McAfee Shareholder Meeting: Grand Visions, Few Specifics

|
 |  Includes: MFE, SYMC
by: Matthew Rafat

McAfee's (MFE) shareholder meeting (Jluy 28, 2008) was a low key event. It appeared less than five non-employees attended. The food consisted of some cookies, what looked like a brownie, and sparking juice (berry flavor).
David Dewalt, McAfee's CEO, did the non-formal part of the presentation. No video presentation was involved--just Mr. DeWalt speaking at the podium for about six or seven minutes. See here for more on Mr. DeWalt.
McAfee is a security technology company that secures systems and networks. They are famous for their anti-virus software. The highlights of Mr. DeWalt's speech are as follows:

  1. McAfee has 125 million downloads/sales.
  2. McAfee has 4,500+ employees worldwide.
  3. They have 1.2 billion in cash and no debt.

After these points, much of Mr. DeWalt's speech was difficult to understand because it was very general. I have been to many technology shareholder meetings, and it seemed as if this speech/presentation was designed to motivate employees and the Board rather than explain anything in detail. Mr. DeWalt talked about inter-locking security, securing the premises and new frontiers, and other terms relevant to McAfee's security focus.
I did catch one point about a partnership with VMWare, Inc (NYSE:VMW). Mr. DeWalt mentioned McAfee being more involved in virtual machines, not just physical machines. (For more information, you can search Wikipedia for "virtual machine.") And just like that, the presentation was done.
Another shareholder, an Apple (NASDAQ:AAPL) user, asked how Apple's continued popularity will affect McAfee. Apple users are known for boasting about their OS's superior safety; however, some engineers have said there is no salient difference in security. Their opinion is Apple enjoys an advantage against hacking because of its popularity (I have never met a programmer who likes Microsoft (NASDAQ:MSFT)) and lower user adoption of the Tiger OS. In other words, Microsoft dominates the field, so it has more hackers gunning for it, and if Apple ever became too large, its security system would also be exposed. Mr. DeWalt said the company was researching Apple's Tiger system and would be prepared to handle any security needs. McAfee's "Avert Labs" is their research arm. Here is their blog.
I asked a few questions. I first asked how McAfee is different from Symantec (NASDAQ:SYMC) and whether there was a "wide moat" (a barrier to being overtaken by competitors). Both McAfee and SYMC are known for their anti-virus software, but I've never been able to tell the difference between the two companies. Mr. DeWalt tried to answer my question, but was very general. I asked for more details, and he talked about McAfee's superior work in several areas, such as its Software-to-Services model ("SAS," pronounced "sass"). He said that McAfee had taken market share from SYMC over the past two years. He implied McAfee's encryption was better than SYMC's. He also referred to the involvement with virtual applications, not just physical applications. He ended by saying McAfee was also better in risk and compliance issues, such as understanding regulations and how to comply with new and existing laws. His speech had earlier cited HIPAA, SOX (Sarbanes-Oxley), and even Basel II.
Hence, my second question. I asked how McAfee was involved in the Basel II Accord. I asked this question because it made no sense for an online security company to refer to a system designed to improve and harmonize international financial dealings. Basel II is a very complex idea. Put simply, it is designed to create some consistency and trust in international banking regulations so one country does not create worldwide problems by poorly regulating their banks. The advanced, first world countries most likely envisioned Basel II as a way to decrease risk when dealing with less-regulated or emerging markets. Hilariously, America's Fannie Mae (FNM) and Freddie Mac (FRE), while not banks per se, just proved the need for a stronger Basel II Accord, or perhaps an entirely new Basel III.
Mr. DeWalt said that he was working with the U.K. and each country had different regulatory bodies. He focused on data security and data loss. Presumably, Basel II has some requirements for how to store customer data so a James-Bond-type can't download someone's bank account in Switzerland through a laptop.
Mr. DeWalt is an amiable man, but my overall feeling is that he wants to be a visionary and uses grand ideas to establish a vision a la John Kennedy's style. That's great if you want to be president of a nation--but for running a tech company, especially one based on credibility, one must be careful to use words in context and to have specific examples if necessary as support for the grand ideas. Mr. DeWalt didn't really explain whom he was working with in Europe to implement Basel II. The EU is implementing Basel II now, but most countries will be implementing Basel II by 2015. Mr. DeWalt's glib response might have been due to a lack of time or his general style, which is geared more towards enthusiasm than specifics. I came away thinking McAfee has grand visions but needs to work on being more specific in its business and expansion plans.
My last question had to do with a line in the "Risk Factors" section of the 10-K. California is auditing McAfee's 2004-2005 income tax returns. No specifics were listed in the 10-K. I asked about the audit, and the CFO indicated the audit involved apportioning income between states. Most states are experiencing budget shortfalls and are going after any source of untapped revenue. A company like McAfee that sells a lot of their products online to an anonymous end user may have a difficult time determining in which state it or its customers should pay taxes, thereby allowing an argument that it is underpaying certain taxes. For example, if someone downloads a program in Kentucky but uses it in California, which state should get the tax? It's also possible McAfee wasn't collecting any taxes at all during 2004-2005, but I am speculating. The CFO indicated there had been no claim and no settlement discussions with the State of California.
The CEO came up to me after the meeting and shook my hand. I handed him my business card, which lists me as a lawyer. His face sort of froze a bit. No one in business likes lawyers. I need to get a new card for shareholder meetings. Still, Mr. DeWalt, while amiable, needs to be more specific about future plans and how exactly he will take McAfee into the future. Having 1.2 billion dollars and no debt is impressive. Perhaps the numbers already speak for themselves or will speak for themselves. McAfee releases earnings on July 31, 2008.
After the meeting, I thought about McAfee's wide moat. I didn't really see one at first. McAfee has competition from not only SYMC, but AVG, which offers a free security application. I use a paid security service for my work computer, but AVG for a home computer. And that's when it hit me. McAfee did have some protection against becoming obsolete, because no business will entrust their enterprise or business software protection to a company that gives away its product.

Consumers are one small part of the pie when it comes to online security, and McAfee and SYMC probably duke it out for the corporate accounts the way Pepsi and Coke fight for market share. But unlike Coke and Pepsi, when times are tough, people won't cut back on online security. It's the last place any business will skimp on--after all, a business will lose days, maybe even weeks, if hackers access its intranet or files. The new essential product is online security, and a recession won't necessarily affect companies like Secure (SCUR), MFE, and SYMC. But the proof is in the pudding, and we will see on July 31, 2008 whether McAfee's numbers satisfy Wall Street.