Security News

10 Things You Need To Know About The Carbonite-Webroot Deal

Michael Novinson

Here's a look at 10 of the biggest reasons Carbonite and Webroot came together in a $618.5 million deal to form an SMB superpower focused on securing and recovering data on the endpoint.

Share this

Emphasizing The Endpoint 

Carbonite and Webroot will create a new approach to addressing one of today's most vulnerable security challenges – the endpoint – through a combination of protection and recovery, Mohamad Ali, Carbonite's president and CEO, said during a call with investors after the deal was announced Thursday.

Both companies target the same end customer with simple yet powerful offerings, Ali said, with Webroot bringing a growing MSP channel and Carbonite bringing its own VAR channel to the table. The combined company can target an even larger addressable market, Ali said, with the combination of data protection and endpoint security producing a better and differentiated outcome for customers.

"This acquisition makes a lot of strategic and financial sense," Ali said. "I am very excited about this transaction, and am thrilled to get to work executing on making this transaction an overwhelming success."

From Webroot's position in the endpoint detection and response (EDR) market to joint cross-sell and integration opportunities, here's a look at the 10 most interesting components of the $618.5 million Carbonite-Webroot deal.

10. Carbonite Has Been Following Webroot From Afar

Carbonite was first introduced to Webroot several years ago, Ali said, and has been following their success from afar. Ali said Carbonite has been most impressed by Webroot's people, product, go-to-market resources, and alignment of vision and values between the two companies.

It has become increasingly evident that endpoints are a top vulnerability since they contain critical business data and are constantly moving in and out of the network, Ali said. Endpoints must be protected from viruses, malware, and ransomware, Ali said, but if something does get through, organizations must be able to recover as quickly as possible and ideally in an automated fashion.

Now is the appropriate time for Carbonite to add endpoint security to its suite of offerings, and Ali said Webroot is the perfect partner to extend Carbonite's long-established vision.

9. The Deal Creates The Industry's First Comprehensive Ransomware Solution For SMBs 

When customers experience data loss, Ali said they want to recover quickly regardless of cost. And the combination of Carbonite and Webroot creates the first and only company with a comprehensive ransomware solution for SMBs that both secures and recovers, Ali said.

Carbonite intends to innovate around Webroot with the same disciplined focus and thought as the company has exhibited during previous transactions, Ali said. Specifically, Ali said the upgrade cycle from legacy anti-virus software creates the potential for accelerated growth.

Carbonite and Webroot share a consistent go-to-market focus and strategy, Ali said, with both companies targeting the same segment of the market with very similar buyers for each of their offerings. This creates an opportunity for increased scale and market penetration, according to Ali.

8. Webroot Was The First Endpoint Security Player To Market With AI, Threat Intelligence

Webroot has been using cloud-based threat intelligence and artificial intelligence to identify unknown threats dating all the way back to 2011, Ali said, or one year before CrowdStrike was founded. The company was using predictive tools to identify unknown threats before any of the other top 10 endpoint security companies, Ali said, but largely flew under the radar due to the laser-like focus on SMBs.

"From a technology point of view, I believe they're comparable to some of the best and most modern endpoint security companies out there," Ali said.

Most endpoint detection and response (EDR) products generate a lot of alerts for the partner or customer to watch, but Ali said Webroot has automated the response to these alerts. Following the acquisition by Carbonite, Ali said one of the automated responses could be to recover the endpoints by replacing the infected files with previous versions of the files that weren't infected.

7. Carbonite And Webroot Are Both Growing At Double-Digits 

Both Carbonite and Webroot enjoyed impressive growth during their respective 2018 fiscal years, Ali said, with Carbonite delivering total non-GAAP revenue growth of 23 percent and Webroot achieving total non-GAAP revenue growth of 14 percent. The companies both enjoy operating margins right about 20 percent, according to Ali.

When it comes to endpoint security, Ali said little distinction exists between what consumers need and what small businesses need since both are often using the exact same devices and are at risk of the same errors from malware to software errors to hardware failures. Webroot supports business customers with between one and 1,000 endpoints, according to Ali.

The combined company will be able to secure and recover, Ali said, creating growth and profitability across the entire spectrum of customers they serve.

6. The Deal Will Generate $20M In Cost Synergies

Carbonite has identified more than $20 million of cost synergies over the next three years associated with the Webroot deals, Ali said. Those synergies are focused on corporate-level redundancies related to software, office space, system consolidation, and general and administrative costs, according to Ali. Synergies in the first year will be fairly nominal, according to Ali.

There is also the potential for $50 million of revenue synergies over the next five years as the company sells Carbonite's offerings through Webroot's MSP channel, as well as Webroot's offerings through Carbonite's VAR channel, according to Ali. The company also hopes to create combined secure and recover offerings, Ali said.

The transaction is expected to be immediately accretive to both earnings and cash flow, according to Ali. Both Carbonite and Webroot have very similar profitability profiles as far as EBITDA and cash flow are concerned, Ali said.

5. Little Customer Overlap Is Believed To Exist

Webroot protects more than 300,000 businesses, Ali said, while Carbonite supports 100,000 businesses of its own. Although both companies work almost entirely in the SMB space, Ali said Carbonite and Webroot likely serve different sets of business customers since Webroot's business customers buy through an MSP while Carbonite's business customers buy through VARs.

Given how similar the end customers for both companies are, Ali anticipates that Webroot should be able to sell its product through Carbonite's VAR channel, and Carbonite should be able to sell its product through Webroot's MSP channel. Webroot's business is entirely subscription-based, Ali said.

The VAR and MSP channels operate somewhat differently, Ali said, with VARs buying in a way that looks more like legacy direct channels while MSPs engage more like an end customer, even though they're aggregating services and billing thousands of customers each month. Although transacting through VARs and MSPs looks different, Ali said they won't end up in a different place from a margin standpoint.

4. More Than 80% Of Webroot's Business Is Endpoint Security

Although Webroot does more than 80 percent of its total business in endpoint security, Ali said the company's OEM networking business really gives the Webroot a significant advantage by providing an incredible amount of threat intelligence to feed the company's database. This in turn allows Webroot to have a far superior endpoint security product, Ali said.

Carbonite has been more focused on the synergies around Webroot's direct consumers and businesses behind the MSPs, but said the company's OEM and retail relationships also present a tremendous opportunity. Webroot's OEM business is very special, Ali said, with some 80 partners licensing and connecting to the company's threat intelligence database.

Using that information, Ali said the router is then able to flag questionable URLs. And Webroot's connection to millions and millions of endpoints creates a virtuous feedback loop, Ali said, which in turn makes the company's threat intelligence database stronger.

3. Webroot Is Uniquely Valuable To Carbonite

Ali views Webroot as a premium asset with premium technology since their business is 100 percent cloud-based as well as 100 percent oriented around recurring revenue and Software as a Service. But while Webroot fits Carbonite extremely well, Ali said it would have been tough for other buyers since Webroot has both a consumer side and business segment.

Carbonite too operates consumer and business divisions, Ali said, meaning that they are able to get synergies from both sides of Webroot's business. But a vendor with just a business segment can only get synergies on half of Webroot's business, Ali said, reducing the economic benefits of the deal. The agreement to purchase Webroot was the result of a competitive process, according to Ali.

"We think that this unique situation where Webroot looks so similar to us is an unusual case that allows us to get great value because of this particular fit," Ali said. "This is a great asset."

2. Unlike Other EDR Players, Webroot Doesn't Overwhelm Customers With Alerts 

Other endpoint security companies utilizing machine learning and artificial intelligence like Carbon Black, Cylance, and CrowdStrike focus on the enterprise, Ali said. As a result, Ali said they generate a massive quantity of alerts that would overwhelm most small businesses.

Small businesses need a predictive endpoint security product that is also able to handle all of these alerts in an automated fashion, Ali said. Webroot's success in this area has resulted in their business segment growing by 30 percent over the past year, according to Ali.

Webroot excels at catching viruses, but if ransomware or a phishing attack successfully gets into an organization's system due to human error, Ali said the best and only way to recover is through a product like Carbonite's. Webroot makes it possible for companies to take advantage of automated endpoint detection response (EDR) capabilities without having a Security Operations Center (SOC) in place.

1. The Technologies Will Eventually Be Combined Into A Single Product

In the beginning, Ali said Carbonite and Webroot will be focused on cross-selling the other company's products. But over time, Ali said there's a tremendous opportunity to combine the Carbonite and Webroot capabilities into a single product that both secures the endpoint and automatically recovers it by going back to an older version of the environment or affected file.

"Nobody does this today," Ali said. "We have the opportunity to create a whole new way of securing and recovering."

Carbonite and Webroot will start with joint marketing bundles, and then work their way up to real integrated solutions with the two products, according to Anthony Folger, CFO and treasurer. This presents an opportunity for both the existing install base, Folger said, as well as for bringing net new customers into the business.


Sponsored Post