capitalize on being the existing vendor that consistently provides the best technology solution.

2. GTM Transformation

In 2018, PAN’s GTM org was built around product-specific siloes. Sales reps sold one product, understood everything about it, but knew nothing about the rest of the portfolio.

With the evolution of the CISO’s buyer journey - shifting from searching for the best technology, to asking existing vendors to provide sub-par solutions - Arora refashioned the organization to become more account focused. Incentivizing reps to sell the entire portfolio into fewer accounts/verticals.

Essentially, they needed to become a CISO’s most trusted advisor. A deep understanding of their unique business needs and ever evolving priorities, to continuously deliver the right solutions.

PAN executed against their goal of acquiring the best technology in emerging markets. Thus, CISOs never needed to go to any of their other vendors - they just called up their new best friend who quickly configured new solutions into their existing security stack.

As a result, PAN revenue at existing accounts skyrocketed. What’s more, this transformation reduced S&M costs significantly; instead of building a whole sales development machine around each individual product, the function now operated more like a shared service focused on building a cohesive story around the high-level business impact of the whole portfolio.

Conclusion

As soon as these innovations went into motion, a flywheel started, compounding on itself such that no competitor could really catch up.

Founders of great technology wanted to get acquired by PAN to satisfy their board after a prolonged stall. Remember, PAN pays a premium + growth re-accelerates after plugging into their distribution machine.

The reps with the deepest rolodex of CISOs wanted to work for PAN because they could confidently sell the best technology with incredible pricing power. CISOs were willing to pay a significant premium (and had the coffers to do so) by getting the best quickly without evaluating the market vs. getting competitive bids to increase negotiating leverage.

PAN was by no means the only large cybersecurity company with this strategy. The difference in market cap, however, is a direct result of Arora building the strategy ahead of the curve, and most importantly, his ability to execute.