I know they can't help themselves, but I'm always amazed at the nonsense many mainstream media types spew when covering tech. Especially grievous are the financial press pundits who think they either know everything or have the inside scoop to everyone who knows everything about tech. Just about every time they venture into the tech arena, they prove once again that they really don't know much and are just parroting what they may have heard from someone. Worst of all, it scares me to think about what is also not true when they write about subjects that are not tech-related.
My latest case in point is an article that popped on my radar last week from the Hearald-News, part of the Chicago Sun-Times. It must have come from a Google Alert I have for Sourcefire. It seems a columnist at the paper, Malcom Berko, answers readers' questions on what stocks to buy. Someone had written asking about buying Sourcefire stock because of a rumored IBM buyout.
Now, I am sure Mr. Berko is a true stock expert and probably has made a lot more money than I ever will buying and selling stocks. But I don't know how much Mr. Berko knows about tech and about information security in particular. He starts off by telling the person asking the question, "First, sell your Microsoft. Its new Windows 8 is an abomination." He doesn't give us any reason why it is abomination, but just declares that it is. I guess the 40 million people who bought it since it came out were snookered? Is this advice based on Mr. Berko's own considerable technology background? Maybe Mr. Berko put Windows 8 through a comprehensive battery of tests that have led him to this conclusion. No, it's more likely Mr. Berko's nephew, who is a computer science student, told him so. I don't know, but off the bat Mr. Berko has me questioning the foundation for his beliefs.
But it gets better. Our resident stock picker then tells us he "spoke to sources at Merrill Lynch, Citigroup and Oppenheimer, members in good standing with the New York Financial Mafia who also cover Sourcefire. Nothing!" This is in regard to the IBM rumors. Growing up in New York, one thing I learned about the mafia is that those who talk don't know and those who know don't talk. This probably is true in this case. But, again, up to this point, nothing's really false or wrong here; it's all just opinion. But here is where Mr. Berko shows us he may not be the expert he claims to be:
"FIRE uses an RNA (Real-time Network Awareness) platform, developed by its founder Martin Roesch, called Snort because it sniffs out potential security breaches."
Yes, Marty Roesch developed Snort, the IDS. RNA is something altogether different, though, and in fact is called FIRESIGHT now. But why let facts stand in the way when giving people financial advice? Mr. Berko then tells us what he really thinks about Sourcefire:
FIRE has around 541 employees, some 386 of whom are probably scrunched- hunched in cubicles, drinking coffee, gulping down Monster beverages and snacking on Snickers and gluten-free grain chips while writing code.
However, considering the company’s erratic earnings history and volatile net profit margins, I’m convinced that this outfit is poorly managed. FIRE’s dinky net profit margins of 3.7 percent and weak operating margins of 6.2 percent are well below its peers. And its meager 2.7 percent return on assets is terribly disappointing.
Sourcefire has zero debt and I can’t help but wonder how much worse those numbers would be if management had to concern itself with managing semi-annual bond interest payments. FIRE’s intelligent cyber security technology is good. Frankly it’s pretty darn good. But there’s lots more to running a company than producing a great product. And that "lots more" is managing other necessary tasks such as marketing, product costs, sales, expenses, human resources, banking, R&D, accounting, facilities management, customer relations, etc.
FIRE’s wool-gathering management needs an industrial strength enema and its board of directors must hire professional management, not geeks, nerds and wonks, to run the company.
How does that 386 people sitting scrunched-hunched in cubes sucking monster beverages and writing code sit with you? Sounds like your typical geek stereotype, doesn't it? Has this fellow taken a page out of Mitt Romney's "how to make friends and get their votes" playbook?
Fact is most of those people are probably doing security research. Fact is Sourcefire provides an awful lot of infosec products and services to the federal government and the U.S. Department of Defense, in particular. To butcher a line from Jack NIcholson in a "Few Good Men," Mr. Berko sleeps under the blanket of security that those 386 people scrunched-hunched up provide.
I should state that I own no shares of Sourcefire, have no financial interest in the company whatsoever. Other than knowing Marty Roesch, Jennifer Leggio and a few other folks there, I have no connection at all. But I do know that Sourcefire does a great job in the information security space. Reading mainstream media folks and stock touters pretending to have insight into the technology of companies like Sourcefire usually makes me laugh, until I realize that people are winning and losing real money based on misinformation like this.
Now, I will tell you there are exceptions to this. For instance, Forbes usually has some great experts writing about tech and I read them alot. But they don't also give stock advice.
So to those like Mr. Berko, sometimes it is OK to say you are not an expert on a given subject, not what your "NY Financial Mafia" friends say. Feel free to reach out to real geeks who cover what some of these companies do. I promise not to give our stock advice, if you promise not to tell people about RNA being called Snort or other fairytales.
As co-founder and Managing Partner at The CISO Group, Alan Shimel is responsible for driving the vision and mission of the company. The CISO Group offers security consulting and PCI compliance management for the payment card industry. Prior to The CISO Group, Alan was the Chief Strategy Officer at StillSecure. Shimel was the public persona of StillSecure as it grew from start up to helping defend some of the largest and most sensitive networks in the world.
Shimel is an often-cited personality in the technology community and is a sought-after speaker at industry and government conferences and events. His commentary about the state of security, open source and life is followed closely by many industry insiders via his blog and podcast, "Ashimmy, After All These Years" (www.ashimmy.com). Alan is now also a regular contributor to The CISO Group’s security.exe blog and podcast.
Alan has helped build several successful technology companies by combining a strong business background with a deep knowledge of technology. His legal background, long experience in the field, and New York street smarts combine to form a unique personality.
Disclosure: The CISO Group sells a software-as-a-service PCI compliance application called SAQPro. The company is independent and does not represent any other vendor's products as a reseller.
Policy on comments: Respectful discussion is welcomed! However comments that use inappropriate language, consist of name calling or personal attacks, or include accusations of wrongdoing are not appropriate. Those comments will be deleted or edited.