Ping Identity CEO: Time To Take A Breather On Acquisitions

‘We really have the bulk of what we need for our platform going forward,’ said Ping Identity CEO Andre Durand.

After going on a mini-acquisition binge over the previous two years, Ping Identity CEO Andre Durand is signaling his cybersecurity company won’t be as active in the M&A market for the foreseeable future.

Durand, who founded the Denver-based Ping in 2002, said he won’t rule out future takeovers of companies if good opportunities arise.

“We’re always inquisitive,” said Durand in a recent interview with CRN. “If something emerges that is really adjacent to what we’re doing, we certainly will always take a look. I’m not going to say no.”

But he also said it’s time for Ping, which specializes in identity and access management security, to take it slow after acquiring four firms in 2021 and 2020.

Last year, Ping acquired two security companies, bot detection startup SecuredTouch and security orchestration startup Singular Key, for a total of $80 million in cash. In 2020, it acquired two other security firms, ShoCard and Symphonic, for a combined $32.5 million.

“We’ve made some really good acquisitions,” said Durand. “Now it’s about making sure that they are integrated into our platform. There’s a lot of effort, right now, to make sure we do justice by those acquisitions. We really have the bulk of what we need for our platform going forward.”

Today, Ping has about 1,400 employees and hopes to add hundreds more this year. Founded in 2002 and publicly traded since 2019, Ping last year recorded sales of $299.4 million, up from $243.5 million in 2020.

Ping hasn’t released what percentage of its sales come via the channel, but Durand said the company plans to reveal those numbers soon.

Ping’s shares were trading in the $18.20 earlier this week, down from their 52-week high of $30.40. The company has a market cap of about $1.6 billion.

Besides discussing Ping’s acquisition and growth strategies, Durand also talked with CRN about Ping’s staffing, the state of the economy, industry consolidation trends and more. Following are excerpts from Durand’s recent interview with CRN:

Ping has reportedly hired more than 100 people since the start of the year. How many people in total do you plan to hire in all of 2022?

Well, not withstanding any concerns of are we heading into a recession or are we not heading into a recession, we’ll just kind of adjust up or down for that. But I would say that the total hiring plan for the year was probably over 400.

Speaking of recessions, is it something that you guys are kind of bracing for possibly?

We’re talking about it. You hate to (see) things become kind of self-fulfilling where everyone worries about it and then they create it. But there is a lot of uncertainty that the market is projecting right now, both on the inflation side and then rising interest rates. In management, you’re always trying to anticipate what’s going to happen to make sure that you are prepared.

There seems to be an emerging axiom that cybersecurity firms might be able to weather recessions better because the demand for their product is so high. Do you buy into that?

I think that’s largely the case. I do think that security is not a ‘nice to have,’ even in market downturns. It’s a ‘must have’ in this environment. So I do think security in general makes the cut. But the size of deals and how fast companies are willing to take on projects, all of that stuff could get elongated.

Ping has acquired a number of companies over the past few years. Do you see more acquisitions in the near future -- or are you slowing down a bit on that front?

We’ve made some really good acquisitions. Now it’s about making sure that they are integrated into our platform. There’s a lot of effort, right now, to make sure we do justice by those acquisitions. We really have the bulk of what we need for our platform going forward. We’re always inquisitive. Don’t get me wrong. So if something emerges that is really adjacent to what we’re doing, we certainly will always take a look. I’m not going to say no, but I’m going to say that a number of those acquisitions had been part of our strategic plan, and now that we’ve done them we’ve got to make sure that we integrate them.

So you see organic growth moving forward?

For the foreseeable (future), yeah. I mean, keep in mind: the pressure is always on organic growth. We’re not a company (in which) our whole strategy is to grow organically. There are some companies that do that. But I don’t think you can do that well in security. I think security technology is better integrated and so, at some point, you’ve got to pay the integration cost.

Many say the cybersecurity industry will be undergoing more intense consolidation moving forward. Obviously, Ping has been the acquirer in the past. Can you ever see yourselves being acquired? Consolidation goes two ways.

It does. You tend to see consolidation occur kind of on the tail end of more mature markets. You do see it – a certain market emerges, there’s a whole lot of players, and they do get out for a period of time. Then the market kind of reaches its climax and then there tends to be a lot of consolidation. That’s where you tend to see optimization.

The identity space -- and especially on the customer consumer side -- is still emerging. It’s still a growth space. There’s still a lot of room for innovation. … When

things are rapidly evolving and there’s a lot of growth and there’s still innovation, those tend to be the places where you don’t necessarily see the larger consolidation.

At some point you don’t always control what you just described. Bigger players come along and they want to play in that space and, you know, at some level every company always has to respond to anything that it comes at it. We have a responsibility to do that for existing shareholders. But I do see more companies now really paying attention to identity than I’ve seen in some time. I think a lot of players are recognizing it’s the foundation of security. It’s critical to Zero trust.

And so, for those reasons you do see a lot of companies that are really paying attention to this whole emerging space in ways that I haven’t seen in years prior.

Are you planning anything new for your channel sales and partnership efforts? Perhaps expanding your channel team?

Well, we’ve been turning on the gas on that whole team now for about the last two years. We’re seeing really great results in source one business that we track.

I’d say right now the effort is on training the channel to understand how to implement our solutions, how to position and implement our solutions.

And we’re getting a lot of great feedback on some of the new stuff that we’ve acquired, especially to the GSI eye. I know that’s maybe not the traditional channel. But we’ll start with the global systems integrators that are serving global 5000 (companies). And they’re really liking our roadmap.

How’s it been since you went public in 2019?

You know, I’ve loved every phase (of Ping). There’s always a new learning curve, when you’re private-venture (owned), then private equity and then in the public markets. Certainly, there’s a bit of a microphone in the public markets. Through the analysts and the investment community, all the things you’re doing really kind of gets amplified in the public market. I think that’s good for business. I think it’s good for customers to see a certain amount of stability in a company and visibility. The transparency to customers, I think, is also healthy. Like everything, there’s pros and cons to every one of these stages Those are some of the pros.

What’s one particular cybersecurity threat that kind of keeps you up at night?

I would say that we’re always looking to make sure that our products are secure. You have to keep the company secure to make sure that the products are secure. Product security is a major focus.